I suggest to add the key word "const" to the type specifiers for parameters like the following.

• key_string (function "BlowfishSetKey")
• name (function "ReadLocalMachineRegistryString")
• xmlNode (function "XmlNextNode")

Would you like to apply the advices from an article to more places in your source files?

it might be not good to use wordpress for hosting your security software
http://www.cvedetails.com/product/4096/Wordpress-Wordpress.html?vendor_id=2337

Hi!

If CipherShed is built on systems with gcc5.x, e.g. in my case Ubuntu 15.10, containers cannot be opened with the error message "Invalid characters encountered".

The Problem can be solved by building CipherShed with -D_GLIBCXX_USE_CXX11_ABI=0 and statically linking with wxwidgets.

In the makefile:
C_CXX_FLAGS := -MMD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGE_FILES -I$(BASE_DIR) -I$(BASE_DIR)/Crypto -D_GLIBCXX_USE_CXX11_ABI=0
.
.
.
WXCONFIG_CXXFLAGS : = -D_GLIBCXX_USE_CXX11_ABI=0

I ran into a cyclic dependency issue which had to be resolved with a linking group:
export LFLAGS := -Wl,--start-group -lX11 -Wl,--end-group

If it's alright with everyone, I'd like to tag the current code as the unmodified TrueCrypt 7.1a source, per @rockihack's suggestion, before we make any modifications at all to the code itself. Going forward, we'll tag our own releases as they come.

There are binary blobs in source, please remove by default.

On Mac OS X, when I mount a TrueCrypt volume from a file container while logged in as user A, I can then switch to another user B and view the mounted volume's content (e.g. in the Finder, or in a Terminal.app session). I believe this is a bug, as the content of the TrueCrypt volume should remain private to the user who mounted it. I don't know enough about the underlying issues to lay the blame on any one in particular (Mac OS X, TrueCrypt, FUSE?), but what I definitely can say is that I cannot trust my Mac to be left alone while a TrueCrypt volume is still mounted.

This is how my mounted volumes' mount points look like inside a Terminal.app session. As you can see, the TrueCrypt volume PRIVATE is mounted with permissions that make it wide open for any user to snoop around inside.

caradhras:~ --> ls -l /Volumes/
total 72
lrwxr-xr-x   1 root   admin      1 27 Jul 17:52 Macintosh HD -> /
drwxrwxrwx@  1 admin  staff  16384 31 Dez  1979 PRIVATE
drwx------   1 admin  staff  16384  9 Jun 17:06 data

What I would like to see here is that the PRIVATE volume has the same set of permissions as the data volume (which is a Samba network share mounted by Mac OS X). Ideally, the Finder should not display the PRIVATE volume at all, but if it does, the user should not be able to access the volume's content.

I am using TrueCrypt 7.1a on Mac OS X 10.9.4. The issue is not new, though, it already existed in previous versions of TrueCrypt; I don't recall the specific version I used then, but I submitted a problem report on the original TrueCrypt website in September 2009 - without getting any response.

I am aware that CipherShed has not made its initial rebranding release yet, so please forgive me for reporting this already. However, because CipherShed is based on the TrueCrypt 7.1a code base, I am quite confident that the issue will be present in your initial release as well.

Add Windows 8 / Server 2012 / Windows 10 to OSVersionEnum and
update InitOSVersionInfo / IsOSVersionAtLeast accordingly.

Hello,
I'm trying to build CipherShed (and to submit issues in your bug tracker) but it's refusing connections on port 443.

We need to fix all applinks, which are broken at the moment.

Dear dev,
The Jessie contains only wx3.0, that changed the access to a constructor to a ::Get (), resulting on a compilation error:
/usr/include/wx-3.0/wx/unix/stdpaths.h:56:5: error: ‘wxStandardPaths::wxStandardPaths()’ is protected

as far I could saw this error concern Main/Application.cpp

What about this idea, the password for CipherShed protected by OpenPGP Card, then mount a CipherShed disk will like this:

1. Open CipherShed
2. Select CipherShed Disk
3. Plug OpenPGP Card
4. Input OpenPGP Card PIN
5. OpenPGP Card decrypt password
6. The password decrypt CipherShed Disk

About OpenPGP Card: https://en.wikipedia.org/wiki/OpenPGP_card

There are a lot of sub-tasks, so please help flesh this out. We can create sub-issues for each of them. I'm busy with work at the moment but in the morning I can do some of this:

• Someone should sign current master HEAD commit, after verifying original hashes and untared files match.
• Each developer must sign all commits going forward
• Recompile for each platform, and write Build Instructions:
  • Linux - ??? (??? = volunteer(s))
  • Mac - ???
  • Windows - ???
• Verify binaries match 7.1a (other than certificats)
  • This is a critical step which we cannot easily do after rebranding
• Rebranding:
  • 10 images need all new art - ???
  • Professional touch-up of artwork - Bill will send to graphic artist
  • Replace all instances of TrueCrypt w/CipherShed, including case variants
  • Download TrueCrypt Users Guide and rename TrueCrypt to CipherShed
• Manually verify all rebranding changes:
  • ANY code changes (zero?) should be verified by each core developers
  • Create hashes of binaries.
  • Recreate exact binaries by recompiling for each platform
  • Each dev verifying changes are OK should sign the binary hashes
• Prepare download site capable of handling the traffic
• Ship!

https://forum.truecrypt.ch/t/calibre-opens-truecrypt-user-guide-why/473/3

It appears there is an issue with opening the user guide on Linux (at least Mint 13, to be specific). Since it appears the problem exists in TC 7.1a and VC 1.0e, it's most likely also in CS.

Basic rundown from IDRIX is that the issue isn't directly in TC, I think, and to find the issue we'd need to look through the wxWidgets source code.

The other issues in the thread are probably isolated to only VC, but having a look at it couldn't hurt, or at least remember for the future.

I know that the development is mainly focusing on releasing an alpha for Windows. I'm submitting the issue for later so it isn't forgotten.

Just though i should create this bug report to inform you guys of a security issue with the linux version of TrueCrpt and the issue is dicussed here: http://www.linuxquestions.org/questions/linux-security-4/encription-software-for-linux-and-windows-alternative-for-truecrypt-4175511503/#post5221848

Looks like no updates in 20 months now.

Project dead?

Long live VeraCrypt ?

this is with 0d6a45a on Mint 17.

I'm noting that in keeping with the roadmap most of the other Truecrypt related icon have gone, but noticed one lurking on my taskbar-equivalent.

Error establishing a database connection

The 0.7.4.0 release is based on this git commit:
https://github.com/CipherShed/CipherShed/tree/be4dc698ffdc8d4414dbde838c2ddc7143c9dac2

Would be great to have an actual GitHub "release" created to remove any ambiguity:
https://github.com/CipherShed/CipherShed/releases

Warn Windows 8 users if "Hiberboot" is enabled.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\HibernateEnabled && HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power\HiberbootEnabled

Bug report:
https://forum.truecrypt.ch/t/encrypted-partition-does-not-ask-for-password/444

http://www.eightforums.com/tutorials/6320-fast-startup-turn-off-windows-8-a.html

It would be very convenient if you could install CipherShed on Ubuntu using the usual way things are installed, like below. I could also mention that cryptsetup that is used for managing LUKS volumes also allows to handle TrueCrypt volumes. I do not know if CS volumes are compatible or not, just mentioned.

$ sudo apt-get install ciphershed

Like with authenticated encryption such as AES-GCM or with HMAC?

Currently I am storing my sensitive info on Apple's encrypted dmg file, and they don't have integrity checking (I tried flipping some bits in the dmg file, and it mounts just fine). I wonder if it is the same for all encrypted containers.