{"id":4188,"date":"2014-06-22T22:23:03","date_gmt":"2014-06-22T14:23:03","guid":{"rendered":"https:\/\/www.icocean.com\/blog\/?p=4188"},"modified":"2014-07-19T12:52:45","modified_gmt":"2014-07-19T04:52:45","slug":"truecrypt%e4%bd%9c%e8%80%85%e5%a3%b0%e7%a7%b0%e5%88%9b%e5%bb%ba%e5%88%86%e6%94%af%e6%98%af%e4%b8%8d%e5%8f%af%e8%83%bd%e7%9a%84","status":"publish","type":"post","link":"https:\/\/www.icocean.com\/blog\/?p=4188","title":{"rendered":"TrueCrypt\u4f5c\u8005\u58f0\u79f0\u521b\u5efa\u5206\u652f\u662f\u4e0d\u53ef\u80fd\u7684(\u542b\u4e2d\u6587\u7ffb\u8bd1)"},"content":{"rendered":"

\u7ea6\u7ff0\u970d\u666e\u91d1\u65af\u5927\u5b66\u7684Matthew Green\u6559\u6388\u81f4\u51fd\u4e00\u4f4dTrueCrypt\u5f00\u53d1\u8005\uff0c\u8be2\u95eefork\u7684\u53ef\u884c\u6027\u3002\u8fd9\u4f4dTrueCrypt\u5f00\u53d1\u8005\u7b80\u77ed\u7684\u56de\u7b54<\/a>\uff0c\u521b\u5efa\u5206\u652f\u662f\u4e0d\u53ef\u80fd\u7684<\/a>\u3002\u4ed6\u8bf4\uff0c\u521b\u5efa\u5206\u652f\u4e0d\u662f\u4e00\u4e2a\u597d\u4e3b\u610f\uff0c\u56e0\u4e3aTrueCrypt\u7684\u4ee3\u7801\u9700\u8981\u91cd\u5199\u3002\u4ed6\u4eec\u4e00\u76f4\u60f3\u91cd\u5199\u4ee3\u7801\u3002\u4ed6\u8ba4\u4e3a\uff0c\u4ece\u5934\u5f00\u59cb\u5199\u4e00\u4e2a\u52a0\u5bc6\u8f6f\u4ef6\u6240\u8017\u8d39\u7684\u65f6\u95f4\u5e76\u4e0d\u6bd4\u5b66\u4e60\u548c\u7406\u89e3\u73b0\u6709\u7684TrueCrypt\u4ee3\u7801\u5e93\u957f\u3002\u4ed6\u8868\u793a\u53c2\u8003TrueCrypt\u7684\u6e90\u4ee3\u7801\u4e0d\u4f1a\u6709\u4ec0\u4e48\u95ee\u9898\u3002
\n==================
\n\u4ee5\u4e0b\u662fMatthew\u548c\u8fd9\u4f4d\u5f00\u53d1\u8005\u7684\u7535\u90ae(\u548c\u6211\u7684\u4e2d\u6587\u7ffb\u8bd1),\u82f1\u6587\u6765\u6e90 http:\/\/pastebin.com\/RS0f8gwn
\n====\u5f00\u53d1\u8005\u7684\u56de\u590d====
\n I am sorry, but I think what you’re asking for here is impossible. I don’t feel that forking truecrypt would be a good idea, a complete rewrite was something we wanted to do for a while. I believe that starting from scratch wouldn’t require much more work than actually learning and understanding all of truecrypts current codebase.<\/p>\n

I have no problem with the source code being used as reference.<\/p>\n

\u5f88\u62b1\u6b49\uff0c\u6211\u60f3\u4f60\u6240\u8bf4\u7684fork\u4e00\u4e8b\u76ee\u524d\u662f\u4e0d\u53ef\u80fd\u7684\u3002\u6211\u4e0d\u89c9\u5f97fork truecrypt\u9879\u76ee\u662f\u4e2a\u597d\u4e3b\u610f\uff0c\u4ece\u5934\u91cd\u5199truecrypt\u7684\u4ee3\u7801\u7684\u60f3\u6cd5\u5df2\u5728\u6211\u4eec\u8111\u4e2d\u95ea\u4e86\u4e00\u6bb5\u65f6\u95f4\u4e86\u3002\u6211\u60f3\u4ece\u5934\u91cd\u5199\u6240\u9700\u7684\u5de5\u4f5c\u91cf\u5e76\u4e0d\u4f1a\u6bd4\u5b66\u4e60\u548c\u7406\u89e3\u73b0\u6709truecrypt\u7684\u5168\u90e8\u4ee3\u7801\u8981\u591a\u3002<\/p>\n

\u5982\u679c\u5c06truecrypt\u6e90\u7801\u4f5c\u4e3a\u5f00\u53d1\u53c2\u8003\u7684\u8bdd\uff0c\u6211\u89c9\u5f97\u6ca1\u4ec0\u4e48\u95ee\u9898\u3002<\/p>\n

====Matthew\u7684\u90ae\u4ef6====<\/p>\n

Hi,
\n I hope you\u2019re well. I understand from seeing some previous emails that you were one of the Truecrypt developers, and that you\u2019re no longer interested in continuing work on the project. I understand and can sympathize with that.
\n \u55e8\uff0c\u9996\u5148\u795d\u4f60\u8fc7\u7684\u6109\u5feb\u3002 \u6211\u4ece\u4e4b\u524d\u7684\u4e00\u4e9bemail\u91cc\u4e86\u89e3\u5230\u4f60\u662ftruecrypt\u9879\u76ee\u5176\u4e2d\u7684\u4e00\u4f4d\u5f00\u53d1\u8005\uff0c \u800c\u4e14\u4f60\u4eec\u73b0\u5728\u4e5f\u6ca1\u6709\u5174\u8da3\u518d\u7ee7\u7eed\u8fd9\u4e2a\u9879\u76ee\u7684\u5f00\u53d1\u4e86\u3002\u9274\u4e8etruecrypt\u9879\u76ee\u7684\u73b0\u51b5\uff0c\u6211\u80fd\u7406\u89e3\u5e76\u4e5f\u6709\u540c\u611f\u3002<\/p>\n

For the past several months we\u2019ve been (very slowly) auditing the TC code. Now that you\u2019re no longer maintaining it, there seems to be a great deal of interest in forking it. I think this interest has reached the point where a fork is virtually inevitable. This makes me somewhat worried.
\n \u5728\u8fc7\u53bb\u51e0\u4e2a\u6708\u91cc\uff0c\u6211\u4eec\u5df2\u5f00\u59cb(\u5f88\u6162\u5730)\u68c0\u67e5truecrypt\u7684\u6e90\u7801\u3002\u5982\u4eca\u4f60\u4eec\u4e5f\u4e0d\u518d\u7ef4\u62a4\u5b83\uff0c\u82e5\u80fdfork\u5b83\u5219\u662f\u8ba9\u4eba\u5f88\u611f\u5174\u8da3\u7684\u4e8b\u60c5\u3002\u5b9e\u9645\u4e0a\uff0c\u8fd9\u79cd\u5174\u8da3\u5df2\u7ecf\u4e0a\u5347\u5230\u4e00\u4e2a\u4e0d\u53ef\u907f\u514d\u7684\u4e34\u754c\u70b9\u4e86\uff0c\u8fd9\u6837\u53cd\u5012\u8ba9\u6211\u6709\u4e9b\u62c5\u5fc3\u8d77\u6765\u3002<\/p>\n

We think Truecrypt is an important project \u2014 no proprietary disk encryption system offers cross-platform support and the same feature set. Moreover, Truecrypt is unlikely to \u2018go away\u2019 just because the developers have abandoned the project. In fact, it may become significantly less secure if it goes forward as samizdat or as part of some unauthorized fork.
\n \u6211\u4eec\u8ba4\u4e3aTruecrypt\u662f\u4e00\u4e2a\u5f88\u91cd\u8981\u7684\u9879\u76ee\uff0c\u662f\u4e00\u4e2a\u6ca1\u6709\u4e13\u5229\u6743\u9650\u5236\u3001\u8de8\u5e73\u53f0\u3001\u4e14\u5404\u5e73\u53f0\u4e0a\u529f\u80fd\u7279\u6027\u4e00\u81f4\u7684\u78c1\u76d8\u52a0\u5bc6\u7cfb\u7edf\u9879\u76ee\u3002\u800c\u4e14\uff0ctruecrypt\u5df2\u7ecf\u4e0d\u662f\u4e00\u4e2a\u201c\u4ec5\u4ec5\u56e0\u4e3a\u88ab\u5f00\u53d1\u8005\u653e\u5f03\u201d\u5c31\u80fd\u8bf4\u6d88\u5931\u5c31\u6d88\u5931\u7684\u9879\u76ee\u3002\u5b9e\u9645\u4e0a\uff0c\u5982\u679c\u8fd9\u4e2a\u9879\u76ee\u88ab\u672a\u7ecf\u6388\u6743\u7684\u5c71\u5be8\uff0c\u6216\u8005\u6210\u4e3a\u4e00\u4e2a\u5730\u4e0b\u9879\u76ee\u7684\u8bdd\uff0c\u6709\u53ef\u80fd\u53cd\u800c\u6210\u4e3a\u4e00\u4e2a\u201c\u66f4\u52a0\u4e0d\u5b89\u5168\u7684\u201d\u78c1\u76d8\u52a0\u5bc6\u9879\u76ee\u3002<\/p>\n

We\u2019d like the project to continue, but in a responsible way. That means fully auditing all of the crypto\/container and bootloader code and (likely) replacing much of it with fresh implementations. Even though this will require some substantial re-development it still seems more practical than starting from scratch. The current plan is being led by a group of people who have a great deal of experience with cryptography and the expertise to identify flaws, but would prefer not to engineer from scratch.
\n \u6211\u4eec\u5e0c\u671b\u8fd9\u4e2a\u9879\u76ee\u80fd\u7ee7\u7eed\u4e0b\u53bb\uff0c\u4f46\u8981\u4ee5\u8d1f\u8d23\u4efb\u7684\u65b9\u5f0f\u7ee7\u7eed\u4e0b\u53bb\u3002\u8fd9\u5c31\u610f\u5473\u7740\u9700\u8981\u5ba1\u67e5\u5168\u90e8\u7684crypto\/container\u548cboot loader\u4ee3\u7801\uff0c\u53ef\u80fd\u7684\u8bdd\u8fd8\u9700\u8981\u7528\u4e00\u4e9b\u65b0\u7684\u5b9e\u73b0\u6765\u66ff\u6362\u4e00\u4e9b\u65e7\u4ee3\u7801\u3002\u5c3d\u7ba1\u8fd9\u6837\u4e5f\u9700\u8981\u518d\u5f00\u53d1\uff0c\u4f46\u4ecd\u7136\u6bd4\u4ece\u5934\u91cd\u5199\u8981\u66f4\u73b0\u5b9e\u4e00\u70b9\u3002\u76ee\u524d\u7684\u5f00\u53d1\u8ba1\u5212\u5c0f\u7ec4\u7531\u4e00\u4e9b\u5177\u5907\u4e30\u5bcc\u52a0\u5bc6\u5f00\u53d1\u7ecf\u9a8c\u548c\u7f3a\u9677\u8bc6\u522b\u7ecf\u9a8c\u7684\u4eba\u58eb\u9886\u5bfc\u7740\uff0c\u4f46\u4e5f\u503e\u5411\u4e8e\u4e0d\u8981\u4ece\u96f6\u5f00\u59cb\u3002<\/p>\n

The main concern we have right now is with the license structure and trademarks associated with Truecrypt. Of course some will fork the reject(PS\uff1aMatthew\u662f\u4e0d\u662f\u8f93\u9519\u4e86\uff0c\u5e94\u8be5\u662fproject\u5427\uff1f) regardless of the legal issues, but this doesn\u2019t seem appropriate without clear guidance. What we would like is permission to take at least portions of the current codebase and fork it under a standard open source license (e.g., GPL\/MIT\/BSD). We would also like permission to use the Truecrypt trademark as part of this effort. If that\u2019s not possible, we would accept a clear statement that you would prefer the software not be renamed.
\n \u6211\u4eec\u76ee\u524d\u4e3b\u8981\u5173\u6ce8\u7684\u662f\u4e0etruecrypt\u6709\u5173\u7684\u5546\u6807\u548clicense\u95ee\u9898\u3002\u5f53\u7136\uff0c\u6709\u4eba\u4e5f\u4f1a\u76f4\u63a5fork\u4e00\u4e2a\u9879\u76ee\u800c\u65e0\u89c6\u5408\u6cd5\u6027\u95ee\u9898\uff0c\u4f46\u6ca1\u6709\u4e00\u4e2a\u6e05\u6670\u7684\u6388\u6743\u6e90\uff0c\u5c31\u8fd9\u6837\u505a\u662f\u4e0d\u5927\u5408\u9002\u7684\u3002\u6211\u4eec\u66f4\u5e0c\u671b\u662f\u80fd\u591f\u5728\u6807\u51c6\u7684\u5f00\u6e90license(\u5982GPL\uff0fMIT\uff0fBSD)\u4e0b\u53d6\u5f97\u6388\u6743\uff0c\u81f3\u5c11\u53ef\u4ee5\u53d6\u5f97\u5f53\u524d\u6e90\u7801\u7248\u672c\u7684\u3002\u6211\u4eec\u4e5f\u5e0c\u671b\u80fd\u88ab\u6388\u6743\u7ee7\u7eed\u4f7f\u7528truecrypt\u8fd9\u4e2a\u5546\u6807\u3002\u8981\u662f\u8fd9\u4e5f\u4e0d\u884c\u7684\u8bdd\uff0c\u5982\u679c\u4f60\u4eec\u80fd\u6e05\u695a\u5730\u58f0\u660e\u5e0c\u671b\u8f6f\u4ef6\u4e0d\u8981\u88ab\u6539\u540d\uff0c\u6211\u4eec\u89c9\u5f97\u4e5f\u53ef\u4ee5\u63a5\u53d7\u7684\u3002<\/p>\n

I realize this is a great deal to ask, but I would ask you to consider the alternative. Without expert attention there\u2019s a high likelihood that TC 7.1a or some future insecure fork will occupy the niche that a secure version of TC could occupy. Giving your permission to undertake a responsible process of forking and redevelopment would ensure that your work can go on, and that nobody is at risk from using older software.
\n \u6211\u77e5\u9053\u6211\u7684\u8981\u6c42\u4e5f\u8bb8\u592a\u8fc7\u4e86\uff0c\u4f46\u6211\u8fd8\u662f\u60f3\u8bf7\u4f60\u8003\u8651\u4e00\u4e0b\u53e6\u4e00\u79cd\u60c5\u5f62\u3002\u5982\u679c\u6ca1\u6709\u4e13\u4e1a\u4eba\u58eb\u7684\u5173\u6ce8\uff0c\u5f88\u6709\u53ef\u80fd\u51fa\u73b0\u4e0d\u5b89\u5168\u7684fork\u7248\u672c\u5360\u9886\u4e86\u5b89\u5168\u7248\u672c\u672c\u5e94\u8be5\u6709\u7684\u5e02\u573a\u5730\u4f4d\u3002\u73b0\u5728\u4f60\u6709\u8fd9\u6837\u7684\u673a\u4f1a\u6765\u627f\u62c5\u8d77fork\u548c\u518d\u5f00\u53d1\u8fc7\u7a0b\u7684\u8d23\u4efb\uff0c\u4e00\u65b9\u9762\u4f60\u4eec\u7684\u5de5\u4f5c\u53ef\u4ee5\u5f97\u5230\u5ef6\u7eed\uff0c\u53e6\u4e00\u65b9\u9762\u6ca1\u6709\u4eba\u4f1a\u56e0\u4e3a\u7ee7\u7eed\u7528\u8001\u7248\u672c\u7684truecrypt\u800c\u9762\u4e34\u98ce\u9669\u3002<\/p>\n

I appreciate any consideration you could give this note. Thank you,
\n Matt
\n \u6211\u5c06\u975e\u5e38\u611f\u8c22\u4f60\u4e3a\u6b64\u4f5c\u51fa\u7684\u4efb\u4f55\u8003\u8651\u6216\u56de\u5e94\u3002\u8c22\u8c22\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"

\u7ea6\u7ff0\u970d\u666e\u91d1\u65af\u5927\u5b66\u7684Matthew Green\u6559\u6388\u81f4\u51fd\u4e00\u4f4dTrueCrypt\u5f00\u53d1\u8005\uff0c\u8be2\u95eefork\u7684\u53ef\u884c\u6027\u3002\u8fd9\u4f4dT […]<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3298,3985,3986,3971,1245],"class_list":["post-4188","post","type-post","status-publish","format-standard","hentry","category-4","tag-truecrypt","tag-3985","tag-3986","tag-3971","tag-1245","category-4-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4188"}],"version-history":[{"count":18,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4188\/revisions"}],"predecessor-version":[{"id":4238,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4188\/revisions\/4238"}],"wp:attachment":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}