Feature #15756

Make is easier to exchange encrypted files between Tails users

Added by feinstein 2018-07-29 12:29:44 . Updated 2018-10-09 01:33:27 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2018-07-29
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

You have no easy way to create a LUKS Container other than the cmdline/cryptsetup way nether seems there to be a plan to support the creation of vc-containers within tails according to your support channel

Furthermore is creating encrypted 7z within the boundaries of Nautilus and it’s contextual menu not existent (anymore?) or the Option after Clicking on ‘compress’ and selecting ‘.7z’ went missing somewhere along the lines

Granted it possible to do it afterwards within ‘Archive Manager’ and its sandwich menu ‘Password…’ but this isn’t exactily intuitive, right?

And if you manage to get behind the workaround of creating an encrypted .7z Archive you will by default be left with nothing but an error message like:

There was an error while extracting “whatever.7z”.
‘whatever.7z’: empty archive

This means Novice Users are left with nothing as intuitive as PGP to interchange files in an encrypted manner and although its integration within Nautilus/Gnome is pretty neatly solved, it never was and never will be an intuitive solution of interchanging files encrypted between users.

Therefore it seems that there are higher priorities than a Veracrypt Mounter that does nothing but mount Containers that users are supposed to create ‘somewhere sometime’ when we focus on the Encryption Part of Tails OS

Subtasks

Related issues

Related to Tails - Bug #13580: Archive manager cannot extract password protected 7z files Duplicate 2017-08-04

History

#1 Updated by goupille 2018-08-14 15:16:45

  • Status changed from New to Rejected

I’m closing this ticket because :

It is possible (and documented) to create an encrypted volume with Gnome Disks :

https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/

the 7zip archives can’t indeed be password protected from nautilus, that is not specific to Tails (https://ask.fedoraproject.org/en/question/107224/unable-to-compress-file-with-password-7z-encryption/ for example), but you can do it with Applications>Utilities>Archive Manager.

we are working hard on Veracrypt lately, hopefully you’ll the result of that work soon.

#2 Updated by intrigeri 2018-08-14 16:13:36

I’d like sajolida to take a second look because this seems to be a potentially relevant use case for which we have no good solution ATM (GNOME Disks won’t let you encrypt files).

#3 Updated by sajolida 2018-08-16 20:08:42

  • Subject changed from Easy way to interchange encrypted Files pretty much non-existent to Make is easier to exchange encrypted files between Tails users
  • Status changed from Rejected to New
  • Assignee set to feinstein
  • QA Check set to Info Needed

First of all, I recommend you be careful with how you phrase your tickets because criticizing how we choose our priorities without understanding them and talking bad about our work, like you did in your last paragraph, doesn’t put us in the most positive and constructive mood to answer your concerns. Anyway…

I understand that your concern is about exchanging encrypted files between different users. You’re referring to password unlock so symmetric encryption and thus assuming that users have another secure channel to exchange this password.

If these users can be online at the same time, that’s the use case of Onion Share.

If not, then we’re down to users who need asynchronous communications…

The OpenPGP encryption of seahorse-nautilus (right-click → Encrypt…) allows you to specify a password and then hides the complexity of OpenPGP from you. It allows to encrypt single files or group files in an encrypted archive. If you think that it’s UX is not the greatest, I’d be happy to see more detailed suggestions on how to improve it and the upstream developer is contributing to Tails so that might be easy.

I agree that the using Archive Manager to create a password-protected Zip file for example is quite awkward in GNOME. It might be worth investigating a bit more why GNOME doesn’t offer a password field when creating an archive from the right-click menu. Do you want to do that?

Note that changing stuff in GNOME is harder and more uncertain that changing stuff in seahorse-nautilus, though for both we would have to find a volunteer to write the code. Maybe you?

Reassigning to you to see if you’re interested in helping us improve seahorse-nautilus or Archive Manager in a constructive way. Otherwise I’ll reject this ticket again and wait until we get more actionable reports on how to improve both of these applications.

#4 Updated by Anonymous 2018-08-19 07:06:39

  • related to Bug #13580: Archive manager cannot extract password protected 7z files added

#5 Updated by Anonymous 2018-08-19 07:08:29

LUKS encrypted devices can be created with GNOMEDisks.
Creating VC containers will be possible in Tails 3.9?

#6 Updated by intrigeri 2018-08-19 07:58:27

> Creating VC containers will be possible in Tails 3.9?

No, it’s not been implemented yet. Feature #15227 won’t fit in our allocated time for SponsorW. segfault would like to implement it anyhow but I don’t know when.

#7 Updated by goupille 2018-10-06 10:08:29

  • Status changed from New to Confirmed

ok, I’m switching this ticket status to confirmed

#8 Updated by sajolida 2018-10-09 01:33:27

  • Status changed from Confirmed to Rejected
  • Assignee deleted (feinstein)
  • QA Check deleted (Info Needed)

Setting back to new. In my last comment (Feature #15756#note-3) I proposed that either feinstein steps up to improve seahorse-nautilus or Archive Manager or we reject this ticket. Since then feinstein hasn’t followed up and nobody commented to this proposal of mine. Two months later, it seems reasonable to reject.