Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat+docu(EncFS): Deprecation warning in the GUI and details in whitepaper #1735

Closed
Tracked by #1734
buhtz opened this issue May 28, 2024 · 8 comments · Fixed by #1771
Closed
Tracked by #1734

feat+docu(EncFS): Deprecation warning in the GUI and details in whitepaper #1735

buhtz opened this issue May 28, 2024 · 8 comments · Fixed by #1771
Assignees
@buhtz
Labels
Cosmetics appearance, icons, themes Discussion decision or consensus needed Documentation EncFS using the EncFS file system High
Milestone
Release (1.5.0)

Comments

@buhtz
Copy link
Member

buhtz commented May 28, 2024
edited
Loading

Related to meta issue #1734

Details and wording need to be discussed and developed.

  • Create a "document" for users explaining easy the issue, the roadmap and how they can contribute and join the discussion.
  • Where to put the document? Markdown in the repo as an entry point (landing page)?
  • Warnings in the GUI (short and polite; linking to the whitepaper)
    • MessageBox: When an "SSH encrypted" or "local encrypted" profile is loaded in the GUI.
    • QLabel (red letters) in the Manage profiles dialog for existing "SSH encrypted" or "local encrypted".
    • MessageBox when creating a new "SSH encrypted" or "local encrypted" profile.
  • Modify man page section "A NOTE ON SECURITY" according to the new situation.
@buhtz buhtz added Discussion decision or consensus needed Cosmetics appearance, icons, themes EncFS using the EncFS file system Documentation labels May 28, 2024
@buhtz buhtz added this to the Upcoming release (1.5.0) milestone May 28, 2024
@buhtz buhtz self-assigned this May 28, 2024
@buhtz buhtz mentioned this issue May 28, 2024
Open
7 tasks
@buhtz
Copy link
Member Author

buhtz commented Jun 3, 2024
edited
Loading

Here is a first draft as plain text and as screenshots:

MessageBox if GUI starts and one of the profiles is encrypted

The support for encrypted snapshot profiles is undergoing significant changes, and EncFS will be removed in the foreseeable future.

The following profile(s) use encryption with EncFS:

  • Main profile (1)
  • Foobar (8)
  • ...

A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. Users are invited to join this discussion. Updated details on the next steps and alternatives are available in this [whitepaper].
This message will not be shown again. This dialog is available at any time via the help menu.
Your Back In Time Team
bit_msgbx_encfs_exists_warning

QLabel in General TAB of Manage Profiles dialog

Support for EncFS will be discontinued in the foreseeable future. A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. More details are available in this [whitepaper].
bit_encfs_label

MessageBox when new encrypted profile is created or the mode of an existing one is changed to encryption

Support for EncFS will be discontinued in the foreseeable future. It is not recommended use that mode for a profile. A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. More details are available in this [whitepaper].
bit_msgbx_encfs_create_warning

bit_encfs_warnings

@buhtz buhtz added Low relevant, but not urgent High and removed Low relevant, but not urgent labels Jun 4, 2024
@buhtz buhtz mentioned this issue Jun 28, 2024
Merged
@aryoda
Copy link
Contributor

aryoda commented Jun 28, 2024

All of the three warnings are adequate IMHO.

I just propose some small wording changes due to "typos":

A decision on a replacement for or continued support of encrypted backups is still pending

Perhaps also the mode names could be improved to make it clear enough when EncFS is used:

  • Local encrypted --> Local (EncFS encrypted)
  • SSH encrypted --> SSH (EncFS encrypted)

Esp. "SSH encrypted" is misleading IMHO because SSH is (transport) encrypted but what we mean here is "at rest" encryption.

@buhtz
Copy link
Member Author

buhtz commented Jun 29, 2024

Thanks for the feedback.

I just propose some small wording changes due to "typos":

A decision on a replacement for or continued support of encrypted backups is still pending

Not sure about this. I would keep it as it is because the "support of encrypted backups" is a consequence of a "EncFS replacement". Or don't I get it? 😄

Perhaps also the mode names could be improved to make it clear enough when EncFS is used:

* Local encrypted --> Local (EncFS encrypted)

* SSH encrypted --> SSH (EncFS encrypted)

I support that idea. But I would work on that in a separate PR after the upcoming release. The code around that is quit awkward and I am not sure if there might be side effects with modifying that labels currently living in a dictionary (common/config.py::Config.SNAPSHOT_MODELS).

@aryoda
Copy link
Contributor

aryoda commented Jun 29, 2024

Not sure about this. I would keep it as it is because the "support of encrypted backups" is a consequence of a "EncFS replacement". Or don't I get it? 😄

I see 😄 I was just confused what the sentence shall mean but now I understand it. No need to change anything here I'd say.

Perhaps also the mode names could be improved to make it clear enough when EncFS is used:
I support that idea. But I would work on that in a separate PR after the upcoming release.

Yes, this is the most fail-safe approach (no need to change year-old labels ASAP).

PS: Just found a forgotten word in another sentence:

It is not recommended to use that mode for a profile (furthermore)

@DerekVeit
Copy link
Contributor

These notices, with the slight edits, look very good to me. I'm not using the feature, but I very much like the considerate approach for how to handle it.

I wonder if maybe a link directly to #1734 in the notice would be worthwhile.

@buhtz
Copy link
Member Author

buhtz commented Jul 1, 2024
edited
Loading

I wonder if maybe a link directly to #1734 in the notice would be worthwhile.

I wouldn't pollute the messages with to much links and references. We do link the whitepaper. That document is good starting point to all other relevant documents (Issues, Security Audits, etc). The messages are for users, the issues are for developers.

@DerekVeit
Copy link
Contributor

Now that I look at the whitepaper, I see it covers everything.

@buhtz
Copy link
Member Author

buhtz commented Jul 2, 2024

I will take your comments as Approval, if it is OK.

@buhtz buhtz mentioned this issue Jul 3, 2024
Merged
@buhtz buhtz closed this as completed in 0c3a41e Jul 5, 2024
@buhtz buhtz mentioned this issue Jul 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@buhtz buhtz

Labels
Cosmetics appearance, icons, themes Discussion decision or consensus needed Documentation EncFS using the EncFS file system High
Projects
None yet
Milestone
Release (1.5.0)
Development

Successfully merging a pull request may close this issue.

feat: EncFS deprecation warning about buhtz/backintime
3 participants
@DerekVeit @aryoda @buhtz