CipherShed Forum

Here's a spreadsheet of possible names that were thrown around in the CipherShed mailing list.

https://docs.google.com/spreadsheets/d/1diKivUi4LI10z2uLaY0USyEkXpEkPbMobKAFOaGaZGA/edit#gid=597201909

If someone lives in a repressive area, a name which does NOT have cipher or crypt in it would be desirable. Why are you going for highly descriptive cliches?
First off, a user has to visit the URL to get the program. Second, updates will ping a package name that can cause concern too.
I tried to mentioned this before, but it was brushed off.

If people are in an area that repressive, then all they have to do is obtain it through tor or something and compile it and never have the issue of something wanting to auto-update and broadcasting the existence of the package. TrueCrypt's purpose isn't only to help those in a repressive environment, it's for everybody. We shouldn't have to change the name to something that appears innocent that'll confuse most casual users just because some people aren't going to decide to get it through safe mediums. Even if we were to use some innocent looking and confusing name, repressive governments or isps would just put that name in their list of trigger-products once they find out what it is.

If we pick "PotatoBubble" as a name and become a big software project with that, then PotatoBubble.org will be on those government's blacklists.
Also, CipherShed will _not_ have an auto update feature. No pinging will ever take place.

So pages and pages of debate about RIPA and MHV deniability are OK, but a slightly less descriptive name is silly? What if an imperfect human being, with a limited knowledge of the software universe, is bothering your computer, ie in a transit zone? You are assuming several different things about the threat model when you say "if we name it X; X will get scrutiny"... If you all love the name CipherShed already, then I guess you won't listen to logic no matter what.

Just follow this logic and tell me it makes sense:
Let's make privacy software.
What should we name it?
How about a name that verifies, beyond any doubt, that it is privacy software!?
Does that serve the concept of privacy (highlighting those individuals that use special tools)?

I'm not assuming anything. I'm not assuming that users will take safe measures to prevent airport clerks from seeing the names of the installed software. I am simply saying that if a user uses the program right (whole disk encryption, plausable deniability, bootloader on separate device) then a scenario like a clerk getting a glimpse of the names of the software installed is impossible.

I also never said a user absolutely had to use tor specifically to obtain truecrypt, so don't start attacking tor because you read some article featuring a guy from microsft that points out problems that can be prevented by proper use of tor.

There are mutiple articles highlighting problems about Tor. I don't base opinions on one article. Your phrase "attacking tor" is a little over the top.

GigabyteProductions wrote: if a user uses the program right (whole disk encryption, plausable deniability, bootloader on separate device) then a scenario like a clerk getting a glimpse of the names of the software installed is impossible.

So everyone using containers is "Using it wrong"...
So the RIPA and rubber hose people will get your whole HD, not just a few files, right?

Guys, I hope you will keep and open mind and not get snobby about this work. Average users are remakably good at indicating what they need. If it's not feasible or interesting, fine, just say, "Thank you for your input. We'll consider it." If on the other hand, these kinds of projects disdain user input from non 'C++ gods', so be it. See my post on Closing the Process.

Resonance wrote: Why are you going for highly descriptive cliches?.

Not quite just me; this is a collation of suggested names given by various people in the CipherShed mailing list. Most are highly descriptive because one of the main aims was to choose a name that most users would find relateable to encryption and security. If a user does live in a repressive area it won't matter what the software is called; if it's popular enough, the MiB of that place will know about it, regardless of name.

At the moment it seems CipherShed is staying as it is.

My humble suggestion:

Scytale

http://en.wikipedia.org/wiki/Scytale