Crypto Bone ALL-IN-ONE
From version 0.99b the "cryptobone" control program (the GUI) is distributed together with a software-based Crypto Bone, so that users who install the RPM package on their Linux system (cryptobone-1.1.x86_64.rpm) have a Crypto Bone up and running in seconds. There is also a debian install package (cryptobone_1.0_amd64.deb).
Why does the local, ALL-IN-ONE version even exist, if performing all message encryption and decryption inside an isolated, secure environment is one of the benefits of the external Crypto Bone as a separate hardware?
The Hen-And-Egg Problem
Well, not everyone has a Beagle Bone.
And, if you're using the external Crypto Bone, the message you will sent out will reach people who don't have a Beagle Bone or Raspberry Pi 3.
Thus very few people will be able to use this kind of secure communication, yet.
On the other hand, checking the software - and even the core software - for security only pays off, if many users rely on this software day-by-day. Only if the Crypto Bone's user base has become large enough, security experts will take the time to poke inside the software for bugs and security problems.
I've asked a number of people to contribute to the code review, but they all seem to think that unless the user base raises considerably, no-one will look at the source code, even if it is available from day one of the development.
I can understand that code review is a painful and hard job, that requires a lot of detailed, fiddly work, and no little amount of concentration. At the moment, there is clearly not enough incentive to do that.
In order to increase the Crypto Bone's user base, I've developed a software-only version of the Crypto Bone that'll run on a single Linux machine. In developing this version, I tried to simplify the tasks of key handling, and thus I've developed a single GUI program that lets you change from the local Crypto Bone to the external one (and back) with the push of a button.
As it is now much easier to use the Crypto Bone, I hope people who use it now, will eventually be interested in making sure that the software base is secure.
And so, code review will finally happen, I hope!
Crypto Bone Software Download
At the moment, I've created RPM packages for the 64bit, 32bit and arm7 architectures. A DEBIAN package (64bit) is also available.
Please note, that the cryptobone daemon process must be started within 120 seconds after booting the computer, so you may have a problem on very old hardware, if you use a 32bit machine.
File Description Size Fingerprint cryptobone-1.1.x86_64.rpm RPM package for x86-64 693030 sha256 cryptobone-1.1.i686.rpm RPM package for i686 703878 sha256 cryptobone-1.1.armv7hl.rpm RPM package for arm7 637934 sha256 cryptobone_1.0_amd64.deb
[this package does not include the external Crypto Bone software]
Debian package for amd64 644854 sha256
Keep in touch, as new updated packages will come up soon.
External DevicesThere are very good reasons to use an external device in addition to the ALL-IN-ONE version, as an external device will make it even more difficult for an attacker to compromise your messages. You can use a second Linux computer, a Beagle Bone or a Raspberry Pi to delegate the encryption engine to a separate, more isolated device. For mor information have a look at the download section, the installation tutorial and the security analysis.