Comment 14 for bug 110970

Reinhard Tartler : Your fix introduces more important bug, including a security issue. Please read the discussion in bug 139363 . Please consider reverting your changes or use another fix for these reasons :

Password echoed in plain text in console : usplash prompt has been already tested in the past, and there is a reason why it has not been used. When typing your password in usplash prompt, your password is echoed in plain text in the console. If you read the cryptsetup changelog, you'll see that this issue happened in the past and that's why developers choosed to break usplash instead. I can reproduce this security problem with your current package in intrepid. You can see more information in bug 55159, read my last comment on that bug.

fsck fill cryptsetup prompt : if fsck runs before usplash cryptsetup prompt, it will fill your prompt with fsck outputs. This is impossible to type your password in these conditions, and a unclean reboot takes you to the same point since fsck starts again.