truecrypt.org · Domains · Slashdot Mirror

Re:How many of those exports by CodeBuster · 2008-10-29 17:20 · Score: 1 · on Can the US Stop the Illegal Export of Its Technology?

What about TrueCrypt, do they need a license as well? How about OpenSSH? The encryption horse has long since left the barn and any attempts to close the gate now are just security theatre. The real challenges going forward are key management and security at the endpoints.

Re:Schneier bothers me by ScrewMaster · 2008-10-17 13:34 · Score: 2, Insightful · on Schneier, Journalist Poke Holes In TSA Policies

In a way, I think that the cypherpunk ideal fell apart when they built it and nobody came. All sorts of strong crypto are available to everybody, for free, and aren't even all that much trouble to use. Almost nobody bothers, probably so few that those who do just stand out by doing so.

Worse than that, it seems like anyone who knows anything about cryptography is automatically suspect these days. "If you have nothing to hide, then why do you need that"?

Sad but true. Of course, if people actually thought about this, they'd all have strong crypto. If the Feds grab your laptop, for example, they'll look for anything they can nail you on, "terroristic" or not. This confiscatory behavior on the part of the TSA is officially called "intelligence gathering" but what it really is is a widespread fishing expedition.

If any of you carry computers around with you that are used regularly by, say, your co-workers ... would you really trust that machine to pass scrutiny by agents highly motivated to get something on you for their trouble? That's the real problem here. As has been discussed many times here on Slashdot, so many things are felonies nowadays that odds are, if they want you, they'll make something stick. Believe me, you don't ever want to be inside the Justice System as an ordinary citizen. You just don't, and forget about whether you're innocent or not. Fortunately, precedent has been set that encryption passphrases are subject to the Fifth Amendment: let's hope that sticks.

So folks, encrypt your stuff. It's easy, it's painless and it's free, and it wouldn't hurt to proselytize a bit, and get your friends and family to try it out as well. The more popular encryption becomes, the harder it will be to outlaw.

Re:Disclosing a key is disclosing knowledge by akadruid · 2008-10-16 00:59 · Score: 1 · on UK Court Rejects Encryption Key Disclosure Defense

Works for me (London E1)

Perhaps you're behind a content filter? Or have the wrong address? Try this:

http://www.truecrypt.org

Security isn't hard? by Anonymous Coward · 2008-10-16 00:09 · Score: 0 · on UK Court Rejects Encryption Key Disclosure Defense

I guess it's time for an http://yro.slashdot.org/yro/08/10/15/2222209.shtml over-sea proxy and http://www.truecrypt.org/ then

Re:So anyone want to do this.... by Anonymous Coward · 2008-10-15 22:52 · Score: 1, Informative · on UK Court Rejects Encryption Key Disclosure Defense

You're looking for deniable encryption...

Rubber Hose crypto http://iq.org/~proff/rubberhose.org/ here.
Truecrypt http://www.truecrypt.org/ provides a hidden, encrypted partition-within an encrypted partition for plausible deniability.

You get caught, you give them the top-level keys, etc. There's no way to prove that the second layer exists! And yes, a/c because even telling you about this sort of software is probably illegal now in the UK (think of the children! Stop the terrrrrists! etc!)
<rant>(Curtain-twitching, Daily-Mail-Reading, Noseyfuckingbastards Sheeple)</rant>

Re:Your radical ideas about deniable encryption... by Lord+Bitman · 2008-10-15 21:53 · Score: 1 · on UK Court Rejects Encryption Key Disclosure Defense

Your radical ideas about deniable encryption have been suggested before.. and actually work quite well! Here ya' go

Re:So anyone want to do this.... by scientus · 2008-10-15 21:15 · Score: 3, Informative · on UK Court Rejects Encryption Key Disclosure Defense

truecrypt

Hide your data (plausible deniability+ physically) by apathy+maybe · 2008-10-15 20:13 · Score: 2, Interesting · on UK Court Rejects Encryption Key Disclosure Defense

Obviously then, the way to prevent the cops from knowing about your encrypted data is to hide it from them. If they don't know about the encrpyted file, they can't ask for the password.

Two ways, plausible deniability (if you haven't heard of TrueCrypt yet, check it out>) is the way that most of you will use.

The other way is physically hiding the disk. Have a garden that you use, and store your data in multiple plastic bags and bury it.

The other thing you could do, have a strong magnetic field that is triggered in certain scenarios that will wipe your box of floppy disks/hard drive. Example scenarios include the cops breaking down the door, or the door being opened without a button being pressed.

Re:Plausible Deniability by coolsnowmen · 2008-10-09 14:55 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

I don't see how that is any better than using a hidden volume.
http://www.truecrypt.org/hiddenvolume.php

Re:If you're that worried... by CodeBuster · 2008-10-09 11:30 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

In the TrueCrypt documentation see the sections on "plausible deniability" and "hidden operating system". They have already assumed that you have been taken into the back room and coerced into giving up your "password" and made allowance for this situation. You can give them the password to the decoy and there is no way to prove that a hidden partition exists. If they still want to detain or beat you after that then I submit that you are probably not going to convince them otherwise no matter what you do or say.

Re:If you're that worried... by ScrewMaster · 2008-10-09 10:24 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

so people might want to do a cost-benefit analysis before doing something like encrypting the whole hard drive with Truecrypt.

Cost-benef ... honestly, what are you talking about? TrueCrypt is not only open-source, but free. There is no cost involved, only increased security. Okay, so you lose an hour or so while it encrypts your partition. Big deal. TrueCrypt is not the only solution out there either.

I routinely encrypt all forms of portable storage that I use, just as a matter of principle. Forget the TSA and airlines: anything you carry with you has the possibility of being lost or stolen, and ending up in the wrong hands. Am I a terrorist? No. Am I a paedophile? Hardly. But what's mine is mine, and if you don't have a court order (and maybe not even then) you have no right to it. Furthermore, the law can't protect your personal informatoin (and in many cases wants to do quite the opposite) so you have to protect it yourself.

Look, unless you're just transporting public domain files from the Gutenberg Project or something equally innocuous, just encrypt it and be done with it. We live in an increasingly criminal society. Take the proper steps, keep your data safe from prying eyes. It's easy, costs nothing, and may save you a heap o' trouble.

It's one less thing to worry about.

Re:If you're that worried... by ScrewMaster · 2008-10-09 10:06 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

He must be talking about some commercial product. How anyone with an Internet connection could be that misinformed about TrueCrypt is beyond me.

There is some good news. A recent court decision has affirmed that Fifth Amendment protections apply to encrypted data ... if the password is in your head, you can't legally be forced to reveal it. Just make damn sure you choose a good one.

Re:Known Your Adversary by Johnno74 · 2008-10-09 09:43 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

To do this you need the TrueCrypt bootloader installed, which is a dead give-away that you probably have a hidden volume.

Not correct. You are thinking of the Hidden Operating System feature.

A standard Hidden Volume can be placed in any truecrypt container.

Re:Known Your Adversary by Johnno74 · 2008-10-09 09:43 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

To do this you need the TrueCrypt bootloader installed, which is a dead give-away that you probably have a hidden volume.

Not correct. You are thinking of the Hidden Operating System feature.

A standard Hidden Volume can be placed in any truecrypt container.

Re:If you're that worried... by ivanmarsh · 2008-10-09 08:34 · Score: 1 · on Tips For Taking Your Laptop Into and Out of the US?

TrueCrypt rocks!
http://www.truecrypt.org/

Avoid full disk encryption if you're trying to hide something.

A drive that won't boot because it's encrypted raises a red flag.

A completly invisible encrypted area on a machine that boots and works normally is another story.

Old news for TrueCrypt by martinw89 · 2008-10-05 08:29 · Score: 5, Informative · on Encrypted Images Vulnerable To New Attack

Not only is the sensationalist article/summary only pertinent to uncompressed bitmaps, TrueCrypt has warned their users about backing up hidden volumes for a long time (source). In fact, it's the first precaution in how to keep your hidden volume secure.

So people worrying about steganography on TrueCrypt volumes shouldn't, they've been telling you how to keep these volumes secure already.

Re:It's a good thing by CodeBuster · 2008-09-17 04:56 · Score: 1 · on Bill To Add Accountability To Border Laptop Search

But law enforcement, on the other hand, could potentially force me to divulge such passwords!

You give the average border patrol officer too much credit. He doesn't know what an encrypted partition is. If he did then he wouldn't be working a checkpoint in the middle of the desert. As long as you don't mention it he won't know or think to ask. If you are genuinely worried then you can always use TrueCrypt to create a virtual disk (name the file whatever you like and put it anywhere in the filesystem) or even a hidden OS if you are really paranoid. You have to take on the hacker mentality, know how things work (including law enforcement rules and procedures, not just your comptuer), and use your intelligence to outwit your adversaries.

Re:One test they never run - FRAGMENTATION by ACMENEWSLLC · 2008-09-08 08:54 · Score: 1 · on Intel's First SSD Blows Doors Off Competition

You really don't need to defrag your SSD / USB flash drives. Just as there are defrag utilities for your hard drives, there are defrag utilities for your RAM in your PC. Last time I ran one of those was perhaps 10 years ago. Do a Google search for RAM Defrag and you will find these. The time's I've done it with RAM where to clean up after programs with memory leaks, not for the real defrag use.

The fact is in very few cases do you ever want to do this. The benefits just are not there to justify an early end of life for the drive. Most flash drives don't really store the data where you think they do anyway. They use logic to spread read/writes across the drive to prevent wear. http://www.truecrypt.org/docs/?s=wear-leveling

I have a 16GB flash drive I run VMWare guests on. I don't see any speed difference if the VMDK file is severely fragmented, or completely defragged. There may be rare exceptions to this, but don't defrag your flash drives / SSD's.

Re:TrueCrypt Hidden OS by lgw · 2008-08-19 12:53 · Score: 2, Informative · on Judge Rules Man Cannot Be Forced To Decrypt HD

Plug for TrueCrypt 6.0's Hidden OS feature. This allow one to give a password (not the "real" password) and have the system boot to a hidden OS which is not your real installation. Moreover, there is no way to prove the "real" OS exists. http://www.truecrypt.org/docs/?s=hidden-operating-system

Bruce Schneier says otherwise: http://www.schneier.com/blog/archives/2008/07/truecrypts_deni.html

There are a variety of attacks that might allow authorities to conclude that you had a hidden partition.

TrueCrypt by kcbanner · 2008-08-17 18:50 · Score: 4, Informative · on Secure File Storage Over Non-Trusted FTP?

See http://www.truecrypt.org/ for cross platform encryption...you can throw your files in there.

Re:I NEVER use these fields by tlacuache · 2008-08-14 00:41 · Score: 1 · on Password Resets Worse Than Reusing Old password

I keep a tiny TrueCrypt volume which contains a text file with my login credentials for the various websites I frequent. Usually I can remember the username/password for all the sites I visit, but if I forget I can mount the TrueCrypt volume and look it up, and I don't have to worry about the file falling into the wrong hands.

Some software that you should look at by apathy+maybe · 2008-08-13 10:30 · Score: 5, Informative · on UK Gov't Proposes Massive Internet Snooping, Data Storage

http://www.gnupg.org/ - The GNU Privacy Guard

http://getfiregpg.org/ - FireGPG, "encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG" (untested by me).
https://addons.mozilla.org/en-US/firefox/addon/3424 - another Firefox extension, also untested.
https://addons.mozilla.org/en-US/firefox/addon/3208 - another one that may be useful (untested).

http://www.gpg4win.org/ - something for MS Windows

Remember folks, even if you aren't in the UK, this still affects you! If you communicate with people in the UK, if you have email based in the UK (I have a Yahoo.co.uk email address, in addition to my 50 other email addresses...), etc. ...

It is as simple as installing Firefox, installing GNUPG, and installing that extension that lets you encrypt text fields when you are emailing...

And don't forget TrueCrypt http://truecrypt.org/ though it isn't strictly relevant in this case, it is always relevant.

Re:More like "notice that you're being watched" by Tuoqui · 2008-08-07 21:02 · Score: 1 · on Tufts Tells Judge, We Can't Tie IP To MAC Addresses

I know this is feeding the troll but hey...

Yes most ISPs use a number such as 3 days because a house is not apt to move around. A university/college with laptops and wireless internet would be more apt to use a lease duration of a shorter time of say 2-4 hours. This is because the length of classes/lectures is typically 1-2 hours and DHCP specification calls for renewing the lease halfway through the duration with a DHCP server. If they do not get permission to continue using the same IP address then they request a new one (common practice to not let someone keep the same IP indefinitely).

Also when shutting off the computer and moving to a new location (IE. New classroom, lecture hall, the cafeteria) typically one transits multiple different APs and will usually end up having to re-request an IP address from the DHCP server.

DHCP leases are a minor security threat if they have a long enough duration. If someone previously knew that this MAC and IP address combination were in use and arent now they could spoof the MAC and uses the same IP address since as long as the other machine is not being used it does not require the DHCP server's communication to use an address that is not in use or was previously dished out.

Another way around it that even non-technical users can utilize would be a USB or PCMCIA card that does the wireless connection and judicious use of Truecrypt with strong passwords with a removable hard drive such as a USB stick. They cant compel you to tell you the password if its only in your head. 5th amendment right and all that.

TrueCrypt for sure using System Encryption by al0ha · 2008-08-06 10:53 · Score: 1, Informative · on Whole Disk Encryption For Vista?

As quoted from TrueCrypt, "System encryption provides the highest level of security and privacy, because all files, including any temporary files that Windows and applications create on the system partition (typically, without your knowledge or consent), hibernation files, swap files, etc., are always permanently encrypted (even when power supply is suddenly interrupted)"

Implements a pre-boot authentication which means the TrueCrypt password has to be entered before the OS boots and can be installed and encrypt of the fly the current OS install and disk.

More info here: http://www.truecrypt.org/docs/?s=system-encryption

But remember, your boss must not be afraid of remembering a strong password and must never write it down.

Those comparisons are old. by Anonymous Coward · 2008-08-06 10:29 · Score: -1, Troll · on Whole Disk Encryption For Vista?

Those comparisons all seem to be old.

There is only one answer: TrueCrypt. Note that version 6.0a is much more powerful than earlier versions.

Commercial software cannot be trusted with something so important, for two reasons:

U.S. government surveillance: All of the U.S. government's many secret departments believe that they can order executives of companies that do business in the U.S. to a) provide any help they want so that they can accomplish surveillance, and b) put the executives in prison if they reveal the corruption. So, any software that has ever been under U.S. control, or has been corrupted by the U.S. government, cannot be trusted.

Often employees of U.S. government secret departments take jobs in commercial companies, and pretend to be normal employees, while serving illegal purposes of the secret departments. So even companies in other countries cannot be trusted.

Please check this carefully if you doubt it. The U.S. government uses what is called signing statements, which at present basically mean that a U.S. president can authorize breaking any law, merely by signing his name. That corrupt system has been used to challenge hundreds of laws.

Closed source software cannot be trusted until the secret employees of the U.S. government are tried for treason, and an open government is established. It does not seem that will happen soon.

The Bush and Cheney families and friends and associates are oil and weapons investors, and they use secret surveillance as a way getting what they want, no matter how illegal. For example, the U.S. government is already fighting a war with Iran. There is talk of "diplomacy", but that is only to limit awareness of what the corrupters are doing. There are three groups of people who want war with Iran: weapons investors, oil investors, and Jews. The situation is the same as before invading Iraq. There was talk of diplomacy, but the leaders in Iraq knew that the U.S. government would invade, no matter what was said, so they acted in a hysterical fashion.

The purpose of invading Iran seems to be the same as the purpose of invading Iraq: to restrict the supply of oil even further, so that oil prices will rise even further. Weapons investors want continuous war, and an invasion of Iran would almost certainly cause that.

Changes in company management: A trustworthy company may be sold to another, less well-managed company. The less well-managed company may outsource some changes, or hire an employee that is not trustworthy. One of the changes can be the inclusion of a back door, or some other corruption. That's only one example. There are many other ways that there can be such problems with closed-source software.

TrueCrypt -- U.S. is becoming a police state by Anonymous Coward · 2008-08-01 10:53 · Score: 0 · on DHS Allowed To Take Laptops Indefinitely

Several people have recommended TrueCrypt. Open source, free, Windows and Linux, encrypts the boot partition, provides hidden operating systems and hidden partitions.

More and more, the U.S. is becoming a police state. The corruption is not just at the borders.

For example, the government is already fighting a war with Iran. There is talk of "diplomacy", but that is only to limit awareness of what the corrupters are doing.

The situation is the same as before invading Iraq. There was talk of diplomacy, but the leaders in Iraq knew that the U.S. government would invade, no matter what was said, so they acted in a hysterical fashion.

The purpose of invading Iran seems to be the same as the purpose of invading Iraq: to restrict the supply of oil even further, so that oil prices will rise even further.

Re:Good luck... by JSund · 2008-08-01 04:39 · Score: 1 · on DHS Allowed To Take Laptops Indefinitely

TrueCrypt has a feature where you use what they call keyfiles that does something like that. It's limited to the first 1 MB of a file though.

Re:Plausible Deniability by PReDiToR · 2008-08-01 03:58 · Score: 1 · on DHS Allowed To Take Laptops Indefinitely

I would imagine that all your questions could be answered in full here...
If you click through to the documentation you will find more in-depth answers to questions you didn't know you had.

Re:Get A Mac by Chris+Burkhardt · 2008-07-17 18:00 · Score: 4, Funny · on Schneier, UW Team Show Flaw In TrueCrypt Deniability

And what about deniability, then?

You could try TrueCrypt. I think it works on Macs.

Re:Summary is inaccurate by Minwee · 2008-07-17 14:33 · Score: 1 · on Schneier, UW Team Show Flaw In TrueCrypt Deniability

I believe there's also a portable version of TrueCrypt that can be used that leaves no traces on the OS install once you're finished.

Your OS, however, will happily record that it ran a program called truecrypt and cached any DLLs it needed, log any changes in available drives and make a note that it accessed documents on the recently mounted 'F:' drive. Those are very definitely traces, and the documentation for TrueCrypt traveler mode is very clear about their existence.

They do suggest using BartPE to lock down Windows in very specific ways which will prevent it from doing that kind of thing, but that is itself a trace.

Good luck.

Re:Get A Mac by linhares · 2008-07-17 14:14 · Score: 4, Funny · on Schneier, UW Team Show Flaw In TrueCrypt Deniability

So, just to play along, what software do you propose to use on the mac to provide deniable encryption?

You could try this program called TrueCrypt. It seems to work okay.

yup, ...until some folks showed flaws in TrueCrypt deniability

Now that's an attempt for infinite mod points!

Re:Get A Mac by Chris+Burkhardt · 2008-07-17 11:17 · Score: 4, Funny · on Schneier, UW Team Show Flaw In TrueCrypt Deniability

So, just to play along, what software do you propose to use on the mac to provide deniable encryption?

You could try this program called TrueCrypt. It seems to work okay.

Re:Only works if it's default install by clone53421 · 2008-07-09 03:12 · Score: 1 · on TrueCrypt 6.0 Released

You don't seem to understand this very well... maybe you're used to an older version of TrueCrypt.

It is not a common usage pattern of truecrypt to install an OS on the hidden volume. In fact, I don't believe you would be able to boot such an OS.

Incorrect. An OS can be installed on and booted from a hidden partition (as of version 6.0).

FAT filesystems (the only supported filesystem type if you want to use hidden partitions)

Not entirely true. From the FAQ, "when mounted, TrueCrypt volumes can be formatted as FAT12, FAT16, FAT32, NTFS, or any other file system." Obviously keeping the data at the beginning of the drive would be beneficial, so FAT filesystems may be preferable, but they're not mandatory.

All it does is write-protect the sectors in the hidden partition, which means that if your OS tries to overwrite it, you will get error messages.

Your argument is valid, but again your facts are not entirely correct. If the outer volume is mounted with inner volume protection enabled, any write attempts to the protected inner volume will fail and the entire outer volume (including but not limited to the region which contains the inner volume) will immediately become read-only.