Slashdot Mirror

← Back to Stories (view on slashdot.org)

TrueCrypt 4.3 Released

Posted by kdawson on from the windows-only-alas dept.

RedBear writes "A new update to the best open source transparent encryption software has been released. TrueCrypt is (the only?) open source encryption software capable of creating and mounting encrypted virtual disk images that can then be worked with transparently like any other storage drive, with data encrypted and decrypted in real-time. These virtual disks can be created as files, or entire partitions or physical drives can be encrypted and mounted transparently. Sadly there is still no Linux GUI or Mac OS X port in sight. If you are one of the thronging hordes who have been patiently awaiting ubiquitous multi-platform encryption, please consider donating time or money to the cause, and add your voice to the forum." From the site:"Among the new features [are] full compatibility with 32-bit and 64-bit Windows Vista, support for devices and file systems that use a sector size other than 512 bytes (such as new hard drives, USB flash drives, DVD-RAM, MP3 players, etc.), auto-dismount when a host device (e.g., a USB flash drive) is inadvertently removed, and many more." Read on for more features of TrueCrypt and cached versions of all the links above.
Also including features like plausible deniability, steganographically hidden volumes, unidentifiable partition headers, traveler mode, and your choice of the strongest available encryption algorithms up to and including multi-algorithm cascades. TrueCrypt is practically the Holy Grail for advocates of free ubiquitous encryption. Now, if only it were platform independent.

To reduce load on their servers here are some Coralized versions of all the links:

TrueCrypt home page
Future development goals
Forum thread about Mac OS X version
Donations page
General forum
Plausible deniability
Hidden volumes
Traveler mode
Encryption algorithms
Multi-algorithm cascades
Version history

13 of 285 comments (clear)

  1. Linux downloads available by tabo_peru · · Score: 5, Informative

    "from the windows-only-alas dept."

    Not really, you can download ubuntu binaries from their download section.

    1. Re:Linux downloads available by GenKreton · · Score: 4, Informative

      Except, the summary implies it is the only opensource method of doing this when, in fact, linux has several others and a few of them are superior (like a few luks implementations using dm-crypt).

  2. Re:The coolest part. by Eddi3 · · Score: 5, Informative

    "you dont have to install it. so there is no way that any researcher can discover it was used."

    That's not entirely true. When TrueCrypt opens, it installs a driver (in Windows). This driver remains there unless you remove it. In fact, I just had to manually remove it because the old version of the driver was already installed, and the new version of it couldn't override it.

    Don't get me wrong, I absolutely LOVE TrueCrypt, I use it everyday, however it's not entirely true that it leaves no footprint. At least, not in my experience.

      -Eddie

  3. Re:No OS X Port? by Mr2001 · · Score: 4, Informative

    Hidden volumes, for one. A single image can have two volumes in it, with different passwords, encryption methods, etc., and you can't even tell the hidden one is there unless you know the key.

    You can also use any file as the key, instead of (or in combination with) a password.

    And you can encrypt an entire partition, instead of putting the image inside another filesystem and letting it get copied around by the defragmenter (which may have security implications for the ultra-paranoid).

    --
    Visual IRC: Fast. Powerful. Free.
  4. Nothing to see here by Kpt+Kill · · Score: 4, Funny

    Only pirates, terrorists, and criminals need encryption. :)

  5. Re:The coolest part. by Anonymous Coward · · Score: 5, Informative

    from the truecrypt site:

    Traveller Mode

    TrueCrypt can run in so-called 'traveller' mode, which means that it does not have to be installed on the operating system under which it is run. However, there are two things to keep in mind:

            * You need administrator privileges in order to able to run TrueCrypt in 'traveller' mode.
            * After examining the registry file, it may be possible to tell that TrueCrypt was run (and that a TrueCrypt volume was mounted) on a Windows system even if it is run in traveller mode.

    If you need to solve these problems, we recommend using BartPE for this purpose. For further information on BartPE, see the question "Is it possible to use TrueCrypt without leaving any 'traces' on Windows?" in the section Frequently Asked Questions.

  6. Re:The coolest part. by Eddi3 · · Score: 4, Informative

    Generally, Windows itself keeps the names of files that have run recently, and that's probably what they're refering to, not TrueCrypt's settings. In that aspect, no executable on Windows can leave absolutely NO footprint. Of course, these registry entries can be removed manually.

    In fact, TrueCrypt's settings are maintained in a file called Configuration.xml in the same directory as TrueCrypt.exe, in order to remain truly portable.

  7. FreeOTFE? by Lawrence_Bird · · Score: 4, Informative
    I have been using this and have no association other than as a happy user. From the description I don't
    think TrueCrypt is "the only" one.

    Clipped (and truncated) from the website:

    FreeOTFE: A free "on-the-fly" transparent disk encryption program for MS Windows 2000/XP/Vista PCs and Windows Mobile 2003/2005 PDAs Using this software, you can create one or more "virtual disks" on your computer - anything written to these disks is automatically, and securely, encrypted before being stored on your computers hard drive.

    Features

            * Source code freely available
            * "Portable mode" included; FreeOTFE doesn't need to be installed before it can be used - making it ideal for carrying your data securely on USB drives!
            * Operates under both PC (MS Windows 2000/XP) and PDA (Windows Mobile 2003/2005) platforms
            * Linux compatibility (Cryptoloop "losetup", dm-crypt and LUKS supported)
            * "Hidden" volumes may be concealed within other FreeOTFE volumes, providing "plausible deniability"
            * FreeOTFE volumes have no "signature" to allow them to be identified as such
            * Encrypted volumes can be either file or partition based.

  8. Re:No OS X Port? by Simon+Garlick · · Score: 4, Insightful

    Why don't you download the source code for Truecrypt, and the source code for OS X Disk Utility, and compare how they implement their respective algorithms. The advantage will be pretty obvious.

    --

    -----
    PGP Key ID 0xCB8FF658
  9. Re:What a load of BS... by Binestar · · Score: 4, Informative

    If you have a container X big, one can have smaller containers inside that. The key opens the outer container, but exposes the inside (to use their language). Even if these hidden volumes dont have publically readable containers, one can still see them and delete them.

    Incorrect, there is no container file inside the first container, and if you don't enter the password for the second container the same time as the first container you *CAN* overwrite the data in the second container, thus corrupting it.

    From the website (If only people would RTFM (no, I'm not new here)):

    Protection of Hidden Volumes Against Damage
    As of TrueCrypt 4.0, it is possible to write data to an outer volume without risking that a hidden volume within it will get damaged (overwritten).

    When mounting an outer volume, the user can enter two passwords: One for the outer volume, and the other for a hidden volume within it, which he wants to protect. In this mode, TrueCrypt does not actually mount the hidden volume. It only decrypts its header and retrieves information about the size of the hidden volume (from the decrypted header). Then, the outer volume is mounted and any attempt to save data to the area of the hidden volume will be rejected (until the outer volume is dismounted).

    Note that TrueCrypt never modifies the filesystem (e.g., information about allocated clusters, amount of free space, etc.) within the outer volume in any way. As soon as the volume is dismounted, the protection is lost. When the volume is mounted again, it is not possible to determine whether the volume has used hidden volume protection or not. The hidden volume protection can be activated only by users who supply the correct password (and/or keyfiles) for the hidden volume (each time they mount the outer volume).

    --
    Do you Gentoo!?
  10. Re:No OS X Port? by Mr2001 · · Score: 4, Informative

    Nope.

    When you create the (main) volume, it's filled with random data. Formatting overwrites some of that, but the empty space is still full of random bytes. So, let's say you create a main volume on a 100 MB partition, and copy over some "cover" files, leaving 75 MB of free space at the end.

    Then you create a 50 MB hidden volume, which is stored at the end of the partition. You put your top secret files in there, dismount it, and remount the main volume. The main volume still says "100 MB total, 75 MB free", and the free space still appears to be full of random bytes (since the hidden volume is encrypted), but they're different random bytes than they were at first.

    So no, you can't tell just by looking at the mounted main volume that there's a hidden volume. All you can do is suspect that there might be something hidden in that free space, but you can't prove it - there are no plaintext headers, so both volumes are completely encrypted and appear random without the correct key. TrueCrypt will even let you reformat the main volume, destroying the hidden volume in the process, unless you specifically tell it to protect the hidden volume (using the correct key) when you mount the main one.

    OTOH, you might be able to make a snapshot of the entire encrypted partition (without alerting the owner), then come back later and look for changes once you've gotten him to give up the key to the main volume. If the changes are in the main volume's free space, and they can't be explained by creating and deleting files, then you know there's a hidden volume. However, this requires covert monitoring over a period of time while the system is in active use; you can't detect the hidden volume simply by seizing a drive and examining it all at once.

    --
    Visual IRC: Fast. Powerful. Free.
  11. Re:No OS X Port? by Simon+Garlick · · Score: 4, Insightful

    That, believe it or not, is my point. We have no way of knowing how secure OS X Disk Utility is. For all we know every encrypted .dmg can be decrypted with one master passphrase. For all we know the algorithms are deliberately crippled. We'll never know, because we can't audit the source.

    --

    -----
    PGP Key ID 0xCB8FF658
  12. Re:No OS X Port? by Solra+Bizna · · Score: 5, Interesting

    Blew mod points to respond to this.

    Disk Utility, the graphical application, is not open source. diskutil and hdiutil, the command-line programs it is a front-end for, are open source. I don't know whether the DiskImages framework (which hdiutil could be considered a front-end for) is open source, though. (my guess is "yes")

    -:sigma.SB

    --
    WARN
    THERE IS ANOTHER SYSTEM