Slashdot Mirror
TrueCrypt 6.0 Released
ruphus13 writes "While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend. The new version touts two major upgrades. 'First, TrueCrypt now performs parallel encryption and decryption operations on multi-core systems, giving you a phenomenal speedup if you have more than one processor available. Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.' The software has been released under the 'TrueCrypt License,' which is not OSI approved."
It's sad. I often travel between the US and China on business ( I live on the China side ). I've always been careful with sensitive data, but now I'm absolutely fascist. Why? I have no fear of the Chinese government. Besides, I work for a Chinese company. I fear my own country illegally accessing files to which they have absolutely no rights whatsoever.
Honestly. If someone works for the US government, pulls some CEO's laptop at the boarder for "inspection" and gets free access to all the company financials, would they do the right thing? How many semi-intelligent people wouldn't be tempted to start buying stock options or call their best friend with a really good "tip"? Even if they SEC investigated, they would never find the link.
Over the last several years, I've always been treated very respectfully inside China and going to and from. It is in the US, my own country, where I'm treated as if I'm already guilty.
Back to the topic at hand. TrueCrypt is a wonderful product. Everyone should be using it.
Get a clue.
Does Joe Sixpack's computer come with Truecrypt? Does it come with a truecrypt container preinstalled?
The answer is NO.
So if the wrong people find Truecrypt on your computer guess what happens to you. If you say "Nothing" well: "Wrong answer!". They may give up after a few days of giving you the treatment, but it still means you get the treatment.
Whereas if everybody had truecrypt AND an encrypted partition, they could a) try to waterboard everyone, b) wait till they have more evidence.
And that is why I reported this bug/feature request: https://bugs.launchpad.net/ubuntu/+bug/148440
Encryption must appear to be in _use_ by default by all users, then you get safety in numbers. When even your grandma using Ubuntu has a crypto partition, things are better for the people actually using it.
You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.
I'm not the OP, but this is being sillily unreasonable.
For instance, I don't have admin rights on the computer in my office. So maybe I don't want to trust this computer entirely. But if I'm walking back and forth with my USB key most days, the major threat is me leaving the key sitting on the bus seat or something like that, not information being stolen while I'm on the work computer.
It's not like just because you don't control a computer you don't trust it at all, or that just because something is in a TrueCrypt volume it's extremely sensitive.
While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend.
That might not be just a coincidence.
.sig: No such file or directory
I followed this back to the Ubuntu bug report 148440 and see that a comment has been added https://bugs.launchpad.net/ubuntu/+bug/148440/comments/4 that I think says it all.
You know, if law enforcement "fucked up your volume" as you so nicely put it, they have just destroyed whatever evidence you where trying to hide. So why would anyone using true crypt have a problem with that?
AFAIK, yes, if you fill the decoy volume it will kill your hidden volume.
which makes you wonder how long it'll be until a tool is developed for law enforcement specifically designed to fuck up these volumes.
They can only do that if they've confiscated your laptop *and* acquired your 'decoy' password. At that point, your only concerns are they not getting your data and you being able to deny the data is there in the first place.
Somebody deleting all your sensitive files is not a bad thing to happen at that point.
No, I'm quite positive that you do have a hidden volume. It's where you're storing all of your terrorist secrets, and unless you reveal the password then this ballpeen hammer has a date with your fingers.
Still don't want to talk? Maybe you just need a little more electricity.
We'll stop when you are able to prove to the nice men who are protecting your country that you _don't_ have a hidden encrypted partition, and then they will let you go.
Simple reason why I had seeks to an area that looks empty, it's because I *used* to have files there before I deleted them, then since I'm savvy enough to use Truecrypt, I ran one of those wipe programs that overwrites it with garbage, hence what you see if you look at the drive forensically, garbage.
I came up with that in the time it took to read your post.