Slashdot Mirror

← Back to Stories (view on slashdot.org)

TrueCrypt 6.0 Released

Posted by kdawson on from the plausible-deniability dept.

ruphus13 writes "While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend. The new version touts two major upgrades. 'First, TrueCrypt now performs parallel encryption and decryption operations on multi-core systems, giving you a phenomenal speedup if you have more than one processor available. Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.' The software has been released under the 'TrueCrypt License,' which is not OSI approved."

5 of 448 comments (clear)

  1. That might betray the presence of a hidden volume by Anonymous Coward · · Score: 5, Interesting

    - depending upon the file system.

    For instance, if you used ext3 then mkfs.ext3 is going to put backup super blocks all over your disk. If you then setup a hidden volume later on, some of those backup super blocks are going to get over written. An attacker - to whom you've been forced to reveal your outer volume password - could easily discover that the backup super blocks aren't the same as the real super block and deduce that you're using a hidden volume that you didn't tell them about. You could, when formating, tell mkfs.ext3 not to use any backup super blocks - but that also might look a bit suspicious. Just food for thought.

  2. Re:Sad by slyguy135 · · Score: 5, Interesting

    I have no fear of the Chinese government.

    Wow, what Kool-aid have you been drinking? I've been to China many times too, and love the place, but I'm afraid you're being seriously delusional if you think it's safe to be that blasé around the Chinese authorities. The American search procedures at the US border would indeed be unconstitutional were they conducted in the country, but at least you know up front what the rules are. In China, your rights are vague at best and your recourse to law is minimal. If next time you enter China the border officers did decide they are going to take your laptop away, what could you do about it? Oh, but if they're polite, then that's OK, right?

    Fanboyism of China is not helpful to the country and unattractive, so please stop it; it's embarrassing, and even potentially dangerous.

  3. Re:Sad by bhima · · Score: 5, Interesting

    This absolutely mirrors my own experience. I live in the EU and I travel mostly around the EU and Africa. When I get to the US I'm treated as a convicted criminal and I'm a US citizen. I am routinely hassled and threatened by petty dictators of nano-dictorships. Which I find completely bizarre... Hell the security & customs agents in Zimbabwe are more polite than the ones in Atlanta.

    Another thing I find complete asinine is that little form you fill out saying where you are going stay while you are in the US. I've been staying at 1600 Pennsylvania ave. for going on 6 years and no one has so much a blinked.

    --
    Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
  4. Re:Only works if it's default install by TheLink · · Score: 5, Interesting

    Why wouldn't they interrogate you further? They can read the Truecrypt feature list for themselves.

    Already a Mr Chris Jones has an issue with my proposal because he seems to think that the UK government would waterboard users in the UK if Ubuntu has a default encrypted partition they might not have a key to.

    If Chris Jones is right that the UK Government would do such a thing, then they would be far more likely to waterboard you for voluntarily installing truecrypt, voluntarily creating a encrypted volume (or two) AND not handing over "all" passwords. Even if you don't even have a hidden volume.

    If you have a Government willing to mistreat people for using a distro that does what I propose, they would definitely mistreat people who use Truecrypt.

    So my proposal makes the most sense.

    --
  5. Re:Only works if it's default install by jeevesbond · · Score: 5, Interesting

    Actually, there was a conversation about this last time the subject of TrueCrypt came up. Unfortunately it went mostly unnoticed, because a forensic investigator can tell if a hidden partition is present, masquerading as free space:

    A data forensic specialist will look at all these free blocks, and guess what your SCSI/IDE/FC harddrive tells them in the low level meta data how many seek misses I've had in each area of the disk. Why are you seeking around a lot in data that is "free". OH NO! I just figured out you have secret data on the drive, and I can request the court to compel you to disclose the key.

    I think you, and many other Slashdotters have 'Reiser Ego' (coined!) You see TrueCrypt as an extremely clever and infallible tool you can use to circumvent the stupidity of courts and the dunder-heads who work in computer forensics. For the most part however, these people are not stupid, and geeks are not able to avoid prosecution via their l33t h4xX0r skills.

    I fear big egos will lead many geeks to underestimate their adversaries. Feel free to prove me wrong, of course. :)

    --
    I'm going to transform myself into a mighty hawk. Either that or I'll just go and work at Dixons, haven't decided yet.