Slashdot Mirror

← Back to Stories (view on slashdot.org)

TrueCrypt 6.0 Released

Posted by kdawson on from the plausible-deniability dept.

ruphus13 writes "While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend. The new version touts two major upgrades. 'First, TrueCrypt now performs parallel encryption and decryption operations on multi-core systems, giving you a phenomenal speedup if you have more than one processor available. Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.' The software has been released under the 'TrueCrypt License,' which is not OSI approved."

67 of 448 comments (clear)

  1. first by Anonymous Coward · · Score: 5, Funny

    svefg cbfg

    1. Re:first by evanjfraser · · Score: 4, Informative

      Thats not off topic, thats kth substitution encryption!

    2. Re:first by Daimanta · · Score: 4, Informative

      Replacement cipher.

      Translation table:

      b o
      c p
      e r
      f s
      g t
      i v

      --
      Knowledge is power. Knowledge shared is power lost.
  2. More filesystems by toQDuj · · Score: 4, Insightful

    Well, I hope that it now supports more filesystems, because mucking about with FAT on MacOS X didn't appeal to me last time.

    --
    Every experiment which ends in a big bang is a good experiment.
    1. Re:More filesystems by Anonymous Coward · · Score: 5, Informative

      It still only creates FAT file systems, but you can reformat to whatever you want afterwards. I tried it with both HFS+ and ZFS and it seemed to work fine.

    2. Re:More filesystems by Anonymous Coward · · Score: 4, Informative

      Or you can create your own filesystem? I don't know how it works on the mac, but on windows & linux truecrypt just creates an encrypted disk which you can format with any filesystem you like. Just create the container file filesystem type 'none' and format it yourself.

    3. Re:More filesystems by Tumbleweed · · Score: 5, Funny

      And mucking about with Reiser[FS] doesn't seem to appeal to anyone right now.

      Yeah, but if you're already in trouble, you could make a deal by showing them where you hid the filesystem.

    4. Re:More filesystems by Tumbleweed · · Score: 3, Funny

      Tumbleweed will be here all night.

      All too true...

  3. Local admin rights on Windows by millwall · · Score: 4, Insightful
    I work as a consultant and often use Truecrypt on my USB key in traveller mode on sites where I work. The top thing on my wishlist is to be able to run/install Truecrypt on a Windows machine without admin rights.

    The issue is described in full here:

    [..] In Windows, a user who does not have administrator privileges can use TrueCrypt, but only after a system administrator installs TrueCrypt on the system. [...]

    Full release notes can be found here.

    1. Re:Local admin rights on Windows by TheLink · · Score: 4, Insightful

      You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

      You should copy the files that you don't mind exposing, to the unencrypted partition of the USB key or a different no crypto USB drive.

      --
    2. Re:Local admin rights on Windows by Jah-Wren+Ryel · · Score: 4, Insightful

      You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

      You should copy the files that you don't mind exposing, to the unencrypted partition of the USB key or a different no crypto USB drive.

      Obviously his specific use for truecrypt is to protect data in transit, should he lose the USB drive.
      I think that's a very common scenario.
      Your 'solution' completely negates the value of that use of truecrypt.

      --
      When information is power, privacy is freedom.
    3. Re:Local admin rights on Windows by Anonymous Coward · · Score: 5, Informative

      I work as a consultant and often use Truecrypt on my USB key in traveller mode on sites where I work. The top thing on my wishlist is to be able to run/install Truecrypt on a Windows machine without admin rights.

      The issue is described in full here:

      [..] In Windows, a user who does not have administrator privileges can use TrueCrypt, but only after a system administrator installs TrueCrypt on the system. [...]

      Full release notes can be found here.

      You dont need Admin rights with TCexplorer
      Ideal for USB key
      http://www.codeproject.com/KB/files/TCExplorer.aspx

    4. Re:Local admin rights on Windows by EvanED · · Score: 5, Insightful

      You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

      I'm not the OP, but this is being sillily unreasonable.

      For instance, I don't have admin rights on the computer in my office. So maybe I don't want to trust this computer entirely. But if I'm walking back and forth with my USB key most days, the major threat is me leaving the key sitting on the bus seat or something like that, not information being stolen while I'm on the work computer.

      It's not like just because you don't control a computer you don't trust it at all, or that just because something is in a TrueCrypt volume it's extremely sensitive.

    5. Re:Local admin rights on Windows by Atti+K. · · Score: 4, Insightful

      For instance, I don't have admin rights on the computer in my office. So maybe I don't want to trust this computer entirely.

      I do have admin rights to my computer at the office, but I don't trust it 100%. Why? Because any network admin in the company also has admin rights on it. And of course it was not installed by me, and runs some of their custom stuff...

      --
      .sig: No such file or directory
    6. Re:Local admin rights on Windows by AlterRNow · · Score: 5, Informative

      You mean like this: http://sourceforge.net/projects/tcexplorer ?

      --
      The disappearing pencil trick. Let me show you it.
    7. Re:Local admin rights on Windows by subreality · · Score: 3, Insightful

      I'm not the OP, but this is being sillily unreasonable.

      Not necessarily. Do you consider your data safe in the hands of everyone who has admin rights to the machine? Do they keep the machine patched and secured to a level appropriate for your secrets?

      The answers to these questions depend on your threat model.

    8. Re:Local admin rights on Windows by Atti+K. · · Score: 3, Informative
      Of course, I use truecrypt on it, but mostly for work stuff.

      By the way one useful feature of truecrypt on windows is "mount volumes as removable drives". Windows by default creates admin shares (C$, D$ and so on) for each fixed drive. So a network admin can just connect to \\myip\D$ to take a look at my D: drive. If I mount my truecrypt volume as, let's say E:, an E$ share is automatically created and is accessible for any user (domain or local) with admin access to my machine. If I mount my TC volume as removable, no admin share is created.

      Of course there could by other ways to access a volume on the computer, but let's not make it obvious with a new share that an additional volume is mounted.

      --
      .sig: No such file or directory
    9. Re:Local admin rights on Windows by FictionPimp · · Score: 3, Informative

      I think this fits the bill.
      http://www.codeproject.com/KB/files/TCExplorer.aspx

    10. Re:Local admin rights on Windows by TheLostSamurai · · Score: 4, Informative

      It appears that, according to the author, the latest version of TCExplorer (1.6) released on 9/29/07, did not work with the previous version of TrueCrypt (5.0). I am assuming then that it will probably not support version 6.0. Also, keep in mind that TCExplorer is just a GUI for OTFExplorer created by Josh Harris. Meaning the OTFExplorer code will have to be modified in order to update compatibility, which neither author is apparently willing to do.

      Any other coders have time to update these projects? I know I don't, but it would be a great service to the OSS community if someone could.

      --
      I am Jack's complete lack of surprise.
    11. Re:Local admin rights on Windows by khellendros1984 · · Score: 3, Insightful

      The whole point of encryption is to make the algorithms as well-known as possible. After all, *anyone* can create encryption strong enough that they don't know how to break it. What you want is to have the smartest possible people looking at your code, to make sure someone above you hasn't found something sneaky that you didn't think of.

      --
      It is pitch black. You are likely to be eaten by a grue.
  4. Only works if it's default install by TheLink · · Score: 4, Insightful

    All this crypto stuff only works well if it's part of the default install and config.

    Otherwise users get exposed to "rubberhose cryptography".

    Basically if all users even Joe Sixpack get an encrypted partition by default, then people using crypto will be safe - they have plausible deniability.

    --
    1. Re:Only works if it's default install by apathy+maybe · · Score: 5, Informative

      Yeah, but Truecrypt has a defence against that. It is called "hidden volumes". Basically, you create a container, use it for porn or financial records (something that you have a legitimate reason to want to hide, from the wife or identities thieves for example), something that you access often. Then you create a hidden volume that is put at the end of that volume, which to access requires a second password.

      There is no way of knowing if that second hidden volume exists unless you have both passwords.

      If you access the first volume without both passwords, then you can just wipe over whatever information you have stored in the hidden volume.

      Oh yeah, I love TrueCrypt. It's groovy.

      --
      I wank in the shower.
    2. Re:Only works if it's default install by eiapoce · · Score: 4, Funny

      ;) That is to say that you carelessly watch and upload too much porn without both password and you loose all those important TPS reports....

    3. Re:Only works if it's default install by TheLink · · Score: 5, Insightful

      Get a clue.

      Does Joe Sixpack's computer come with Truecrypt? Does it come with a truecrypt container preinstalled?

      The answer is NO.

      So if the wrong people find Truecrypt on your computer guess what happens to you. If you say "Nothing" well: "Wrong answer!". They may give up after a few days of giving you the treatment, but it still means you get the treatment.

      Whereas if everybody had truecrypt AND an encrypted partition, they could a) try to waterboard everyone, b) wait till they have more evidence.

      And that is why I reported this bug/feature request: https://bugs.launchpad.net/ubuntu/+bug/148440

      Encryption must appear to be in _use_ by default by all users, then you get safety in numbers. When even your grandma using Ubuntu has a crypto partition, things are better for the people actually using it.

      --
    4. Re:Only works if it's default install by |DeN|niS · · Score: 4, Insightful

      Stop being an idiot and read up on it. You can *not* tell. And it certainly does not show up as free space. You can *not* prove OR disprove the existence of another hidden partition. Period. "Trained to look for it", oh please.

    5. Re:Only works if it's default install by auric_dude · · Score: 5, Insightful

      I followed this back to the Ubuntu bug report 148440 and see that a comment has been added https://bugs.launchpad.net/ubuntu/+bug/148440/comments/4 that I think says it all.

    6. Re:Only works if it's default install by Splab · · Score: 4, Informative

      Think you totally missed the point.

      You put plausible data into the encrypted volume, when they ask for your password you give it up, they access the encrypted volume and see you got porn/financial stuff/what nots you don't want others to see. What they can't see is the fact that there is another volume hidden inside this, which there is no way of knowing unless you got the second password. Waterboarding the person makes no sense since he has already given up the password giving you access to the "entire" volume.

    7. Re:Only works if it's default install by houghi · · Score: 5, Funny

      Great!. Now everybody will think I have a hidden partition, because I have she-male porn. Uh I mean, never mind.

      --
      Don't fight for your country, if your country does not fight for you.
    8. Re:Only works if it's default install by Minwee · · Score: 5, Insightful

      I have no hidden volume. I use truecrypt as a simple and easy way to keep my clients personal data secure.

      No, I'm quite positive that you do have a hidden volume. It's where you're storing all of your terrorist secrets, and unless you reveal the password then this ballpeen hammer has a date with your fingers.

      Still don't want to talk? Maybe you just need a little more electricity.

      We'll stop when you are able to prove to the nice men who are protecting your country that you _don't_ have a hidden encrypted partition, and then they will let you go.

    9. Re:Only works if it's default install by vux984 · · Score: 3, Insightful

      Unless it has a password that will *securely* wipe the hidden volume when entered, then it only has an illusion of a defence against that which is in reality no more than another example of security by obscurity.

      Worse thant that, anyone with half a clue will be working on a clone of the original drive. No point in needlessly potentially damaging evidence. So if your dealing with someone competent, and who has time on their hands to do things right, a secure erase panic password will buy you nothing.

    10. Re:Only works if it's default install by TheLink · · Score: 3, Insightful

      Just change 1) in the original bug report from:

      " Have crypto tools installed by default (if the user does not select the "use of encryption is illegal in my country" checkbox)."

      to

      " Have crypto tools installed by default (if the user does not select the "don't install encryption" checkbox)."

      If the UK courts are going to jail your grandma just because she has an Ubuntu install with a container she has no key too, then I think grandma is living in the wrong country - in the old days the UK courts had the "Reasonable Man" thing, maybe now things have changed.

      I see it more as a bug in the UK law than a bug in my proposal.

      --
    11. Re:Only works if it's default install by TheLink · · Score: 5, Interesting

      Why wouldn't they interrogate you further? They can read the Truecrypt feature list for themselves.

      Already a Mr Chris Jones has an issue with my proposal because he seems to think that the UK government would waterboard users in the UK if Ubuntu has a default encrypted partition they might not have a key to.

      If Chris Jones is right that the UK Government would do such a thing, then they would be far more likely to waterboard you for voluntarily installing truecrypt, voluntarily creating a encrypted volume (or two) AND not handing over "all" passwords. Even if you don't even have a hidden volume.

      If you have a Government willing to mistreat people for using a distro that does what I propose, they would definitely mistreat people who use Truecrypt.

      So my proposal makes the most sense.

      --
    12. Re:Only works if it's default install by jeevesbond · · Score: 5, Interesting

      Actually, there was a conversation about this last time the subject of TrueCrypt came up. Unfortunately it went mostly unnoticed, because a forensic investigator can tell if a hidden partition is present, masquerading as free space:

      A data forensic specialist will look at all these free blocks, and guess what your SCSI/IDE/FC harddrive tells them in the low level meta data how many seek misses I've had in each area of the disk. Why are you seeking around a lot in data that is "free". OH NO! I just figured out you have secret data on the drive, and I can request the court to compel you to disclose the key.

      I think you, and many other Slashdotters have 'Reiser Ego' (coined!) You see TrueCrypt as an extremely clever and infallible tool you can use to circumvent the stupidity of courts and the dunder-heads who work in computer forensics. For the most part however, these people are not stupid, and geeks are not able to avoid prosecution via their l33t h4xX0r skills.

      I fear big egos will lead many geeks to underestimate their adversaries. Feel free to prove me wrong, of course. :)

      --
      I'm going to transform myself into a mighty hawk. Either that or I'll just go and work at Dixons, haven't decided yet.
    13. Re:Only works if it's default install by vux984 · · Score: 3, Interesting

      Stop being an idiot and read up on it. You can *not* tell. And it certainly does not show up as free space. You can *not* prove OR disprove the existence of another hidden partition.

      Actually you can disprove the existence of another hidden volume in the corner case that the visible volume is full.

      You can also eliminate the hidden volume by filling the visible one. Be interesting to see if law enforcement would be satisfied with just zeroing out the free space in your 'visible' volumes at the borders, thereby destroying your hidden one(s).

      They might not 'catch a criminal' this way, but it could be seen as 'preventative'... no point in smuggling illegal data in a hidden truecrypt volume if they routinely destroy them. They can destroy hidden volumes without knowing they are there.

    14. Re:Only works if it's default install by eht · · Score: 5, Insightful

      Simple reason why I had seeks to an area that looks empty, it's because I *used* to have files there before I deleted them, then since I'm savvy enough to use Truecrypt, I ran one of those wipe programs that overwrites it with garbage, hence what you see if you look at the drive forensically, garbage.

      I came up with that in the time it took to read your post.

    15. Re:Only works if it's default install by v1 · · Score: 3, Interesting

      Stop being an idiot and read up on it. You can *not* tell.

      Don't offer advice you're unwilling to take.

      Circumstances may make this very possible to identify. Allow me to provide an example and suggest some alternatives:

      Lets say you have a 100gb hard drive, and have decided to break away 15gb of that for an alternate volume. Since the OS has to be on it, it can't be very small (300mb for example) as you could do normally with an obvious encrypted disk image document. TrueCrypt choses a place somewhere within the 100gb drive to place it. Lets say it's at the 60-75gb region.

      The most plausible deniability for this would be to use the "trojan" 85gb of space for your everyday use, and only reboot into the hidden volume when you had "sensitive work" to do. This would provide many examples of consistent access to the trojan, lending it credibility as being used. If you (almost) always booted into the hidden volume, it would be an easy giveaway since files rarely got modified on the trojan, so this behavior is required.

      Unfortunately, over time data is spread around on your hard drive. All current OS's move the next available block pointer forward on the drive as it's used. (space is not used on a "closest to start of volume first" basis beause that can be extremely inefficient and lead to severe fragmentation) So eventually disk usage will run into the hidden partition.

      If you've provided your 2nd password, truecrypt will "hop" over the hidden partition to avoid damaging it. But that's the problem. If you continue to use your trojan partition, a simple look at used disk space will see a fairly even coverage mix of free and used blocks, except for one conspicuous, contiguous 15gb chunk of unused space, smack in the middle of the "only volume" on the disk. It could be very difficult to explain to someone analyzing your drive.

      ya, right. Now lets have the SECOND password please. (points gun)

      There are many ways to fix this problem which have not (as of yet) been implemented by truecrypt:

      1) instead of mounting an entire new bootable volume, simply mount a small hidden disk image. That could be 300mb or so, enough for quite a few sensitive documents. A 300mb continuous hole in the free space could be a single AVI file that got deleted a month ago. Totally inconspicuous.

      2) instead of reserving a contiguous block of 15gb, it could be cut up into many smaller random length parts. (as in, thousands of pieces of 20-200mb in size) In fact, BOTH the trojan and hidden volumes could occupy almost the exact same space except for their directory start. With both passwords provided, whether you booted into the trojan or hidden, it would consider the union of used blocks on both hidden and trojan partitions when looking for free space to allocate. This has many benefits, including breaking up suspicious free areas into small innocent pieces, and removing the restriction of the hidden partition's size. Without this, if you set aside 15gb and find you need a little more space, you'd have to reformat and it'd be a huge mess. Since both partitions "share" the free space until it's all used, by this technique you could slowly use up all 100gb of your hard drive in any combination of trojan/hidden volume you wanted to, making it much more convenient and future-proof.

      Both (1) and (2) are still vulnerable to backup analysis, although (1) would be much more difficult and certain. If you can compare the free blocks between two distant states, say a year apart, you could determine with some certainly that there are more blocks that have remained marked unused over time than should be, so "something's preventing writing to these blocks", placing suspicion on the drive.

      If you insist on continuing to use truecrypt, you'd be advised to make sure the hidden partition is near the end of the disk, and that you defragment used AND free space often, so that the scattering of newly allocated files never gets very close to your hidden partition. While inconv

      --
      I work for the Department of Redundancy Department.
  5. Relevant links by Oscaro · · Score: 5, Informative

    Project homepage is here: http://www.truecrypt.org/
    Release notes here http://www.truecrypt.org/docs/?s=version-history

    (Btw, these links should be in the article, instead of an external (sponsored?) one).

  6. Great - I'll keep my geek-cred by Chrisq · · Score: 5, Funny

    It now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.

    Great, I can now maintain my geek-cred by hiding the fact that I sometimes have to boot into Windows to run things like a GPS map updater. No more microsoft on the boot menu.

  7. Re:A good defense... by apathy+maybe · · Score: 3, Informative

    Yes it is a good defence against that. Border guards aren't going to have enough time to find your encrypted containers while you are there, and if you have to give up your laptop, or if they take a copy of the HD, then they can't access the information because they don't have the password (and they can't force the password out of you, because you have already re-entered the country (assuming you are a yank)).

    And if they do find a container, and force you to give up the password http://it.slashdot.org/comments.pl?sid=606473&cid=24097339 hidden volumes as described in that post.

    --
    I wank in the shower.
  8. Sad by ebonum · · Score: 5, Insightful

    It's sad. I often travel between the US and China on business ( I live on the China side ). I've always been careful with sensitive data, but now I'm absolutely fascist. Why? I have no fear of the Chinese government. Besides, I work for a Chinese company. I fear my own country illegally accessing files to which they have absolutely no rights whatsoever.

    Honestly. If someone works for the US government, pulls some CEO's laptop at the boarder for "inspection" and gets free access to all the company financials, would they do the right thing? How many semi-intelligent people wouldn't be tempted to start buying stock options or call their best friend with a really good "tip"? Even if they SEC investigated, they would never find the link.

    Over the last several years, I've always been treated very respectfully inside China and going to and from. It is in the US, my own country, where I'm treated as if I'm already guilty.

    Back to the topic at hand. TrueCrypt is a wonderful product. Everyone should be using it.

    1. Re:Sad by slyguy135 · · Score: 5, Interesting

      I have no fear of the Chinese government.

      Wow, what Kool-aid have you been drinking? I've been to China many times too, and love the place, but I'm afraid you're being seriously delusional if you think it's safe to be that blasé around the Chinese authorities. The American search procedures at the US border would indeed be unconstitutional were they conducted in the country, but at least you know up front what the rules are. In China, your rights are vague at best and your recourse to law is minimal. If next time you enter China the border officers did decide they are going to take your laptop away, what could you do about it? Oh, but if they're polite, then that's OK, right?

      Fanboyism of China is not helpful to the country and unattractive, so please stop it; it's embarrassing, and even potentially dangerous.

    2. Re:Sad by bhima · · Score: 5, Interesting

      This absolutely mirrors my own experience. I live in the EU and I travel mostly around the EU and Africa. When I get to the US I'm treated as a convicted criminal and I'm a US citizen. I am routinely hassled and threatened by petty dictators of nano-dictorships. Which I find completely bizarre... Hell the security & customs agents in Zimbabwe are more polite than the ones in Atlanta.

      Another thing I find complete asinine is that little form you fill out saying where you are going stay while you are in the US. I've been staying at 1600 Pennsylvania ave. for going on 6 years and no one has so much a blinked.

      --
      Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
    3. Re:Sad by bhima · · Score: 3, Funny

      And that he hasn't is crushingly depressing.

      --
      Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
    4. Re:Sad by Gulthek · · Score: 3, Insightful

      If next time you enter China the border officers did decide they are going to take your laptop away, what could you do about it?

      What could you do if your laptop gets taken at the US border? File a complaint? Woot.

      Chiming in with the GP here, I feel much safer and much better treated going into China than going into the US. There I am treated as though I am an actual person, here I am treated as though I am an annoyance.

      If DHS gets their way, we'll be treated worse than that. DHS wants to require all airline passengers to wear a taser bracelet

  9. Re:OK by HungryHobo · · Score: 5, Informative

    actually you can. with truecrypt I can create an encrypted volume which is just a file on my hard disk. say it's 1 gigabyte. To access it I have to type in my password "secretpass" I see a 1 gigabyte volume. now I can stop there. it's encrypted strongly enough to protect my files. I throw 200 MB of porn/corporate data/personal emails/photos of my girlfriend on there. it shows as 800MB free. Now I create a hidden volume 800 MB in size. In there I put my plans for how to kill every politician, the details of my drugrunning opperation, the plans for a nuclear weapon. etc etc etc. to access this I have to type in my second password "password2" So I boot up truecrypt, select the 1 gig file which is my virtual drive, type in "secretpass". What I then see is a 1 gig drive with 800mb free space and lots of semi-important files. if I open that same file with "password2" I'll see an 800MB drive almost full with highly important documents. There is no missing hard drive space, no hint at all that there is anything but the first drive unless I enter the second password. (side note, if you add files to the first drive then there's a chance that you'll overwrite files on the hidden drive since unless you enter that password as well then truecrypt can't see that it's there.)

  10. One question by Anonymous Coward · · Score: 5, Funny

    True crypt is fabulous. But is it good enough to hide a body?

    Hans

  11. That might betray the presence of a hidden volume by Anonymous Coward · · Score: 5, Interesting

    - depending upon the file system.

    For instance, if you used ext3 then mkfs.ext3 is going to put backup super blocks all over your disk. If you then setup a hidden volume later on, some of those backup super blocks are going to get over written. An attacker - to whom you've been forced to reveal your outer volume password - could easily discover that the backup super blocks aren't the same as the real super block and deduce that you're using a hidden volume that you didn't tell them about. You could, when formating, tell mkfs.ext3 not to use any backup super blocks - but that also might look a bit suspicious. Just food for thought.

  12. Low powered PC by DrYak · · Score: 3, Interesting

    A not very powerfull small factor PC (some subnotebook barely good enough to run Linux - no need for the latest über-UMPC able to withstand Vista), with which to decrypt the content on arrival seems to be the only current solution.

    At least, as an over-powerful laptop isn't needed, at least this isn't very expensive.

    Also, has TrueCrypt been ported to PDAs ?
    A PDA running TrueCrypt and dual SD+USB hybrids cards (Sandisk and OCZ produce such beasts) seems another even cheaper solution.
    If the data can't be decrypted on the target machine when plugged with the card's USB connector, then plug it into the SD port of the PDA and decrypt data from there.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  13. Re:Suggestion: Truecrypt LiveCD -Stealth- Install by 0xygen · · Score: 3, Informative

    This is discussed in the "plausible deniability" section of the TrueCrypt docs.

    The recommended solution is to ensure you have a plausible use for the existing installation of TrueCrypt, for example some porn or customer records in a separate container, allowing you to deny the existence of the real container.

    This means you do not have to put yourself in a situation where you are denying using TC and one tiny mistake could indicate that you have used TrueCrypt when no visible TC volume is present.

    On the other hand, I'm sure most of the bootable Linux LiveCDs will continue to include TrueCrypt.
    If you want to do it with Windows, use BartPE as discussed in the TrueCrypt FAQ.

  14. Re:OK by HungryHobo · · Score: 3, Informative

    you seem to have missed the point in a big way. You see a truecrypt container. You hold back the rubber hose or start with the thumbscrews. after much screaming they give you a password. You see a 1 gig volume with 200mb of confidential and mildly valuable files and 800mb of free space. It's is utterly plausible that this is all there is. there are no more files. you've got all you're gonna get. no hidden volume. Now you might try some more torture but your victim is also aware that there is no proof at all that there is any more to find. Perhaps I have a 1 gig volume with 998MB used on the outside with a 2 MB hidden volume where I keep my plans to kill the president. as for a dictionary attack, you haven't ever tried this have you? if there's a decent password then it will take you about a million years(or more) to brute force it using every computer on earth.

  15. Independence day? by Atti+K. · · Score: 5, Insightful

    While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend.

    That might not be just a coincidence.

    --
    .sig: No such file or directory
  16. NSA backdoor? by Cur8or · · Score: 4, Funny

    Does anyone know if the backdoor has been made a little more user friendly? The current one takes like 3 minutes to decrypt without the password.

    --
    Winkey shortcut mapping for 64bit windows. WinKeyPlus
  17. Re:Breaking volumes by Splab · · Score: 5, Insightful

    You know, if law enforcement "fucked up your volume" as you so nicely put it, they have just destroyed whatever evidence you where trying to hide. So why would anyone using true crypt have a problem with that?

  18. Re:Breaking volumes by mrvan · · Score: 5, Insightful

    AFAIK, yes, if you fill the decoy volume it will kill your hidden volume.

    which makes you wonder how long it'll be until a tool is developed for law enforcement specifically designed to fuck up these volumes.

    They can only do that if they've confiscated your laptop *and* acquired your 'decoy' password. At that point, your only concerns are they not getting your data and you being able to deny the data is there in the first place.

    Somebody deleting all your sensitive files is not a bad thing to happen at that point.

  19. Re:OK by vidarh · · Score: 4, Informative
    You miss the point. Anyone who truly has something to hide to the extent of worrying about torture will have an utterly plausible explanation or ten prepared. That won't stop someone who is willing to use torture from continuing until they get more or you have resisted for so long that they believe you are telling the truth when you're saying there is no more.

    So when they get the first password, they continue until they get another or they decide there's no way you could have withstood that much. And when they get your second password, they'll still go on in the hope of a third, unless the data they find would totally fill the disk.

    Each time you give up something, they'll assume there may be more until they've kept torturing you for a long time without getting any more information.

  20. It's not a silver bullet but it's good enough... by mrboyd · · Score: 4, Insightful

    I have started using TrueCrypt a few months back after my laptop got stolen. I keep two encrypted files on my laptop, one contains my personal stuff like passport scan, bank information etc. and the other the work related important documents such as internal&confidential documents, client information etc. I have buried those files in the system folder and given them name that could pass for system temp files.

    I keep a copy of both on a USB key drive and on an external hard drive which never leave my home. As well as a non-encrypted copy because I'm still wondering what happens to that encrypted file if I happen to have a fucked up cluster on the drive at some point.

    The rational for using encryption is not that I am afraid of the local authorities, there is nothing on my computer that would cause me any long lasting trouble, despite the fact that I live and work in a limited freedom area (Middle East), but simply to avoid opportunity theft.

    For example I can't recall how many time one of my clients or partner handed me a usb key drive containing all his companies financial statement, bank account number, internal price list with profit margin, internal memo, personal info and the wifey's naked picture so that I could copy them a few documents and then forgot about the keydrive because we kept chatting.

    Sometime I too need to get some files from them and I don't want to look like I'm watching them while they dig around my keydrive. I now know that everything a casual observer should not see is encrypted so I don't mind throwing my key drive over the table to someone I don't know.

    I don't understand the paranoid people here who believes in plausible deniability, decoy drive and other such thing. I also wonder if the same people only use their computers in safe room with controlled EM environment and bullet proof shade.
    I didn't know either that so many people carried state secrets around international airports. To those I will say that if the NSA/FSB/Interpol/MI4/Mossad/Mafia or even the local police wants the content of your drive they will get it. period. It doesn't matter what you do. Unless of course you also work for one of the aforementioned in which case you might have been trained to accept that your life is worth less than the content of said drive.

    I have never been subjected to physical or psychological torture (aside from clients and some ex-gf of course) but I am not Jack Bauer and I would "come clean" very quickly. I would give the real password, not the decoy, because I believe consequences would certainly worsen my situation if my interrogators were not convinced.

    I am also pretty sure that the simple sentence: "The accused has so far always refused to give his encrypted drive password." would certainly help convincing a jury beyond "reasonable doubt" (In countries where such thing even exists).
    Some people here should start to seriously look at themselves and wonder if what they are trying to hide is really worth it or if it's just about mommy not finding their downloadable girlfriend picture collection.

  21. Re:OK by ps236 · · Score: 4, Informative

    Even the NSA would have to devote a significant part of their resources. 95^12 is over 500 sextillion combinations. So, say you've got a really really fast CPU that can do 1 billion test decrypts a second (which is unfeasibly fast at the current time). It would take that computer over 17 million years to find the password.

    So, let's say that the NSA has a million CPUs at their disposal, it would still take over 17 years to decrypt. So, they'd have to be pretty sure that you have some seriously cool porn on your PC before they start devoting 100,000,000 impossibly fast CPUs to the task of cracking your password in a couple of months.

    The Storm Botnet would take centuries to hack a random 12 character password (it would cut down on spam though).

    Of course, if you choose 'password' as your password it might not take quite as long.

  22. Here's the non-spam link, dickhead by Legion303 · · Score: 4, Informative

    http://www.truecrypt.org/news.php

  23. Who said it's torture-proof? by argent · · Score: 4, Insightful

    If you have to worry about it being torture-proof, you're almost certainly dead anyway.

    All it needs to be, for most people, is audit-proof.

    And for that you need a business case for having it. Porn is probably not a good choice.

  24. Detecting Truecrypt. by argent · · Score: 3, Interesting

    Normally, unused blocks on a drive have whatever data pattern the formatting software puts there (typically something like "FFFFFFFFFFFFFFFF..." or "55AAAA5555AAAA55..."), or remnants of other files, or parts of free block lists and empty extents and the like. If you have a big chunk of random noise in the middle that's an indication that you've got an encrypted volume in there somewhere.

    1. Re:Detecting Truecrypt. by BountyX · · Score: 3, Informative

      Right, but how can you tell if the encrypted volume contains another encrypted volume (the hidden volume). That's the thing, the hidden volum eis designed to be encapsulated in the encrypted volume. Plausible deniability is only offered in the hidden volume functionality.

      --
      Trying to install linux on my microwave, but keep getting a kernel panic...
  25. Multi-core support by technienerd · · Score: 3, Insightful

    No one seems to be commenting about the new features of this release but simply on TrueCrypt in general. Am I the only one excited about the multi-core/processor support? Finally a piece of systems level software that scales with the number of cores! Makes getting a multi-core processor all the more worthwhile.

  26. An open letter to all the paranoid freaks... by jockeys · · Score: 3, Insightful

    Dear paranoid freaks,
    if you are so concerned about getting captured and tortured for normal/hidden/hidden(hidden)/hidden(hidden(hidden)))/ad naseum passphrases, then quit having digital copies of your stuff in the first place.

    99% of the TrueCrypt userbase is just fine using it on jump drives to keep stuff secure from the guy who finds it when you lose it on the train/plane/whatever.

    Quit making up impossible "movie scenarios" (there, I used a Schneierism, you HAVE to respect me now!) about how gov't agents are going to come in black helicopters for your fetish vids and the 200 page backstory you wrote for a character you rolled in middle school. No one cares.

    Yours truly,
    -Reality.

    --

    In Soviet Russia jokes are formulaic and decidedly non-humorous.
  27. Re:That might betray the presence of a hidden volu by PRMan · · Score: 4, Insightful

    Since I didn't understand anything you just said, and I'm a C# Programmer who has Ubuntu installed on a few machines, I highly doubt the $10/hour lunk at the airport is going to notice...

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
  28. WindowsCE != WindowsXP but Linux: PDA ~PC by DrYak · · Score: 4, Informative

    Would this even be necessary? I can install and run Truecrypt off of a USB Thumb drive or an SD card on a Win or Lin based PC.

    Yes it's necessary, because currently in Windows there's no way to run TrueCrypt unless you have admin privilege on the target machine.

    The original parent wanted to use TrueCrypt to secure data before transporting them (so the loss of the USB key isn't a critical leak) and then being able to retrieve the data from the USB key once arrived at the destination, EVEN if he doesn't have admin access on the machine on which said key is plugged (and thus can't install TrueCrypt from the key).

    If you use a Windows PC to install the Win version of Trucrypt, and then plug the SD card into a Win-based PDA, would it not function normally?

    No. Won't work. The only thing that "Windows CE" and "Windows XP" have in common is having the word "Windows" appearing in their names. As other have pointed out both don't even run on the same architecture (x86, AMD64 and Itanium for WinXP ; ARM, MIPS and SuperH for WinCE).

    So :
    - either you run the usual TrueCrypt on a portable device that runs Windows *XP* (or Linux or BSD or Mac) - this was my first suggestion, anything cheap like an Asus EEE PC or an OLPC is OK.

    - or you use a PDA running Windows CE (or Palm OS, or Symbian, or RIM) and use a TrueCrypt version that was adapted for the differences and recompiled for the processor.

    That was my second suggestion : if there exist a version of TrueCrypt which works on PDA, then the PDA could be used to do the decryption (but stock WinXP software can't run on WinCE).

    Linux is an exception : the Linux running on PDAs (Sharp Zaurus, Nokia Maemo, Trolltech GreenPhone, OpenMoko/FIC NeoRunner, etc...) is much closer to the full Linux running on desktop.
    Usually the graphic interface is different (often the PDAs don't have X-Windows but use special purpose GUIs) but the system are POSIX compliant and any console software usually run as-is after being simply recompiled from source (because the processors are still different and the binaries are different - but the source is the same for console applications).
    So that's the exception to the rule.
    Note: That also true for a lot of different Linux enabled appliace (modem/routers, file servers, etc.) - although lots of them have very limited resource which put a hard top at what you can manage to get run.

    Also, Apple is touting that their desktops' Mac OS X and the iPhone and iPodTouch's OS X are similarly very related, and some developers (like Epocrates who are making medial PDA software) have mentioned that porting their application to the portable OS X was a matter of couple of days.
    On the other hand, I haven't heard the iPhone / iPodTouch having a POSIX-compatible console environment (still hearing that the current SDK imposes limits on what can be done), so I don't know if getting a console application to work on those platforms is a simple matter of recompile.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  29. Re:That might betray the presence of a hidden volu by shaitand · · Score: 3, Funny

    As a Perl-Fu artist who has been living in a world of *nix for the past 12yrs. Let me just say that seeing someone use Ubuntu doesn't clue newb to me.

    On the contrary, Ubuntu is the only system I have seen that provides functional GUI interfaces that don't cause me to have to jump through hoops to do any sort of advanced manual configuration.

    I'm all for power, but someone who chooses Slack or regular Debian over Ubuntu is probably the type who likes hot wax poured on their balls.

  30. Re:That might betray the presence of a hidden volu by CodeBuster · · Score: 4, Informative

    It was my understanding that FAT was selected because it's inherent properties allow for plausible deniability which was a stated feature and goal of the TrueCrypt project.