Slashdot Mirror
Schneier, UW Team Show Flaw In TrueCrypt Deniability
An anonymous reader writes "Bruce Schneier and colleagues from the University of Washington have figured out a way to break the deniability of TrueCrypt 5.1a's hidden files. What about the spanking-new TrueCrypt 6? Schneier says that 'The new version will definitely close some of the leakages, but it's unlikely that it closed all of them.' Meanwhile, PC World is reporting that the problems Schneier and colleagues found are bigger than just TrueCrypt. Among their discoveries: Word auto-saves the contents of encrypted files to the unencrypted portions of your disk, and this problem should apply to all non-full disk encryption software. Their research paper will appear at Usenix HotSec '08."
HotSex 08? Where do I sign up!
Caesar si viveret, ad remum dareris.
Comment removed based on user account deletion
you run at least full disk encryption. If one needs further plausible deniability, THEN you can run truecrypt. Also, cleaning out temp files should be a regular occurrence, as should running on an encrypted swap file/partition.
I would look into EFS, it's not great but it is built in XP Pro, 2003 definatly probably 2000 server and possibly 2000 pro. It seems to fill your requirements of built in to the OS encryption.
They should use a one time pad
You mean like Bitlocker or EFS?
So Vista, Word, and Google Desktop make truecrypt less viable? Im Shocked I tell you! Shocked. Please..If you are serious about using truecrypt please tell me that you are savy enough to know how to get around some of these holes. Googledesktop?-aka, I spy on everyone and read your brain desktop? Its like saying my iron has a security hole if someone installs a hardware keylogger on my system. Duh! But just because Schneier is involved, the hacking gods must bow and agree with every word he says. Anyway, now Im rambling, but I use truecrypt only on my secure linux box, which doesnt have these problems. I hide all my stuff that would get me into lots of trouble if!@#@!#%T^GD no carrier
"It's ok, I'm completely secure as long as my iron is off"
Windows should build in a encryption program like on Mac OS X
You mean like Bitlocker?
True Crypt has a problem eh... Windows should build in a encryption program like on Mac OS X. It would stop a lot problems and it would be Microsoft managed and it would work better because they have all the code for the OS and can provide a better service. In the Mac OS, there are no bugs that I have discovered yet on the built in encryption program. I would hope that True Crypt fixes this bug because it is a great program.
I know there's often mindless maclove on /., but please try to think before posting. So, just to play along, what software do you propose to use on the mac to provide deniable encryption?
SJW n. One who posts facts.
Meant to say ironkey =)
"It's ok, I'm completely secure as long as my iron is off"
If you're like me (meaning that you pay attention to what you read), you may be wondering what in the world "Word and auto-saves" means. I wondered so much I even followed the link, and saw that the omitted term was Google Desktop, omitted because of very sloppy cut and paste of the article.
I'm an American. I love this country and the freedoms that we used to have.
Some of you may not be aware of the stature of Bruce Schneier in the field of computer security, so here is some background information:
http://geekz.co.uk/schneierfacts/facts/top
Bruce Schneier once decrypted a box of AlphaBits.
Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes.
Bruce Schneier knows Alice and Bob's shared secret.
Vs lbh nfxrq Oehpr Fpuarvre gb qrpelcg guvf, ur'q pehfu lbhe fxhyy jvgu uvf ynhtu.
Bruce Schneier's secure handshake is so strong, you won't be able to exchange keys with anyone else for days.
Bruce Schneier knows the state of schroedinger's cat
Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it.
When Bruce Schneier observes a quantum particle, it remains in the same state until he has finished observing it.
If we built a Dyson sphere around Bruce Schneier and captured all of his energy for 2 months, without any loss, we could power an ideal computer running at 3.2 degrees K to count up to 2^256. This strongly implies that not only can Bruce Schneier brute-force attack 256-bit keys, but that he is built of something other than matter and occupies something other than space.
Though a superhero, Bruce Schneier disdanes the use of a mask or secret identity as 'security through obscurity'.
${YEAR+1} is going to be the year of Linux on the desktop!
I prefer full-disk encryption anyway, IMO there is just less worrying to be done. Still, I wouldn't be surprised if Word put stuff in C:\Windows\TEMP\ by default.
I love FileVault in OSX though I never really researched the encryption used since I just use it out of habit and not for anything important. By all means, tell me why I'm a fool for using it...
Umm.. Word autosave metadata blabla what??
Hey, if you're serious about security to the point that you want to hide even the existence of encrypted data you should stay away from Word. This should be obvious anyone with a clue.
Nothing to worry about here. Three programs that I don't use: Vista, Word and Google Desktop. Though I think I'll be a little more aware of how the software I use can be looking around my computer and getting information without me realizing it.
Schneier et al don't break TrueCrypt's deniability, per se. They simply show that Word, Google Desktop, and other automatically-indexing programs may reveal a hidden partition's possible existence.
This is a concern, of course, but can be avoided by careful use of the software invoked when using a TrueCrypt partition (i.e. killing processes except for TrueCrypt, etc).
I believe there's also a portable version of TrueCrypt that can be used that leaves no traces on the OS install once you're finished.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
From TFA:
But Schneier, chief security technology officer with British Telecom and researchers from the University of Washington *found* that Microsoft Vista, Word, and Google Desktop each can blow the cover of files using this so-called âoedeniable file systemâ (DFS) feature.
Translation:
Renowned security experts state obvious security flaws of ciphered units and unciphered temporary folders, having nothing to do with plausible deniability
Windows should build in a encryption program like on Mac OS X
Uh... they did... 8 years ago.
They've had EFS (encrypting file system) since Windows 2000.
http://en.wikipedia.org/wiki/Encrypting_File_System
They've added BitLocker Drive Encryption with Vista (Ultimate & Enterprise).
http://en.wikipedia.org/wiki/BitLocker_Drive_Encryption
I have no particular beef with any of the software options for encryption, but if you want encryption worth its mustard - I say there is nothing besides Hardware encryption. Get one of the Full disc encryption drives with HW encryption if you need security. If you ask me, every laptop with any degree of sensitive information should use an FDE drive.
A little more on topic - can you recover old autosaves from disc after a save? can you recover old autosaves after the program is quit? what about after reboot?
Prediction: The real iPhone killer is going to be sex robots from Japan. Think about it.
They're not trying to decrypt files here, but just prove that files exist. TrueCrypt lets you put an encrypted volume inside an encrypted volume, such that if you mount the "outer" volume, you can't show evidence that there even exists an "inner" volume. However, if you mount that "inner" volume and use the files in it, Windows will make a Recent Documents shortcut to its location, thus disclosing the fact that there are files there.
I'm a TrueCrypt user, but not a DFS user, since I care more about the encryption than I do about plausible deniability, but I'm interested in trying this out. The test case might be along the lines of:
Since Spotlights also does a full-text search, does it cache any of that full-text data to make the next search faster?
I like music
Any government that would force you to give up such information short of a very serious incident is one that will likely torture the shit out of you until it has proven that either you have a will of steel or don't have an encrypted volume. The "hackers" used in the article are a red herring.
I like Bruce, I think he's got a lot of good insight, but when he spins up a "white paper" that basically says that applications are doing what they're supposed to be doing, and TrueCrypt isn't changing their native behavior, it does everyone in the "Security" community a disservice.
Bruce, if you're trying to make a point - make it. Don't sit there and *publish* nitpicky crap that basically is a bug (or lacking feature) of the software. You'd be far better to say that security applications do not provide adequate deniability, and then cite the sources.
The fact that this sort of stuff passes for "High academia" makes me weep. Let's try to do more than just scratch the surface and point fingers, shall we?
Spotlight's index is stored in the root of the volume it's indexing. Encrypted filesystems are independent volumes, so their indexes are stored in their volume root. The index of the primary filesystem isn't altered.
I'm not sure it leaks zero information -- there have been some bugs with Spotlight indexes and FileVault-encrypted home directories.
Seems that someone found a semi-reliable decryption mechanism that can not only stand up to that, but can reverse an even stronger algorithm known as "volcano".
Didn't mean to dash your dreams, but you know how the security game goes...
Quo usque tandem abutere, Nimbus, patientia nostra?
This has been bugging me and I wonder if anyone out there can answer this: would the write-leveling used by flash drives defeat deniability as well? After all, if the most recently written-to portions of the drive are in a supposedly unused block, isn't that a bit of a giveaway?
Really?
All of Mac OS X encryption operates on user-managed encrypted disk images (volumes) or "encrypted home directories" (FileVault), which is really an OS-managed encrypted disk image.
FileVault home directories are no stronger than your login password. As this password is stored hashed only once (albeit salted, as of 10.4), it had better be immune to brute-force-guessing. They're also only as strong as your system-wide FileVault recovery keychain, as a copy of the key is stored in that, too.
Non-FileVault encrypted images at least use 1000-round PBKDF rather than a single hash and don't, by default, use a recovery keychain. At only 1k rounds, though, it had still better be immune to brute-force guessing.
None of this addresses the fact that using a Mac OS X system with an encrypted directory still leaks information about the contents of that directory onto the unencrypted parts of the drive. In fact, if anything, TrueCrypt is better about not doing this than the Mac, though neither of them hide their tracks all that well. The best approach is to have TrueCrypt running full-disk encryption so that there's nowhere for data to leak to.
Opening an encrypted partition with Windows Explorer is also a risk, because explorer will happily cache the directory structure of everything you browse to. Those paths and filenames show up in the explorer history, even if the drive is offline.
http://www.policystew.com/
I encrypt using a one way algorithm know as "fire" that transforms all my secrets into ashes.
Since matter can not be destroyed, only changed, decryption is just around the corner. Also, AJAX will be used somehow.
Bay area venture capital welcome!
Try not to get any AJAX into the cuts on your hands, or the burns from your fire algorithm....it really hurts.
Disclaimer: The opinions and actions of the US Gov't are in no way representative of those held by this author or its ci
Depends, but then you can do turtles all the way down.
So, have an encrypted (obviously visible volume) that has "boring" stuff in it, like your basic groceries accounting and letters to grandma. Have a hidden volume that has embarassing but non-incriminating stuff (porn folders). Have a hidden volume inside THAT that contains embarassing stuff that you'd pretend people shouldn't really want to find out (eg. gay porn). Have a hidden volume inside that that contains your master plan of converting all WoW players into your army of midgets to take over the world...add as many layers as you want.
That's the idea with the deniability, They can never know if there actually is a hidden volume in there. So assuming torture, you are probably so lost yourself that you cannot even remember the scheme yourself anymore...Even if they go with the assumption that since you are using Truecrypt there MUST be a hidden volume - but there's no way to know how many nested hidden volumes there are.
I've been using fire 2.0 for a year already.
it would be Microsoft managed and it would work better
I think you forgot your sarcasm tag....
First post! (just in case I am...)
I'm a TrueCrypt user, but not a DFS user
Right, neither am I.
Windows DOES have encryption built in :)
I encrypt using a one way algorithm know as "fire" that transforms all my secrets into ashes.
Is that the algorithm invented by the Greek hacker, Prometheus? I heard he got in a bit of trouble over it, he ended up somewhere like Guantanamo, but eventually was rescued.
there are no bugs that I have discovered yet
Oh, really, so you and your little mac haven't noticed any problems. Might, just might, that be due to the fact that you aren't the closest thing security analysis has to a rock star with a crack team?
Could it also be that you don't regularly sit down and write research papers about the subject?
Further, until you can point me to a better OSS encryption tool, STFU.
FTA:
The researchers found that Windows Vista shortcuts can give away the existence of a hidden file. Vista, which automatically creates shortcuts to files that get used, then stores the shortcuts in the Recent Items folder. And the auto-save feature in Word, meanwhile, saved versions of the hidden files.
"An attacker can use information gleamed from these files - as well as other information leakage from the primary application - to not only infer that a hidden volume exists, but also recover some of its contents," the researchers wrote in their report.
Google Desktop is another culprit that exposes hidden files in TrueCrypt versions below 6.0, according to the report. The Google app's lists of recently changed documents and logs of recent file actions can reveal the existence of a hidden file.
In other words, it's the applications that exposed Truecrypt, when the hidden files were VISIBLE.
The moral of the story: If you have something to hide, turn off the damn logs or put them where they'll be destroyed (encrypted temporary partitions, for example). And don't depend on closed source, proprietary software.
Thanks, that answers that, go Apple. I'm happier every day that I bought Macs. It's funny, you also now have to think about other apps that might leak the "recent documents" paths, OpenOffice, Adobe apps, pretty much anything.
It's good food for thought if nothing else.
I like music
Bitlocker has a back hole that Microsoft has revealed more than once to law enforcement.
Isn't that more like encoding rather than encryption?
Fire isn't lossless and what you get back won't be quite the same.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
FUD. Dual_EC-DRBG is optional and off by default.
Interested in open source engine management for your Subaru?
*sigh* Silly UWashington students ... after all this time we *still* have to correct you. You're UWash or UWashington. Waterloo is UW. Why? Because USENET says so.
I remember back in the good ol' days, lots of UWash students would post ads to the uw.forsale newsgroup, and then wondering why nobody bothered to call them about their sublets.
lol
Don't forget to mix the ashes with water, or you're in for a nasty surprise!
You know that RNG was put in for NIST 800-90 compliance and is not the default in Vista or any other Microsoft OS, don't you?
You know that even an open source RNG of that type would have the same flaws, don't you?
You know you shouldn't use elliptic curve RNGs, regardless of who is providing them, don't you?
You know linking to Slashdot articles with question marks in the title proves absolutely nothing, don't you?
You see that weird mark at the end of the title of the article? Ooh, like the one I just used in fact! That's called a "question mark", it indicates that the preceding phrase or sentence is a question, or is otherwise speculative. Note also the use of the word "may" in the summary, that's another good indication that it's speculation, not fact.
But thanks for playing. Yet again.
It's official. Most of you are morons.
I prefer Axcrypt over Windows Compressed Folders password protection. AxCrypt is free and open-source.
From their FAQ:
Why is AxCrypt better than Windows Compressed Folders password protection?
In the July 2003 issue of PC World magazine, there is a description of how to password protect files using the built-in Windows Compressed Folders of Windows XP and ME. This is a WinZip compatible extension of the Windows Shell (Windows Explorer). The problem is that since it's WinZip-compatible it suffers from the same weakness as does WinZip. WinZip (and thus Compressed Folders) password protected archives use a proprietary and weak algorithm that is known to have the following weaknesses, exploited in numerous 'Password Recovery' products and services:
* If the attacker knows the contents of one of the files in the archive, the password is susceptible to a so-called known plain-text attack. AxCrypt is never susceptible to this kind of attack.
* If the archive contains 5 or more files, password recovery (i.e. cracked protection) is guaranteed. With AxCrypt you can have any number of files encrypted with the same passphrase without affecting the security.
Source? The most relevant article I can find says:
Microsoft has given law enforcement officials a new tool known as "Computer Online Forensic Evidence Extractor, [..]However, Microsoft pointed out, COFEE does not circumvent Windows Vista BitLocker encryption or undermine protections in Windows through secret "back doors" or other undocumented means."
Of course, it's closed source, so you have to take Microsoft at their word for it, but I can't find any reliable sources that state MS has given law enforcement a means to bypass BitLocker.
I'm replying to myself, but I have additional info to add.
[...] it captures live data on the computer, which is why it's important for agents not to shut down the computer first, Fung said. A law enforcement agent connects the USB drive to a computer at the scene of a crime and it takes a snapshot of important information on the computer. It can save information such as what user was logged on and for how long and what files were running at that time, Fung said. It can be used on a computer using any type of encryption software, not just BitLocker.
So it looks like COFEE is a USB device that performs monitoring once Vista has been booted and logged in. Not having your BitLocker USB drive plugged in and not leaving your PC on would seem to defeat an attack by COFEE.
Isn't it pretty well-known that you have to be careful about leakage? An example of that would be that most (all?) encryption HOWTOs tell you that you should encrypt your swap, because you just never know when some of your data might end up in there. If there's a lesson here, it's just that swap might not be enough; you need to think bigger.
I can think of plenty of other ways that something, at least a hint of the existence of the data (if not the data itself) can leak around. Suppose /home/sloppy/ isn't encrypted (yeah, a weird contrived example), but /home/sloppy/secrets/ is. I mount that, load /home/sloppy/secrets/loveletter.txt into my word processor, work on it, save, and then unmount. My word processor's "recent documents" might contain a reference to the filename /home/sloppy/secrets/loveletter.txt, because that list of recent documents is store unencrypted in /home/sloppy/.wordprocessor/blahblah. If I'm just trying to protect the contents of loveletter.txt, I'm probably ok. But if I was depending on the filesystem's or block device's "deniability feature" and trying to hide the fact that loveletter.txt exists inside /home/sloppy/secrets/ then I just failed miserably. The guy with the rubber hose is going to know it's there, so he'll eventually persuade me to cough up the key.
You really need to at least encrypt from your home directory down, and I think most apps will behave. The key is "think" -- the user really has to know what all his apps do, and that makes setting up deniability hard. But assuming the app isn't setuid root, it probably won't be able to write in other places. When you get to strange systems like MS Windows and huge legacy apps like MS Word, though.. yeah, that's really hard. Neither the almighty Schneier nor the Truecrypt dudes really even have a chance of finding all the possible leakages. If they found one, great, but they can't find everything. Only Microsoft would be able to do that.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Windows caches all types of stuff about filesystems it touches in the registry. Open regedit some time and search for "OpenSaveMRU" and you'll see that pretty much every file you click to open in Windows is in there.
Not that Linux is any better, at least Gnome systems - check out ".nautilus" in your home folder. Same thing going on there with the directory structure, you name it. The first thing I do on a new Ubuntu box is remove ".recently-used.xbel" and create a directory with the same name, and make ".nautilus" owned by root and not world-writable. /tmp is obviously a problem on Unix-type systems as well, along with the swap partition.
Of course if your whole system is encrypted these are not problems, but then you don't exactly have a deniably-encrypted filesystem.
The only thing backdoored around here is your mom.
Isn't there a -1, Played-Out Vista FUD moderation?
Me too. For now, encryption is enough. I don't really expect at this point that if the NSA really wanted to get my data I could somehow prevent them. I just want to make it really hard, and more important, I don't want my correspondence and data to be wide open to them. I don't particularly care if they know I'm trying to thwart their ability to snoop in my business. I just want them to know that if they're going to get all up in my grille, they're going to have to spend some resources.
I fuck the NSA, the Bush White House, and our corporate overlords right where they breathe.
Now can I please get someone to freshen up my drink over here? Fighting tyranny after a hard day at work is thirsty business.
You are welcome on my lawn.
You can never really be sure that your OS won't leave some tell-tale trace to the files on your hidden volume. No matter what you do or how careful you are, there's always the possibility that some hidden OS or application software feature has created some data or metadata that will betray the existence of your hidden volume. It looks like the only way to truly maintain the ability to deny the existence of hidden volumes is to create your truecrypt partitions via a bootable CD and forever after only access those volumes from such a bootable CD. You won't have to worry about any trace or history files being left behind then. Though this would work in theory, I wonder how practical it would be for 99%+ of truecrypt users.
Sorry, couldn't come up with the traditional car analogy, so I had to resort to sports. We (that is, those of us who may or may not be using deniable file systems) didn't need Bruce Schneier to tell us that information can leak from a mounted encrypted volume to the system volume, nor that the same is true for the existence of a deniable volume. Which doesn't mean he isn't right. Neither Windows nor Linux is intended as a secure compartmented workstation, which is the minimum you'd need to pull this off with no leaks.
Lacking such an OS, it appears the only way to maintain deniability against a sufficiently competent rubber-hose cryptanalyst is to have an entire encrypted OS. A small kernel (with very limited ability to write to anything) would arrange the decryption and booting of the OS from the encrypted volume. Further, while booted within the encrypted OS, writing to the standard volumes would be verboten, at least through normal mechanisms. The same volume-within-a-volume deniable file system would work as now, though you'd need an entire OS in the wrapper to provide deniability.
So, just to play along, what software do you propose to use on the mac to provide deniable encryption?
You could try this program called TrueCrypt. It seems to work okay.
"And there be unix which have made themselves unix for the kingdom of heaven's sake." - Matt. 19:12
Just wait for the LHC, we might see some matter-antimatter annihilation. Oh, and I call dibs on THAT patent and IP.
Grandpa: My Homer is not a communist. He may be a liar, a pig, an idiot, a communist, but he is not a porn star.
So...
Bruce Schneier is like the Chuck Norris of IT security...?
In the free world the media isn't government run; the government is media run.
The summary ciphertext?
NO SIG
How plausible is it when a major selling point of the program? If someone will go through the trouble of forcing you to reveal a password you would think they would read the documentation. If that is what you are up against you are better off to have a hidden volume so you can show torturers something before they remove all your fingers.
Time flies like an arrow. Fruit flies like a banana.
Should they use a one time pad?
One TrueCrypt disk/partition can have 2 volumes, but only appear as one.
You use passphrase 1 to mount the 'dirty' volume and do your nefarious deeds. When they come and start shocking your balls, you give them passphrase 2 which mounts the 'clean' volume.
They can dissect the disk block by block, but it will appear as just one giant encrypted disk. They'll never know about the 'dirty' volume, just the 'clean' one.
What if you perform your evil deeds inside a vitrual machine which lives in an encrypted truecrypt drive. I suspect this would solve many of the problems since everything that virtual machine knows about is encrypted.
You lost me after the first "M$".
Thats true of the OS X Finder also, at least as of last time I checked. And considering that is using 100% pre-installed Apple software, that seems unacceptable to me.
You mean it's a one way hash function!
Yes; some of the tools it has perform live evidence acquisition to powered-on systems. It's not safe to assume a powered-on system where the encrypted drive has been disconnected is safe, as keys may remain in memory. But if the PC is off (and especially if free disk blocks, virtual memory and sleep files, etc. are scrubbed), this doesn't do anything.
Is it subject to the same vulnerabilities?
Tell me, how long does it take you to read through the source of every program you compile? Do you ever actually get around to compiling anything, at this rate? Do you have time for a real job?
"It is possible to commit no errors and still lose. That is not a weakness. That is life." -Peak Performance
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer]
Value Name: NoRecentDocsHistory
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable restriction, 1 = enable restriction)
FTA:
Google Desktop is another culprit that exposes hidden files in TrueCrypt versions below 6.0, according to the report. The Google app's lists of recently changed documents and logs of recent file actions can reveal the existence of a hidden file.
Really poor phrasing. It makes Google Desktop look like the offender, when in actuality it ended up being a useful tool in pointing out a vulnerability (and perhaps correcting it).
Beetle B.
The comment is the subject.
So, just to play along, what software do you propose to use on the mac to provide deniable encryption?
You could try this program called TrueCrypt. It seems to work okay.
yup, ...until some folks showed flaws in TrueCrypt deniability
Now that's an attempt for infinite mod points!
Fortunately, there's an easy way around this problem.
Instead of having just your "sensitive" data in a DFS, just use put an entire OS in there, which you can use with for example VMWare. So, you boot up your machine, type in your encryption password and end up in your safe and clean "nothing to see here" OS, with some decoy applications and VMWare. Then when you want to actually do something with your system, decrypt the DFS, start the VMWare image found there and do your normal work.
All they could prove in this case is that you use VMWare. Just make sure VMWare has no leaks pointing to the image in DFS, but that's trivial compared to cleaning up behind Vista and it's myriad of ways it keeps track of whatever you do (for your benefit usually, but not always).
http://www.ajaxtocco.com/default.asp?ID=162
I looked at a house once that had one of those old coal burning stoves; it had "ajax" written in huge letters on the hatch. I wonder if it is the same company.
The masses are the crack whores of religion.
Please stop with the MAC trolls, it only makes you look like you're stuck in the 80's and early 90's with turbo pascal and 9600bpm.
yup, ...until some folks showed flaws in TrueCrypt deniability
You should just use a Mac. I've never experienced any bugs with its built-in encryption options.
"And there be unix which have made themselves unix for the kingdom of heaven's sake." - Matt. 19:12
Schneier et al don't break TrueCrypt's deniability, per se. They simply show that Word, Google Desktop, and other automatically-indexing programs may reveal a hidden partition's possible existence.
Quite right. TrueCrypt doesn't give up the existence of files on its hidden partition. Files on the non-hidden partition give up the existence of files on the hidden partition, in the act of pointing at them.
Although this may break deniability of those files' existence, I wonder if it breaks deniability of those files' presence. If shortcuts exist to files using a drive letter that doesn't (appear to) occur in the system, it looks like you may still claim that the files in question are or were on an external drive somewhere that has since left your possession / gotten stepped on / fallen into a volcano, etc.
Which is why the more people who use encryption, the better.
If only the pedos and drug traffickers use it, even the nicest cop will feel just fine with torturing a suspect to get the second password.
If the geeks start using it, most cops (except for the most sociopathic of the sociopaths) will at least have second thoughts about threatening a guy only to get his pr0n stash in the outer volume, and torturing a guy only to get his SSN, tax returns, and banking passwords in the hidden volume. "We tortured a guy for what today? Having his tax returns hidden behind scans of the last 50 years of Playboy because his wife's a fuckin' jealous prude? What the fuck are we doing in this job, man?"
If everyone starts using it, even the most corrupt cops will resign before they torture your grandmother only to find her tax returns in the outer volume, and the recipe for the best cookies in the universe in the hidden volume (the passphrase being in her will and intended only to be revealed to her heirs after she'd passed).
Of course, it's closed source, so you have to take Microsoft at their word for it,
Not really. Contrary to what people seem to think, Microsoft releases source code to some customers. If it means a $10 million sale, MS is more than happy to hand out source for Windows. Of course, it really wouldn't do much good since there's no way you can know FOR SURE, if the code you were given matches the compiled binary you're using. This is a problem with any software you don't code-review and compile yourself. To that end TrueCrypt is really only safer (in terms of backdoors) than Bitlocker if you compile it yourself after you've carefully reviewed the code. I seriously doubt very many users are going to do this.
So if you open files from an encrypted drive and let your software auto-save backups to a non-encrypted drive, those files can be found?
So if you store a shortcut to a file in your hidden volume, that shortcut can indicate that a hidden volume exists?
So if you let your search application create an index of files in a drive, that index can indicate that the drive exists, and contains those files?
So if your paging file isn't on an encrypted volume, any memory contents swapped out to it are stored unencrypted?
When I ran these revolutionary conclusions through my patented semantic compressor, they were replaced by the following byte sequence: "Duh!"
Anyway, how does any of this apply specifically or exclusively to TrueCrypt? It's just a consequence of caching / autosaving / search indexing.
Bruce Schneier should run for President
I touch myself deeply!
yup, ...until some folks showed flaws in TrueCrypt deniability
You should just use a Mac. I've never experienced any bugs with its built-in encryption options.
And what about deniability, then?
But why not encrypt the entire fscking system partition then? It's really easy, and with TC6 you get multithread support, so with a modern computer you won't even notice any performance degrades.
:(){
And what about deniability, then?
You could try TrueCrypt. I think it works on Macs.
"And there be unix which have made themselves unix for the kingdom of heaven's sake." - Matt. 19:12
I think that's what he was getting at. With TC 5, you could do full-disk encryption, but the problem is that you can be legally compelled to give up your keys and the 5th amendment won't help you AFAIK. With TrueCrypt 6, it's possible to create a shadow volume with a bootable OS.
So with TC 6, you can have one "encrypted" OS that you boot from and do regular stuff from every once in a while, to make it look normal and active. Then you have a different password to boot off of the shadow volume, which is where all the top secret super missile codes go. Theoretically, there is no detecting that second shadow partition.
This should be good for passing through US customs and would probably prevent them stealing (yeah, stealing) your laptop, since you can boot it, log it in, and show there's nothing there.
I like music
This is exactly why we need ubiquitous encryption. If all traffic is encrypted, emails to your wife, IM's to your mom, then They will never know what they should be wasting their time trying to decode. It's possibly feasible to decode encrypted IM traffic between Terrorist A and Corrupt Police Captain B (Or "Hippie Treehugger A and Cream Pie Throwing G8 Hater B", as you prefer), but if that traffic is buried in the noise of everyone elses encrypted traffic, the NSA won't know where to start decoding.
That gives regular people a good headstart over tyranny.
I like music
"Changing his mind."
Help poke pirates in the eyepatch, arr.
We can do whole-disk encryption and If asked for the password, plead the 5th. So far courts are going along with that.
So I run whole-disk encryption and don't try for encryption secrecy...
But I also don't take a lappy outside the US.
If you run a VM on that hidden partition, would that not be safe? You could still access your 'normal' data with anything else.
1) Boot up our system
2) Mount the hidden partition
3) Start the image of the OS you have there
Don't fight for your country, if your country does not fight for you.
The Article on Darkreading seems to be quite biased on blaming TrueCrypt, while the on in PC-world is more balanced.
The problem is that a lot of commonly used applications and operating systems love to splatter information about what you do around. So you end up with helpful entries in Recently used Documents, the registry and various temporary files contain part of your data.
If you now want to hide the fact that there's more data hidden somewhere, that's a big problem, one the authors believe won't be solvable by the hiding application alone.
This is how the discussion is planned to go:
Mr. Official: Hand over the password or take another dive.
You: Yes Mr. Official, Sir. It's p455w0rd
Mr. Official: Hmmm ... Playboy nudies ... where's the interesting stuff?
You: That's all there is, honestly.
Mr. Official: What about the hidden partition of TrueCrypt?
You: What partition? I just hide the nudies from my wife for lonely evenings. She would kill me if she new I have a faible for oiled 20 year old supermodels in exotic settings.
Here's how it should end. What people don't want is a continuation like this:
Mr. Official: It seems, you recently accessed h:\business\colombia\cokedelivery.xls. Hand over that second encryption key. We know there's more on that computer of yours.
You: What ... blubber ... blubber ... gasp ... blubber
What is happening is you are running apps and OS on a non-stealth partition. Unless you are careful the OS and apps will track documents on the stealth partition, or even make temporary copies on the non-stealth partition.
What you need is a complete hidden partition including OS. Boot from that OS and you are OK.
Anyone who's saved "midget_porn.jpg" to thier truecrypt file/partition knows that this file also nicely shows up in window's recent documents. Not news.
Like this one which supports almost everything directly out of the box; easy to implement and safe as freak!
RSA and other OTPs require returning a number (more hassle), being expensive and large while this one is small and cheap and acts like a keyboard.
They are acting like a HUD, just like a usb-keyboard, in any country or characterset by using MODHEX.
The price is nice too! I've just ordered 5 to test and got 10 other waiting to arrive..
Disclaimer: I don't work for the company, I just work with their tool;
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Yeah he really got burned on that deal - some things are just too hot to fence..
This is the first top-posting I have ever seen on slashdot.
Well done!
"There is nothing nice about Steve Jobs and nothing evil about Bill Gates." - Chuck Peddle
i double encrypt EVERYTHING, even my /. posts, with ROT 13! /Bruce Schneier whistles white noise.
Utilizing the synergization of benchmark e-solutions to pre-workaround action items!
Is that the algorithm invented by the Greek hacker, Prometheus?
He was not hacker. He was a pirate and steal the whole thing.
Proof or you're lying.
And neither "It's M$ lol" nor "you don't know it isn't true!" are proof.
The address for Apple H.Q. is "1 Infinite Loop." So this conversation is kind of appropriate....
Also, you must disassemble, by hand, the compiler. Heck you'd better not even trust the HDD controller or driver to accurately report the bits representing the compiler binary that you're disassembling. You'll have to open the disk and read the bits by hand with a compass needle. Reflections on Trusting Trust?
SIGSEGV caught, terminating
wait... not that kind of sig.
If you're using the GNU compiler, you could theoretically tear that apart. HDD firmware is quite a bit tricker though, and HDD makers consider that information very senstive. But this is a good point. That code is probably really only well-known by a handful of engineers. If you can compromise them (or really, just ONE of them) you have a much more serious avenue of attack.