Slashdot Mirror

← Back to Stories (view on slashdot.org)

How I Compiled TrueCrypt For Windows and Matched the Official Binaries

Posted by timothy on from the all-the-lurid-details dept.

First time accepted submitter xavier2dc writes "TrueCrypt is a popular software enabling data protection by means of encryption for all categories of users. It is getting even more attention lately following the revelations of the NSA as the authors remain anonymous and no thorough security audit have yet been conducted to prove it is not backdoored in any way. This has led several concerns raised in different places, such as this blog post, this one, this security analysis [PDF], also related on that blog post from which IsTrueCryptAuditedYet? was born. One of the recurring questions is: What if the binaries provided on the website were different than the source code and they included hidden features? To address this issue, I built the software from the official sources in a careful way and was able to match the official binaries. According to my findings, all three recent major versions (v7.1a, v7.0a, v6.3a) exactly match the sources."

33 of 250 comments (clear)

  1. But can you trust xavier2dc? by Anonymous Coward · · Score: 5, Funny

    But can you trust xavier2dc? It's turtles all the way down.

    1. Re:But can you trust xavier2dc? by javajawa · · Score: 5, Interesting

      Then follow the same steps and compile it yourself. You should come to the same results.

      --

      Meh

    2. Re:But can you trust xavier2dc? by Impy+the+Impiuos+Imp · · Score: 5, Funny

      Yah, really.

      Wait! But what if I, myself, am an NSA stooge and don't realize it?

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    3. Re:But can you trust xavier2dc? by paiute · · Score: 5, Funny

      OK, but how do I compile xavier2dc? Is the source even available?

      Step 1: Find his mother

      --
      If Slashdot were chemistry it would look like this:Cadaverine
    4. Re:But can you trust xavier2dc? by tippe · · Score: 5, Funny

      Lets give him the Voight-Kampff test and find out...

    5. Re:But can you trust xavier2dc? by Shoten · · Score: 4, Insightful

      Then follow the same steps and compile it yourself. You should come to the same results.

      I think you're kind of missing his two points. One, he's joking. But two, he's also serious...yes, that is what someone can do. But will they? Probably not. I'm willing to bet that 80% minimum of those who read TFA will simply accept it as canon and move on with it a fact in their minds that the two do match. And beyond that, they will keep it as a fact in their minds even for future releases, which haven't been validated in this way. So that's really the challenge here.

      And even worse, think about all the TrueCrypt users who don't have the technical ability to compile binaries, much less do it in a very specific way? Ultimately, someone has to be trusted, and trust is a web rather than something that flows from a single fountain when it comes to society.

      --

      For your security, this post has been encrypted with ROT-13, twice.
    6. Re:But can you trust xavier2dc? by amicusNYCL · · Score: 4, Funny

      One, he's joking. But two, he's also serious.

      You just blew my mind.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    7. Re:But can you trust xavier2dc? by TangoMargarine · · Score: 3, Funny

      Yes. They give you a couple complex calculus problems and if you get them right, you're a robot.

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    8. Re:But can you trust xavier2dc? by Grog6 · · Score: 5, Funny

      If there's DNA on your Backdoor, you've just been rooted!

      (sorry; but this IS /.) :)

      --
      Truth isn't Truth - Guliani
    9. Re:But can you trust xavier2dc? by Applekid · · Score: 4, Funny

      Ken Thompson once presented a hack where he modified the C compiler to insert a backdoor in the generated code for the UNIX login code (and only that one specific module!). So trusting the compiler to do what you say is NOT an "of course".

      And how can I trust the cpu to actually execute the code as compiled and not insert it's own microcode into the process? And how can I trust the memory chips that hold my data to not clandestinely copy it off someplace else?

      No no, the only solution is to catch the butterflies whose wings flapped and waterboard them to learn the truth.

      --
      More Twoson than Cupertino
    10. Re:But can you trust xavier2dc? by IndustrialComplex · · Score: 5, Funny

      You'll need to provide us with your source code.

      I'll provide you my source code, but just remember, you asked for it. So no complaining to the police when it is delivered.

      --
      Out of modpoints but really liked a post? 1BDkF6TtmmeZ3yqXbz9yhdYVqRYnwFoXDj
  2. Little Let Down by Anrego · · Score: 5, Interesting

    I was kinda hoping he'd built some elaborate timing setup to somehow match the exact timestamps and compile speed as the official binaries were built with.

    This is still a great analysis though, and the detail provided is a fun read and useful insight into the general mindset and method of how this kind of analysis is done.

    1. Re:Little Let Down by IamTheRealMike · · Score: 5, Informative

      He did as much as was necessary to establish trust and no more.

      I just want to say to Xavier - thanks. Great work.

    2. Re:Little Let Down by wonkey_monkey · · Score: 3, Insightful

      He did as much as was necessary to establish trust and no more.

      Or so he has led you to believe...

      --
      systemd is Roko's Basilisk.
    3. Re:Little Let Down by Anonymous Coward · · Score: 4, Insightful

      Everything in that link only applies to secondary volumes, it doesn't appear to apply if you've encrypted your system volume.
      Also, everything being talked about has little to do with windows, and more to do with the pointers/shortcuts external applications make to the "hidden" encrypted filesystem.
      Linux would likely have the same number of "Hey! Look! An encrypted filesystem over there!" red flags.

  3. Re:And why should we trust you? by asmkm22 · · Score: 5, Insightful

    He provides pretty clear instructions on how to duplicate the process he used. He's not just saying "I did it and it's safe, trust me."

  4. Re:"According to my findings" by Zerth · · Score: 4, Insightful

    You don't have to trust this person, they've given you the exact steps to do it yourself.

  5. Ugh, not "a software" again. by jabberw0k · · Score: 3, Informative

    "TrueCrypt is a popular software enabling data protection...

    No, TrueCrypt is a popular piece of software. You don't have "a hardware" or "a clothing" or "an information" — and likewise you cannot have "a software."

    1. Re:Ugh, not "a software" again. by geekoid · · Score: 4, Informative

      The plural of datum is data.
      The singular of data is datum.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  6. submitter told you how to check it yourself by raymorris · · Score: 4, Insightful

    TFA painstakingly explained how you can check it yourself. I'm sure several people will, including enough people that I trust enough. Especially given that there is zero evidence of a backdoor. Nobody is claiming there is a backdoor, so it's a question if yyou trust the testers more than you trust - nobody.

    1. Re:submitter told you how to check it yourself by mlts · · Score: 5, Informative

      I would say that TC is above almost all security software in that the source is available at all. There are a lot of utilities out there that there is no source available for unless one is a large government.

      TC at least has a level playing field. China might have the source code, but at least you do too.

  7. Re:But can you trust Microsoft Visual C++ by shawn(at)fsu · · Score: 4, Insightful

    If you're that worried about a ken thompson attack (which this topic always devolves in to) then why even use a computer at all?

    --
    500 dollar reward for tip(s) leading to the arrest of the person(s) who stole my sig.
  8. that's not even wrong... by Thud457 · · Score: 3

    You're not quite 40 YEARS behind the times....


    I think this whole NSA brouhaha will make some people start taking auditability a little more seriously.
    Which means documenting the whole tool chain used and all options used. Of course, that only helps if you have access to the source. SUX to be you, Microsoft.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  9. Re:Now for extra credit by Thud457 · · Score: 4, Funny

    Define the universe.
    Give two examples. ;-)

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  10. Re:But can you trust Microsoft Visual C++ by Dishevel · · Score: 5, Funny

    I don't. I build all of code in hardware. That is rendered in MineCraft.

    --
    Why is it so hard to only have politicians for a few years, then have them go away?
  11. Re:Can you trust the compiler? by surmak · · Score: 4, Interesting

    The compiler (and support stack) is a MS compiler, and MS is already owned by "the man", so as Kernighan demonstrated you still can't trust it.

    The disassembler he used is not. So it is (at least theoretically) possible to see if there is a back door. The compiler has a very low-level view of what it is doing. In order to add a back door, it would need to recognize when it is compiling TC. This could be a much more difficult technical problem than what Kernighan did to login, and, if discovered, would be devastating to MS from a PR standpoint.

  12. Re:what about the source? by Desler · · Score: 3, Interesting

    Do you have the attention span of a gnat? What you ask about is covered In the second sentence of the summary.

  13. Did same, found same by Anonymous Coward · · Score: 5, Interesting

    I did the exact same thing as in TFA a few days earlier and ended up finding the exact same variations and causes for those variations.
    My conclusion was also identical, binaries are indeed coming from the provided sources and can be trusted if no further backdoor is found in the sources themselves.

    A cryptographic and coding oriented audit is still much required.

  14. Diverse double compiling by tepples · · Score: 5, Informative

    And how can I trust the cpu to actually execute the code as compiled and not insert it's own microcode into the process?

    By using free compilers and ensuring clean binaries using diverse double compiling. (Thud457 mentioned it, and we discussed it a week ago.) Essentially what you do is bootstrap the compiler (compile the compiler's source code with your existing compiler binary, then recompile it with itself) on several different brands of compiler. If the binaries resulting from all bootstraps match, then either none of them have a backdoor or they all have the same backdoor. The more compilation processes you use, the less likely it will be that they all have the same backdoor. To exclude CPU microcode bugs that target a particular compiler, you could try running some of the bootstraps in an emulator such as DOSBox or bootstrap them as cross-compilers on another CPU architecture.

    1. Re:Diverse double compiling by Stuarticus · · Score: 3, Funny

      I see the flaw their.

      --
      If you think someone isn't free to have a different definition of "freedom" you may be a tyrant.
  15. Backdoor in the source? by kbg · · Score: 3, Insightful

    But did this guy check why the Windows version writes mysterious random bytes in the header but not in the Linux version?

  16. Compiler can not be trusted by kbg · · Score: 5, Interesting

    There is one problem with his findings. In order to compile TrueCrypt you have to use Microsoft Visual C++ compiler, which is made by Microsoft from a closed source. If I was the NSA I would but the backdoor in the compiler and it would get injected into the binary whenever TrueCrypt was compiled.

    1. Re:Compiler can not be trusted by xavier2dc · · Score: 3, Informative

      Visual C++ 1.52c is the last version that could generate 16-bit code, which is needed to compile part of the boot loader for full disk/system encryption. The other solution would have been to write all the thing in assembly (or replaced the portion with the pre-compiled code instead), but that wouldn't have made more people happy to reverse-engineer more assembly, would it?