TrueCrypt Website Says To Switch To BitLocker

Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. ... You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there's been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases. A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a 'big announcement' soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.

Fishy

[CelticWhisper]

A FOSS project shutters itself and, rather than linking to a fork or posting tarballs of a few versions' worth of source, recommends commercial alternatives? If this isn't a hacked site then I'm thinking Lavabit - someone pressured someone else and in order to spill without spilling, they made the most absurd possible kind of announcement that they were closing.

Re:Fishy

[Ardyvee]

Yes. You are right. This doesn't seem "right" at all. The very definition of fishy.

Re:Fishy

[nine-times]

Yeah, it doesn't quite make sense up. First, why has the page suddenly dropped all styling and logos? And then there's the quote at the top:

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

It seems to imply that the following thought process: The only purpose of TrueCrypt was in order to support Windows XP, which is no longer supported, so it's not useful for that purpose anymore. Since new operating systems provide their own encryption mechanisms, there is no value in the project, so we're shutting things down.

However, the fact that Windows XP has lost official support does not mean that no one is using Windows XP anymore. Further, one of the valuable aspects of TrueCrypt was that it was open source (meaning the encryption could be independently verified) and cross-platform (meaning a disk encrypted on Mac could be accessed on Windows and vice versa). There's still a lot of potential uses for such a project.

Aside from that, what would possibly be the harm in continuing to provide the source code? If the intention were to deny people binaries as a method of providing a stern warning to potential users, surely they could still provide the source and say, "... but if you know what you're doing well enough to make use of the source code, go ahead and use at your own risk."

Something's wrong here, unless the people maintaining the project are just kind of retarded.

Re:Fishy

[gbjbaanb]

it appears it might be compromised.

From https://news.ycombinator.com/i...

Odd, 6 hours ago someone updated the TruCrypt-key.asc files, then 3 hours later posted all the new binaries.
Also odd is whoever posted the new binaries completely yanked all the previous ones, leaving only the new and questionable binary available for download.

Re:Fishy

[gbjbaanb]

Except most Windows 7 editions doesn't support Bitlocker - only Enterprise and Ultimate.

Re: Fishy

[ironicsky]

And a TPM chip, something not built in to all computers.

Re:Fishy

[illiteratewithdrawal]

And it will be interesting to see what Bruce Schneier finally has to say about it: https://www.schneier.com/blog/...

Re: Fishy

[jones_supa]

BitLocker can be used with a TPM chip.

Re:Fishy

[K.+S.+Kyosuke]

The only purpose of TrueCrypt was in order to support Windows XP, which is no longer supported, so it's not useful for that purpose anymore.

I thought the purpose was to facilitate moving encrypted volumes between different operating systems? Why wouldn't that be useful on Windows 8? How do I mount a Bitlocker volume in Linux?

Re: Fishy

[jones_supa]

Correction: I mean without one.

Re:Fishy

[MozeeToby]

If you're gonna post compromised binaries of TrueCrypt, you generally wouldn't stick them on a page with "WARNING: Using TrueCrypt is not secure" in large, bright red text. You'd also expect some kind of statement from the good folks that have been running TrueCrypt for the past decade.

I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow. I would stay far, far away from that latest binary, if I had to guess it contains whatever loophole they were ordered to put in place, hence all the big and bright warnings.

Re:Fishy

[jones_supa]

There was 2 years to the previous version, so it seems that the TrueCrypt project wasn't very active anyway. Maybe they thought that the discontinuation of Windows XP was a good moment to finally officially shut down operations.

Re:Fishy

[mrchaotica]

If you're gonna post compromised binaries of TrueCrypt, you generally wouldn't stick them on a page with "WARNING: Using TrueCrypt is not secure" in large, bright red text.

That's what they want you to think!

(I'm not sure if I'm joking or not...)

Re:Fishy

[jones_supa]

Or they were smoked out by NSA, because TrueCrypt encryption was "too good", and Microsoft's BitLocker has an NSA backdoor.

Re:Fishy

[AmiMoJo]

Yep, I'm guessing National Security Letter. The only defence against being forced to hand over signing keys or release versions with flaws and backdoors is to release a final version yourself to discredit any future releases.

The web site looks hastily knocked up, which supports this theory. What I can't quite get my head around is the suggestion to use BitLocker though. I know MS resisted an NSL recently, but that doesn't meant we can trust BitLocker.

Alternatively, maybe the site is by the person behind the NSL, trying to drive people to BitLocker which is already compromised. Since TrueCrypt is being audited maybe they figure they can't insert back doors now.

Either way, this is and extremely worrying development in the crypto wars.

Re:Fishy

[Kythe]

Yep. The rationale provided is also at odds with past statements regarding planned development. I'd bet this is a compromised site.

Re:Fishy

[Nyder]

Except most Windows 7 editions doesn't support Bitlocker - only Enterprise and Ultimate.

I'm wondering who the fuck trusts MS enough to use Bitlocker. I don't.

Re:Fishy

[trmj]

Here's a theory, based on the timing:

TC was Sabu's pet project. Since he was caught and working for the Feds, he has provided the very access everybody is afraid of them now having.

Sabu was just released from the service of the Feds a few days ago. Enough time to rewrite the binaries, change the passwords, and disable the whole lot since it's all been compromised for years. Gets rid of a dangerous product, and pisses off the Feds without violating the terms of anything since TC is still available for download, just in a crippled form.

Re:Fishy

[PopeRatzo]

one of the valuable aspects of TrueCrypt was that it was open source (meaning the encryption could be independently verified)

And the value of that "open source" is that it's still forkable for anyone who wants to do the work.

My other guess is that the NSA is putting so much pressure on TrueCrypt that they'd rather just close their doors than face jail time if they don't bend to the NSA's wishes.

Seriously, if it's FOSS, doesn't that mean anyone can take the TrueCrypt code and do with it what they will?

Re:Fishy

If you're gonna post compromised binaries of TrueCrypt, you generally wouldn't stick them on a page with "WARNING: Using TrueCrypt is not secure" in large, bright red text.

That's what they want you to think!

(I'm not sure if I'm joking or not...)

Many have believed Truecrypt to be backdoored anyway. There was a police forensics pdf circulated a year or so ago which actually mentioned that a Truecrypt backdoor was available to law enforcement.

Re:Fishy

Since TrueCrypt is being audited maybe they figure they can't insert back doors now.

^^^^THIS would be my guess. TC has always smelled very suspicious with its 3 anonymous developers supposedly maintaining a large and complex program on multiple platforms - it's too much for 3 coders - and the highly suspect "Truecrypt Foundation" (registered with bogus details). It is probable that TC was established and developed by a 3-letter agency purely so they could plant backdoors.

Re:Fishy

[Kythe]

It is possible the Truecrypt project has been bleeding what developers it had for some time. It hasn't been updated in a while. Maybe this was the last one standing saying "enough, I want to do something else". Also hoping for a fork if this is legit, and with the audit and the change in license, it's the perfect time (which may also have occurred to whoever decided enough was enough). State actor or court order theories don't seem to make much sense, and given the effort involved to do all that was evidently done (beyond defacing a website), I'm now doubtful this was a compromise.

Re:Fishy

[AC-x]

Enough time to rewrite the binaries, change the passwords, and disable the whole lot since it's all been compromised for years. Gets rid of a dangerous product, and pisses off the Feds without violating the terms of anything since TC is still available for download, just in a crippled form.

Well, the TrueCrypt audit project did manage to exactly recreate the binaries from the source file and so far haven't seen anything fishy in the source code other than some slightly weak encryption options making brute forcing of weak to medium strength passwords realistic.

Re:Fishy

[Kardos]

How would he magically know what happened? He's almost, but not quite, omnipotent.

Re:Fishy

[AmiMoJo]

Sabu doesn't have the skill to write TrueCrypt. No offence to the guy, but it's just not the sort of thing he does. He was a glorified script kiddie, his main value being community standing and some admin tricks he learned to defeat DDOS attacks and dox the people behind them.

Re:Fishy

All sorts of people who like the idea of encryption enough to check a few boxes and type their password, but not enough to make their system hard to support or use, and who don't consider their data valuable enough to be worth much extra work -- i.e. people choosing between doing nothing to protect their data and doing something. Common applications include transparent encryption on all corporate desktops/laptops.

Whether you trust MS or not, BL provides reasonable protection against the most common threat -- theft/loss to someone primarily interested in the resale value of the hardware. Most people aren't worried about the NSA getting their data, and those that are aren't relying on boot-time-unlocked full-disk encryption from any provider, as the model itself is insecure against serious attackers.

Re:Fishy

[XMorbius]

I like this theory, but it would mean Sabu was working on TrueCrypt since he was he was 20. He's certainly talented enough for that to be the case, but I find it hard to believe.

Re:Fishy

[asmkm22]

It wouldn't be odd if the whole point was for someone to show they had access to the whole project. Sort of a passive-aggressive way of saying "not as secure as you think!"

Re: Fishy

[VTBlue]

As a former softie, all I can say is that i would trust bitlocker over pretty much any solution on the market and here are the reasons why:

1. Microsoft would not knowingly backdoor bitlocker. The NSA pressured the team leads, but management was adamantly opposed and declined to acquiesce.

2. Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling. Crippling not with the OSS crowd, but enterprise customers. The only loser would be Microsoft and they would not recover.

3. There simply not enough people involved in the Truecrypt project at the moment to make it a truly secure solution. This isn't the Linux Kernel. For FDE, I wouldn't trust an FOSS until more audits and testing has been done. The reason is not because of technicalities, but because of legal liability reasons. For an FDE solution I either would want a private company to back the product or I would want a strong and active community truly backing the continuing development of the FOSS.

That said, I'm really hoping the audits come back positive and that development continues.

Re:Fishy

[viperidaenz]

It's only forkable if you keep the new fork under the TrueCrypt License

You must not change the license terms of This Product in
        any way (adding any new terms is considered changing the
        license terms even if the original terms are retained),
        which means, e.g., that no part of This Product may be put
        under another license. You must keep intact all the legal
        notices contained in the source code files. You must include
        the following items with every copy of Your Product that You
        make and distribute: a clear and conspicuous notice stating
        that Your Product or portion(s) thereof is/are governed by
        this version of the TrueCrypt License, a verbatim copy of
        this version of the TrueCrypt License (as contained herein),
        a clear and conspicuous notice containing information about
        where the included copy of the License can be found, and an
        appropriate copyright notice.

Re:Fishy

He's not quite omnipotent, but he is omniscient, and that's what counts.

Re:Fishy

[mlts]

Confirmed, the Authenticode signatures are from yesterday as well. I'd be careful on the binaries available for download because they shouldn't have changed in two years, and why they are changed now worries me.

Re: Fishy

[TMYates]

Correct. But there is a downside. In order to use BitLocker without one, you will require using a USB drive for unlocking the system. A big security risk with using that method in a company environment would be how many simply leave the key in the computer. That would be like leaving the key to your house in the keyhole on the outside of your house. If you have to go that route, you can also add a password with the USB drive to unlock.

Source: Experience

Re:Fishy

[Mr.+Jerar]

I will go with compromised too. Since the statement on one page does sound like something I would expected to see: "You should download TrueCrypt only if you are migrating data encrypted by TrueCrypt." Since if I was migrating data encrypted by TrueCrypt, I would most likely already have TrueCrypt installed on my computer. So yes it does seem very fishy.

Re:Fishy

[cyrano.mac]

Makes sense. The recommendation for Bitlocker would mean that Bitlocker had a backdoor all the time if you explore the same reasoning a bit further...

Re: Fishy

[mlts]

I have been slowly moving from TrueCrypt to Bitlocker just because I've had issues with permissions and Windows 8/8.1.

It may not be as secure as TC, but it is a lot more recoverable, and to me, my main reason for using FDE is ensuring that a stolen HDD winds up "just" a hardware theft, and not something that can be used for extortion (yes... when I was in college, I was asked to help someone who had some private things stored on his laptop... and when the thieves stole it, they demanded $3000 or else they would post all the nudie pictures of his GF that the victim took to the Internet.)

The recoverability issue is nice. I can enable BitLocker on a drive or image. Then, add a recovery key, and a certificate. Then, the image can be copied/used on a cloud provider, and due to no easy to guess password being used, brute force is off the table. To boot, one can have the computer automatically unlock the drive, so it is basically a set and forget mechanism (with good and bad points.) The BDE keys for recovery wind up stashed in an old smartphone that shed its Wi-Fi, BT, and 3G antenna. Less attack surface for a remote intruder.

For file archives, tossing them into an expandable disk image and flipping on BitLocker may not be perfect, but it seems to do the job to keep people out.

As for Linux and OS X, I'd say Apple's encrypted Sparse Images are useful (as only small 8 MB "bands" change.) LUKS is also decent on Linux.

The nice thing about TC was the fact that it was one program that worked on three platforms, so you could stash your files in a TC container (assuming FAT32 for a filesystem) on your Mac, then access it on your Windows machine.

Re:Fishy

Um. Did anyone bother to go to the second page, for those who don't use windows?

http://truecrypt.sourceforge.net/OtherPlatforms.html ""If you have files encrypted by TrueCrypt on Linux: Use any integrated support for encryption. Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation."

I think this is a case of pwnership rather than national security letter. An NSL to truecrypt would only make sense if there were, in fact, a universal backdoor built in and the author was both identifiable and subject to US jurisdiction.

The 7.1a code audit ran its first pass and found nothing obviously wrong. It's possible the tool is 'doored, but given the nature of public key cryptography it seems unlikely that it could be in the same way that a server running SSL is compromised when its key is extracted.

Re:Fishy

[eean]

Um, anyone using Windows should trust Microsoft enough to use their disk encryption. Or they shouldn't be using Windows at all.

Re: Fishy

[VTBlue]

Your last point is exactly why I want truecrypt to survive. Also i love the TC hidden volumes implementation.

Re: Fishy

[Enigma2175]

As a former softie, all I can say is that i would trust bitlocker over pretty much any solution on the market and here are the reasons why:

1. Microsoft would not knowingly backdoor bitlocker. The NSA pressured the team leads, but management was adamantly opposed and declined to acquiesce.

That was then. Nowadays we have (unconstitutional) things like a National Security Letter where they can force you to put in a backdoor and prohibit you from telling anybody about it under penalty of imprisonment. If you are a little guy like Lavabit you can just go out of business rather than comply but if you are Microsoft you put the backdoor in, telling only the actual people that need to know and informing them they are going to federal PMITA prison if they tell anyone. Unless you were the guy who put the code in you wouldn't know anything about it.

2. Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling. Crippling not with the OSS crowd, but enterprise customers. The only loser would be Microsoft and they would not recover.

With only binaries to analyze it is certainly possible that a NSA backdoor could go undetected in bitlocker. Particularly if the backdoor was in the form of an intentional error in an algorithm or a purposefully weak cipher (hello RSA!).

3. There simply not enough people involved in the Truecrypt project at the moment to make it a truly secure solution. This isn't the Linux Kernel. For FDE, I wouldn't trust an FOSS until more audits and testing has been done. The reason is not because of technicalities, but because of legal liability reasons. For an FDE solution I either would want a private company to back the product or I would want a strong and active community truly backing the continuing development of the FOSS.

That said, I'm really hoping the audits come back positive and that development continues.

I hope that development continues as well. More developers would be nice but on a mature project usually there is only low-glory bugfixing going on so a) less developers want to participate because there is less glory and bugfixes are boring and b) there doesn't need to be a lot of developers as there is less workload. Obviously an independant audit would be ideal but that generally means money and somebody has to pay.

Re:Fishy

[MozeeToby]

It still wouldn't explain the lack of communication from the team. They're one of the most prominent and well known open source security tools and the entire website and signing keys get hacked, you don't think they would be talking to the community right now if?

Re:Fishy

[gweihir]

I don't think Sabu is capable of this kind of altruism, let alone this type of project.

Re:Fishy

[gweihir]

Indeed. That makes zero sense for a FOSS project, but is entirely consistent with a site compromise. I guess as the TC people are hard to reach it may just take a few days for them to notice, clean up and issue a statement.

Re:Fishy

If it were a NSL that forced TrueCrypt to close up shop, there will be blowback, and not the good kind. This is reminding me of the crypto wars of the early to mid 1990s, maybe even with some Operation Sun Devil thrown in.

What happened with the Clipper Chip fiasco was that crypto went from just something on the edges that geeks used... to something mainstream (the Streisand effect before it was called it.) Crypto development started moving offshore, where ITAR became pointless [1]. Luckily common sense came into play and ITAR was replaced by EAR, and US companies could use crypto with actual security.

How does this pertain to TrueCrypt? There are a lot of countries that don't like the US now, and having a TrueCrypt fork [2] that would be developed, maintained, and funded by a government for their propaganda department ("hey, look what we are doing to foil the evil US, we have actual security software.") Now, TrueCrypt which could have been monitored is now a lot harder to police and watch with the backers going from an anonymous organization to a well-heeled nation.

Encryption isn't new. One could grab code from a 1990s version of PGP, reference AES libraries and make something fairly easy. It would take time to test, but with all the anti-US press, people would pop out of the woodwork.

I do worry though. If NSLs were used to shut down TrueCrypt (or force a backdoor), then the blowback can be enormous, and a nation hostile to the US could use this enormously for their propaganda departments [3]

[1]: If people broke the law and used an encrypted mechanism, LEOs either had to tip their hand and break the encryption (which would mean people would stop using that mechanism), or just deal with it, as once the files were out of the US, they were legal. It was the bits leaving the US that was considered on the sale of exporting arms.

[2]: The fork in theory could just copy the TC code and slap whatever license the fork-ees felt like. It is doubtful that anyone would come and enforce the copyrights at this stage.

[3]: Russia's is doing so well, Putin has been damn proud of it. So far, their work has turned a solid country into a mass of people hating themselves and the government, which is a military objective success that could NEVER have been done by a previous Russian leader without a lot of nukes. Same with Snowden's handler... the Russian who got him to spill the beans accomplished an objective that could not have even been thinkable before the 2008 economic crash.

Re:Fishy

[Darinbob]

One of the things I noticed in the diff is that it is a mixture of ripping out code plus other stuff that looks like legitimate changes that had just not been checked in yet. So it does seem like a real dev and not a hack, and may be someone rage quitting or burning bridges. The question really is why was it done. The security letter argument is somewhat plausible but also has a lot of holes in that theory as well (if prohibited from telling people about it I would think there's also a prohibition about defacing the product in a roundabout way of warning people).

Re:Fishy

[TheGratefulNet]

I know MS resisted an NSL recently, but that doesn't meant we can trust BitLocker.

you know this?

no you don't. only 2 people know this (the one talking and the one being talked to). everyone else is a pawn (so says Mongo).

when it comes to america and NSLs, all bets are off. nothing can be known. (and this is the most anti-american thing I've heard of; these 'cant talk about it or we'll whup yer ass but good!' bullshit letters).

if america ever needed a reason to rebel against its own government, the NSL concept is the #1 reason I would give. the US used to be an example of what freedom was about. NOT ANY MORE!

Re:Fishy

[asmkm22]

They are also one of the most anonymous. I wouldn't be surprised if we never hear from them on it, because the cat's already out of the bag. There will now always be a cloud of doubt hanging over the project, regardless of WHY this happened. No amount of PR is going to fix that, and I'm sure they know it.

Re:Fishy

[viperidaenz]

Well if you fork it and change the license, it's a copyright violation. Expect the project to by shut down via DMCA or to be sued.

Re:Fishy

[cbhacking]

You know, the last part of your question is actually a pretty good one. With the exception of the "Elephant" diffuser, every part of BitLocker is pretty standard and well documented and/or easy to figure out with a little analysis (doesn't even need disassembly, I suspect). There's no good reason (patents may be *a* reason, but not a good one) why it couldn't be implemented in a FOSS system. In fact, I know Elephant was externally reviewed, so even if it's not patented there's probably people who know how it works too (pretty sure it's optional in any case, though I believe it's enabled by default).

Getting Linux to boot off of a BLed volume would be hard, but just being able to access and mount removable or shared data volumes shouldn't be too hard. You'd need to not be using the TPM key, most likely, but I know that's optional in BL.

Re:Fishy

[epyT-R]

which probably has the non backdoored version.

Re:Fishy

If absolute privacy is your concern you shouldn't trust *any* US technology. The NSA excesses clearly indicate a pattern of trying to put backdoors into everything and peek at every ones private data. That said, weening oneself off US tech is pretty hard at the moment. So from a north american consumers standpoint nothing much has changed.

However from the standpoint of the rest of the world... foreign government would be stupid to trust US tech at this juncture. Cisco, Microsoft, Facebook, Google, Apple, IBM, etc... are all now pushing back against the government because they are already losing huge sales (especially in China where they are gettting killed in the last year). They only have themselves to blame though. This s something they should have pushed back against years ago. No one trusts them now so the foreign trend off US tech will only accelerate.

The NSA's actions to allegedly defend America... has actually lead to it dramatically harming America (both diplomatically and economically) That said, the NSA gets its funds from the government so ultimately Bush AND Obama are to blame for letting mass surveillance get out of control after 9/11. The American government is also not alone in bad behaviour. The British GCHQ are also untrustworthy. Even the Canadian, Australian and New Zealand government's behavior has been appalling. (the five eyes)

On the bright side, now that all this anything goes spying is out in the open, the move to real security has begun. This is also good news for FOSS projects as more and more people migrate off closed source

Re: Fishy

[epyT-R]

1. how do you know this for sure? The answer is that you don't, so assume they have been. If the state comes knocking making an offer you can't refuse, part of that deal is you can't admit to it without facing criminal charges.

2. yeah, you mean what happened to the telcos after edward snowden? riight.

3. Maybe so, maybe not, but at least it cannot be unknowingly usurped. At least not by those who are tracking its code changes. Is it guaranteed? hell no, but it's better than just taking some company rep's word for it.

Re:Fishy

[epyT-R]

Depends on what they want protection from..

Re:Fishy

[epyT-R]

Point is, with NSLs you can't trust anything they say.

Re:Fishy

You seem to harbor the mistaken belief that an application you trust can execute within an OS you don't trust and still maintain your trust. This is most certainly not true for something as finicky as encrypted storage. If you don't trust Windows, you cannot assume that it is honoring its contracts to store the data truecrypt asks it to.

It could have specific countermeasures for the well-know truecrypt modules, much like MS used to enable specific compatibility (or incompatibility) behaviors when it detected certain applications running in the old days. It could go through all the motions of passing truecrypt's ciphertext and plaintext around and then finally write plaintext to disk instead of the intended ciphertext, or it could write out different ciphertext with a trivial or easily broken cipher suite, or encode the key somewhere in free space on the disk so that an attacker can find it later when the disk is moved elsewhere!

Re: Fishy

[VTBlue]

I'm calling bullshit on your points. My point on #1 wasn't a hypothetical, this was the bitlocker lead product manager making the statement behind closed doors and then repeating it again in numerous public forums. I was there, and I trust his word, and not blindly. As for point three, you realize that the TC team is largely anonymous right? So what you're saying is that you trust the "code reviews" conducted by a faceless team and are willing to stake reputation and legal liability on it simply because it's open source? Whether you agree or not about bitlocker's security, the point is that with a named organization backing the product, the customer or class of customers have legal recourse to extract damages for material defects in the software. There is not legal recourse with TC, plus they have no money.

You want to use TC as an individual, fine no argument, but if you're looking for best in class FDE for business, I don't think TC is there yet.

Re:Fishy

[callmetheraven]

Sued by?

Re: Fishy

[epyT-R]

He wasn't worth revealing the fact there's a backdoor in truecrypt.

Re: Fishy

[lister+king+of+smeg]

As a former softie, all I can say is that i would trust bitlocker over pretty much any solution on the market and here are the reasons why:

1. Microsoft would not knowingly backdoor bitlocker. The NSA pressured the team leads, but management was adamantly opposed and declined to acquiesce.

2. Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling. Crippling not with the OSS crowd, but enterprise customers. The only loser would be Microsoft and they would not recover.

I would have thought that point valid until RSA backdoored their encryption for chump change from the NSA. Or if I had not remembered MS having _NSAKEY in their software.

Re:Fishy

[Bite+The+Pillow]

Why hastily knock up a site?

Did it not have a site at all before that could be minimally altered instead of made from scratch? Did a malicious actor not reuse existing HTML, CSS, and images to seem reputable?

Nsl would more likely look continuous, to give authority to the message. Making the site look like a DNS attack would scare people away from both the new binary and the message, making it a poorly thought out plan.

No guess so far makes any sense, except for a rogue takeover. Internal or external, someone just took over the project to shut it down, and little planning as to how to best accomplish it. As no one wants to do anything with the binary, that would count as success. And were it planned so, masterfully done.

Re:Fishy

[gargleblast]

But is he omnipresent? Or just highly maneuverable?

Re:Fishy

[SuricouRaven]

Because the short pause it signifies, used verbally, implies "I'm just stating the bloody obvious, but..."

Re:Fishy

[timkofu]

Yea, bitlocker can't be trusted. I'm gripping on to Linux and Luk's crypt (on phone and computer and server) with a titanium grip.

Re:Fishy

[tero]

Seriously, if it's FOSS, doesn't that mean anyone can take the TrueCrypt code and do with it what they will?

Yes, but TrueCrypt has never been FOSS and by the looks of it never will be. It has always had it's own license that contained distribution and copyright-liability restrictions.

It's never been accepted as "open-source" by OSI.

Re: Fishy

[Bert64]

Automatically unlock the drive to boot is a false sense of security, if the computer can boot autonomously then it has the key and therefore so does anyone who steals the whole machine (as opposed to stealing just the drive)... You're no longer relying on the strength of the encryption, but rather the strength of the obfuscation used to hide the key.

Re: Fishy

[Bert64]

And storing the key in a TPM chip isn't equivalent to leaving the key in the computer?
The key is there, it's just obfuscated, only takes one person to work out how to extract it...

Re:Fishy

[grep+-v+'.*'+*]

I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow.

I think that's exactly wrong -- I think he DID follow the court order and actually gave up the keys.

And therein lies :-) the trick: in order to keep them from actually using their new keys to create TC-NextGen -- with New! and Improved! Holes for Your Convenience! -- he trashed the brand. Now, *NO ONE* will trust new versions of TC.

"I gave you the keys just like the order said. But you never said that I couldn't make any new version worthless."

This is an analog to a groups' public secretary who in every meeting says they haven't received an NSL, and then in one fine meeting doesn't say that.

Lets see who now up-and-disappears on some weird charge.

Re: Fishy

[AmiMoJo]

You are assuming an attacker sophisticated enough to recover the key from the stolen machine. In practice they won't be able to log in and access any data if your password is good enough, and offline access is impossible because the drive is encrypted unless you boot off it.

It won't keep the NSA out, but it's still a nice way to secure a laptop in case someone steals it.

Re:Fishy

[AmiMoJo]

Just move the project outside the US, then the DMCA isn't a problem. Chances are that the developers would not go after you for copyright infringement anyway because it would mean revealing their identities. If they want to remain anonymous they can't take legal action.

Re:Fishy

[linuxrocks123]

Never heard of this, and doubt it. Could you post a link?

Re: Fishy

[jones_supa]

Correct. But there is a downside. In order to use BitLocker without one, you will require using a USB drive for unlocking the system. A big security risk with using that method in a company environment would be how many simply leave the key in the computer. That would be like leaving the key to your house in the keyhole on the outside of your house. If you have to go that route, you can also add a password with the USB drive to unlock.

Source: Experience

That is true for Windows 7, but Windows 8 does not need an USB key. I have tested this personally.

Re: Fishy

[thegarbz]

Not quite.

In order to use auto-unlock you also need an encrypted system drive. Furthermore the auto-unlock drives have their keys stored in the registry which are encrypted with the same key as the volume decryption key, and based on the user ID/password as well. So effectively your key is only stored somewhere in a readable form if you have already decrypted the drive on which the key is stored (windows registry) AND you have logged into the machine.

This doesn't prevent you from a casual walk by on a computer left on and logged in, but it most definitely does protect you quite well in the case of a computer which was powered down and to a lesser extent in hibernation.

Re:Fishy

[Threni]

How would a NSL oblige you to make changes to software? I keep hearing this, but that's not what it's for, plus it can be challenged in court; I'd imagine the ACLU, EFF etc are onto this already.

Re: Fishy

[Threni]

If there's a backdoor I guess we'll discover this when it turns up in a court case.

Re:Fishy

[Lennie]

TC is NOT a FOSS project, never was.

Re:Fishy

[Kjella]

But I fail to see how that's a killer issue, if the audit project does turn up something they'll probably write a patch specifically for that issue under the TC license and that would become a semi-official and secure fork of 7.1a. It won't mix with anything else though - you can't even add BSD code to this project and you can't include it in anything else - but just to keep it patched and safe until a suitable alternative is found it should be sufficient. For that matter, it sounds like this project could live on this way a long time. If there was something intentionally wrong with 7.1a back in 2012 then it seems very unlikely that they'd suddenly go nuclear like this in 2014, so my guess is that at worst the software has unfixed bugs. Those bugs can be found and fixed, no matter if the original developers have gone loony.

The most plausible explanation to me so far is that the TC developer with the keys have gone to work for a commercial competitor to TrueCrypt and decided to throw a grenade in order to drive as many people away from TC as possible and pick up the pieces. And I don't mean for Microsoft and BitLocker, that's just a hilarious smokescreen as barely anyone would seriously consider that. Even if they got a NSL I doubt the government would let them pull a stunt like this, they'd probably be looking at jail time but I guess that's possible too but at any rate it still wouldn't mean 7.1a was compromised years ago only that they're trying to push in a backdoor now. So until there's good reason otherwise I'll stick with the tested and true, so far nobody has shown any reason to abandon 7.1a.

Re:Fishy

[badzilla]

I detest "um" or "erm" because the intended inference is "I am soo smarter than you and having to bite my tongue to avoid delivering a scathing denunciation of your failure to understand what to me is instantly obvious". Take that, ummers.

Re:Fishy

[WaywardGeek]

I agree that users who are highly concerned about their privacy should avoid Windows, as well as Mac OS X, and likely use some version of GNU/Linux, and air gap their system. However, even Snowden felt he needed to use Windows, and TrueCrypt was likely good enough for his purposes. I haven't read about how he used TrueCrypt, but I imagine that the hidden volume might have been handy.

Places this laptop I'm using may have back doors: Windows, Lenovo software, Lenovo motherboard, Intel CPU, Intel FDE SSD, BIOS, Intel WiFi driver and hardware, Cygwin, TrueCrypt, and any of about 100 binary-only programs I've installed from the Internet. It may have been infected by my Android phone when I connected it, or by the stupid binary-only VPN client our company pays for since it felt the free open-source OpenVPN solution was insecure. GNU/Linux would help, but mostly because I would only install a dozen or so binary-only programs (Skype, NVDA driver, DVD player, Steam...). I have some concerns that my Arch mirrors have been overridden, as some package updates seem to be fishy (security configuration in Apache had syntax errors, yet the package was properly signed...). This stupid method of distributing binary packages from a central repository also smells like something governments would like.

My laptop is a radioactive pile of shit for security, whether or not I use Linux. TrueCrypt also has shit-for-brains password hashing, and wouldn't do anything about it, so I already suspected that the TrueCrypt devs were being pressured somehow.

Re:Fishy

[deniable]

We have to watch our for burglars with MSDN subscriptions?

Re: Fishy

[cHiphead]

Thats nonsense, of course the NSA backdoored bitlocker.

Stop fostering fear of an open source tool that actually worked, now you're doing to work of the NSA for them.

Re: Fishy

[VTBlue]

So you trust the anonymous Devs of TC even though the software does not really use a proper open source license? Btw have you seen the website lately? It still has the supposed "defacement." With anonymous Devs, how do you know that TC was developed by the NSA? Personally I do not believe this, but it is a legitimate question.

Re: Fishy

[jafiwam]

If there's a backdoor I guess we'll discover this when it turns up in a court case.

It won't turn up in a court case.

They'll do "parallel construction" and rely on anonymous tipsters (that don't actually exist) to create a case based on what they can infer or dig up after digging through all the information. That stuff will be in the case, the fact that TC is compromised won't be mentioned or implied.

This seems to be like an ordinary web site defacement at this point. No information indicating it's not just that has been discovered. Yes, speculation abounds but so far it's just someone stirring up trouble with a web site.

Re:Fishy

[shabble]

How do I mount a Bitlocker volume in Linux?

Dislocker?

Re:Fishy

[Dan1701]

I suspect that first of all (and I am probably wrong on this point, but bear with me) the Truecrypt project was the product of very few people, perhaps as few as two or three. Lexical analysis of the coding styles might assist here. I also suspect that as the encryption in operating systems improved, the perceived need for Truecrypt decreased, and some of the project members dropped out, became inactive or lost interest.

At some point, the project dropped to just one obsessive coder who has now undergone some sort of mental breakdown, hence the rather frantic message and the hurried changes to the code.

At this juncture, several things may happen. The other project members may re-join (assuming they've not been locked out) and clear up the mess this one individual has caused. If they've been locked out, then they'll fork the project and put out a non-messed with version. Or, finally, they may simply all walk away and we'll hear nothing more.

Someone must know some or all of the project members and care about them, so in the fullness of time we'll hear something.

Re: Fishy

[deimtee]

That's ordinary NSLs. What about the the double-secret NSLs?

Re:Fishy

[johanw]

So what? The author of TrueCrypt is not known and does want to remain anonymous. So suppose I create a fork and distribute it under GPLv3, who is going to complain? A lawyer has to represent someone who can prove he has the rights to the code, he won't be able to do that while representing someone who wants to remain anonymous.

Re: Fishy

[0x537461746943]

1. Unless that was part of the plan to misdirect.
2. Only if it gets found out.
3. I certianly wouldn't trust it after the information in the article.

Certainly this software has caused all kinds of difficulties with some government organizations being able to get to encrypted data they have confiscated/accessed. Those government organizations certainly want people to use something that has a backdoor in it. It has already been shown that the government has compromised other encryption schemes... what makes you think they have stopped doing that?

It is possible some organization (government controlled) pushed them to close down. XP support ending just gave them at least some reason why to do so. By posting what they did on the website even if Trucrypt is resurrected it will always have this stain in it's history where the developers have stated it is not secure. No company is going to want to use this software after a warning like that from the developers.

Re:Fishy

[bytethese]

I used libbde to mount BitLockered volumes on my SIFT workstation:
http://code.google.com/p/libbd...

I've only used with Win7 however, and I haven't tested Win8.

Re:Fishy

[Riceballsan]

indeed, I believe that's the general point. The group that puts government gag orders, has knowingly gotten almost every developer within the US's jurisdiction to put back doors of different kinds, and has been able to threaten/bribe all of them into silence or lying to the public about it, came to our door, and asked us to put a backdoor in, and we said no and everything went smoothly, is not the most convincing statement.

Re: Fishy

[mlts]

This. The one thing that TrueCrypt brought to the table wasn't just decent security. It was the plausible deniability aspect of having a hidden volume.

With most programs, they leave breadcrumbs of where data is stored, so if there is an unmounted volume, some rubber hose work can get the data. However, if the volume has someone's pr0n collection (icky, but legal), there isn't much the bad guys can go forward with. They can try to beat the guy with the volume, but in reality, there is no proof anything other than the stuff on the outer volume exists. The breadcrumbs (history in Word, etc.) point to the volume, and it is accessible completely to the attacker.

There is nothing like that out there that is not a commercial program and closed source, except for the implementation of PhonebookFS, where it worked like CFS/EncFS, except one had different views with different passphrases entered, as well as "chaff" so no matter what, there were files that wouldn't decrypt no matter what.

Re: Fishy

[godefroi]

I'm a senior TrueCrypt developer, and I have access to the Master Keys that can unlock any TrueCrypt encrypted data.

Now do you feel better?

Re:Fishy

[pnutjam]

What about realcrypt, wasn't that created to fork the license?

Re: Fishy

[bluefoxlucid]

TrueCrypt has been considered safe by a large body of people, and thus is reasonable to use for general self-driven risk management. For external RM, you ask your client: the government, the organization whose data you're protecting, etc., will have their own opinion to share if you suggest TrueCrypt as your encryption solution.

Re: Fishy

[MSZ]

. I would not, ever, trust an FDE from Microsoft. Why? They partner with the NSA. Which means the product is either badly implemented or just straight backdoored. In both cases it is not secure, therefore not worth using.

If you try to install latest update to Win8.1 it forces you to create an online account and will copy BitLocker keys to Microsoft's cloud for "safekeeping" and "recovery". Such a great free service, who would not like it?

Re: Fishy

[bluefoxlucid]

I would just use electrician's pliers to yank someone's front teeth out, then tell them they're lying, then continue the torture for a few days. If they don't break, they don't have anything; if they do have something, they'll break.

When faced with plausible deniability, replace the rubber hose with bamboo and scourge.

Re:Fishy

[bluefoxlucid]

Getting Linux to boot from anything it can mount is easy. You put the kernel and initrd onto an unencrypted /boot partition, which is loaded by grub. The kernel comes up, asks the user for the key (USB, password, whatever), mounts the volume, pivot_root /initrd /dev/mapper/root, and continues.

Re: Fishy

[TangoMargarine]

You can use the key residing on the encrypted partition to decrypt said partition? I'm very confused. Unless the key is at a fixed offset or something...

If everything is encrypted until you log in, how can you boot? Does the late-stage bootloader decrypt system files? In which case I would think that encrypting the system drive itself (as a whole) is rather pointless as the key must be somewhere readily accessible...or, y'know, just boot the thing then dump it at the login screen since it's supposed to be automatic. Or do you have a BIOS password? IIRC then you just pull the cel battery.

There's a strong chance that this is all implemented in an actually secure way and I just don't understand it, but that seems dubious from where I'm standing.

Re:Fishy

[MSZ]

Several data recovery/forensic analysis companies listed TrueCrypt password/key recovery in their products' features but when reading any further than the bullet list on the front it was always dictionary/bruteforce attack with a module that directly tried to find TC volume headers.

Re:Fishy

[TangoMargarine]

FUD

Re:Fishy

[TangoMargarine]

It's a hell of a lot closer to FLOSS than BitLocker.

Re:Fishy

[TangoMargarine]

To make it more obviously an NSL-motivated announcement. Cf. that one guy who said there will always be somebody on the Internet that takes your facetiousness seriously.

Re: Fishy

[VTBlue]

OpenSSL much?

Re: Fishy

[TangoMargarine]

From a hardware component specifically designed to make extracting the key from the chip impossible, yes.

Re: Fishy

[VTBlue]

yeah I don't agree with storing recovery keys on the cloud, but it should be stated that this is more to protect against theft by private parties than to counter government intrusion. If you have any fear of government intrusion pertaining to the encrypted data, you should not allow keys to be stored online ever.

Re: Fishy

[VTBlue]

I did a double take while reading this....then i realized it was sarcasm. nice :)

Re: Fishy

[Aaden42]

Won’t comment on unsubstantiated “senior developer” claims, but as for the encrypting malware issue, recovery of older versions of Cryptodefense was possible because the malware itself had a bug which leaked the necessary decryption keys somewhere on the target system. After the bug was made public, future versions of the malware fixed it and are no longer recoverable using that technique. It wasn’t a Bitlocker backdoor or similar. Not that I have evidence to contradict the existence of such backdoors, but the particular malware case didn’t rely on one.

http://www.symantec.com/connec...

Re:Fishy

[johanw]

TrueCrypt doesn't use public key cryptography. The most likely possible flaws that are non-obvious would be a faulty random number generator but that has been audited and nothing suspicious was found like in the NSA toolkit. Further, the changed source of 7.2 contains of not only omissions and additions with warnings, but also other work in progress that had not been hecked in yet. So it likely does come from the original developer. My 1st guess is problems with a government, my 2nd guess is personal problems of the developer.

Re:Fishy

[Richy_T]

Typing "Removes glasses, sucks temple and points pipe" just takes too long.

Re: Fishy

[godefroi]

Some random AC claiming to be informed by someone claiming to have access to master keys, it's not exactly a reliable source, is it? ;)

Re: Fishy

[chiefcrash]

> ... the amount of reputation harm that Microsoft would endure would literally be crippling.

I'm not so sure. After all, Microsoft seems to have survived despite virtually each of its cryptographic solutions having serious vulnerabilities, often breakable in a trivial manner. Kerberos, encryption of Microsoft Office documents, PPTP VPN, NTLM authentication protocol, SysKey, EFS encryption in Windows 2000, RNG implementations in Windows 2000/XP/Vista, and so on...

Re: Fishy

[bluefoxlucid]

You have no liability for using OpenSSL. That it was affected by a bug does not put you at legal risk, as it is a reasonable product decision.

If you had used JerrysSSLMadeInMyBasementAsACollegeProject, and it was found vulnerable, and you leaked personal information, a court would likely find you negligent. Of consideration would be an analysis of the product on the face: if it looks like a Geocities site done in FrontPage and says "I made this SSL implementation as a college project", you are negligent. If it boasts tons of security research and explanations on why this is much more secure and reliable and resistant to attack and programming bugs than other SSL libraries, you could be found not-negligent.

Liability doesn't mean shit went wrong and you're responsible; it means shit went wrong and you did something any sane person would know not to do. Enterprise would not be liable for personal injury caused by Toyota Priuses in their fleet if the court case found that Enterprise maintained the cars properly and discovered that Priuses had an inherent issue: Toyota is a respected brand and, until the Prius issue was discovered, the Prius was considered a safe car. Once the issue was discovered, Enterprise would have to send them for recall, after which they could issue Priuses again without exposing themselves to liability from Prius manufacturer defects.

TrueCrypt is well-known and respected as a secure product. As long as nobody tells you not to use it, it's reasonable to use it to secure data. If a serious TrueCrypt security flaw comes out and you deploy new TrueCrypt installations knowing the flaw won't be fixed, you're negligent and liable--as TrueCrypt is now out of maintenance forever, migrating onto TrueCrypt would now be considered negligent and carry liability.

Re: Fishy

[TMYates]

I may need to look into this for home use again. The USB key was the reason I stopped using it at home since it was nearly impossible to find a consumer level device without a TPM and I got tired of the USB requirement for 7. Of course it has been a few years since I bought a laptop.

I have used both TrueCrypt and BitLocker and like them both, but to be completely honest, BitLocker is the better option for a business with several computers because of the recoverability. I hated having to know our employee's TrueCrypt passwords so I could work on their systems.

Also, I may be one of the few who actually likes Windows 8-8.1.1 (*gasp*) so this would not be an issue for me.

Re: Fishy

[VTBlue]

all the items you mentioned are nowhere close to the strategic importance of Bitlocker. Bitlocker was designed to very specific encryption scenarios that address major legal liability areas in health, finance, insurance market, and PII data. If Bitlocker could be hacked after following best practices, a large cap company would unquestionably sue if the data was compromised in an attack. Like I implied before, the issue not about individual use, but business use.

Re:Fishy

[Joey+Vegetables]

he most plausible explanation to me so far is that the TC developer with the keys have gone to work for a commercial competitor to TrueCrypt and decided to throw a grenade in order to drive as many people away from TC as possible and pick up the pieces.

Not plausible in my respectful opinion. First, presuming that a commercial project would be closed-source, who would trust a closed-source encryption product? Even Corporate America is not that stooooopid. Second, supposing they otherwise might have trusted said product . . . would they still do so knowing it was developed by the very people who torpedoed TrueCrypt? That would be difficult information to keep secret for very long.

Occam's Razor suggests that this is exactly what it appears to be. . . another salvo in "No Such Agency's" ongoing war against every human being in the world. It will be treated as such by me and by many others, lessons will be learned, and we will move forward. Hopefully in a way that makes their (NSA's) lives more difficult in the future, rather than easier.

Re:Fishy

[Joey+Vegetables]

Correct. But GP is also correct. It had to be "source available and will build binaries identical to those we distribute" in order for it to be trusted. But "source available" does not automatically translate to OSS, which does not automatically translate to Free/Libre. Each of these is, to a first approximation, a subset of the previous.

Re: Fishy

[DickBreath]

Microsoft would also never have debug symbols called NSAKEY either. Nope, never.

The Microsoft
Is Your Friend
Trust The Microsoft

Re:Fishy

[TangoMargarine]

If the only thing keeping the license from being FLOSS is that it can't readily be absorbed into GPL, that seems like a rather silly distinction. As long as any forks keep the TC licence, it's entirely modifiable and redistributable, yes?

But it hasn't been blessed by RMS so it's not The One True Open Source(tm).

http://en.wikipedia.org/wiki/T...

I can't help but notice that those 4 bullet points don't say anything about being able to relicense the balls off of it whenever you feel like it.

Re: Fishy

[awyeah]

You can get around creating a Microsoft account on Windows 8.1 during the install.

Interestingly, you have to click on the "Create Microsoft Account" button, and then at the very bottom of the form, there's a link to skip it.

Re: Fishy

[lagomorpha2]

When faced with plausible deniability, replace the rubber hose with bamboo and scourge.

Don't be silly, the US government would never torture someone for their password. They would waterboard them during an enhanced interrogation. They would never use torture.

Re:Fishy

[Zo0ok]

But why not just write that: "We are no developers left on the project. If anyone seriously wants to take over we may hand over the source code under another license." Instead of making lots of effort creating a crippled version and lots of confusion?

Re: Fishy

[lagomorpha2]

If you had used JerrysSSLMadeInMyBasementAsACollegeProject, and it was found vulnerable, and you leaked personal information, a court would likely find you negligent. Of consideration would be an analysis of the product on the face: if it looks like a Geocities site done in FrontPage and says "I made this SSL implementation as a college project", you are negligent. If it boasts tons of security research and explanations on why this is much more secure and reliable and resistant to attack and programming bugs than other SSL libraries, you could be found not-negligent.

>

I wonder what the liability issues are for using an antivirus package made by a company founded by a man best known for sneaking into the US using a series of elaborate disguises to avoid prosecution for the murder of his neighbor and then making a video about how to remove said software in which he reveals some of his more colorful vices.

Re:Fishy

[lagomorpha2]

How would a NSL oblige you to make changes to software?

Step 1: NSA goes to judge who is both friendly to them and completely ignorant of technology
Step 2: Request warrant for all truecrypt containers everywhere
Step 3: Tell Truecrypt developers that if they don't insert a backdoor then they're interfering with the warrant, they can't challenge it without revealing who they are

Re:Fishy

[Joey+Vegetables]

A few facts to help clarify your thinking. First, RMS advocates Free Software, not Open Source. They're not the same thing, although the first can be viewed as a subset of the second. Second, neither RMS, nor any other public figure I'm aware of, has ever suggested that not GPL means not open-source, or even not free. RMS does explain eloquently and persuasive why Free (which implies Open) is better than merely Open, and why copyleft licenses are a more useful tool, in most cases, to preserve freedom. But he quite readily acknowledges that licenses such as BSD (new-style) or Apache are Free, which, generally, implies they are Open as well. Third, ownership of the source implies the right to re-license at will, but this right accrues only to the owner, not to those to whom it is redistributed, unless it is distributed in the public domain.

Re: Fishy

[owlstead]

RSA is a purposefully weak cipher? Citation needed!

Re:Fishy

[dave562]

Define trust...

I trust it to render any disks physically removed from the server worthless.

I trust it to render any disks that are not unlocked with a verified key unreadable.

I do not trust it to be free from back doors that facilitate access by law enforcement.

Re:Fishy

[viperidaenz]

Hopefully in a way that makes their (NSA's) lives more difficult in the future

I assume you're not a tax payer then. Making their job harder won't slow anything down, it will just cost more money.

The simplest answer has nothing to do with the NSA, that's the paranoid answer.
My money is on the developer couldn't be arsed with the project any more and thought it would be funny.

Re:Fishy

[viperidaenz]

Maybe this was the developers business plan all along. Make popular "open source" project with dodgy license, shutter it then sue when someone makes money from a fork.

Re:Fishy

[viperidaenz]

It would mean revealing the identity of their lawyers and that they represent the TrueCrypt Foundation.

Re:Fishy

[TangoMargarine]

I suppose now we're wandering into fiddly terminology territory here...my point is that saying "TC is NOT a FOSS project, never was." without any further qualifications seems, if not outright wrong, pretty misleading (we do like to argue technical correctness around here). We're saying it's Free Software but not necessarily Open Software at this point, yes? If FS is a stricter subset of OS, it would seem to be that we've proved that TC *is* in fact FOSS, then.

Looking at the Wikipedia article reference for the most-relevant-looking statement from my previous post, all I found was the president of OSI saying "TC license is bad! Bad bad!!" without actually giving any details. I really expected more from that article. And since Google cache doesn't seem to have a link to the old TC license page, I'm having a bit of a hard time referring to the license itself. More research digs up verbiage that ambiguously states that TrueCrypt (the binaries? the source? both?) must also be distributed "freely" (as in free of charge I believe).

It has been explicitly stated* before that open-source software does not necessarily have to be free as in beer. So if costed distribution is fine, without-cost distribution must be, too. The TCL *limiting* distribution to without-cost is the issue? As mentioned before, the Free Software core tenets don't seem to have a problem with this on the face of them. I imagine RMS wouldn't be too broken up about it if forced-without-cost distribution were the norm, either.

I would still call TC FLOSS, but if OSI/FSF don't give their stamp of approval it apparently can't ever be FLOSS.

* by /. people

Re:Fishy

[viperidaenz]

The rights to the code belong to "TrueCrypt Foundation" don't they?

Re: Fishy

[TangoMargarine]

Sometimes there are very simples reasons behind the things we don't want to hear.

Such as? "The developer was just making a joke"?

Re:Fishy

[TangoMargarine]

First, presuming that a commercial project would be closed-source, who would trust a closed-source encryption product? Even Corporate America is not that stooooopid.

Anyone currently using BitLocker?

Re:Fishy

[viperidaenz]

That was created to rebrand TrueCrypt and to put it in Non-Free repositories.
It's still under the same license

Re: Fishy

[rev0lt]

Oblig. XKCD http://xkcd.com/538/

Re: Fishy

[rev0lt]

With only binaries to analyze it is certainly possible that a NSA backdoor could go undetected in bitlocker.

The sad truth is that even the source code isn't enough to guarantee that no backdoor exists, if its done in a competent fashion.

Re: Fishy

[Bert64]

If you can boot the machine then there are a number of attacks...
Chances are you could connect the machine to a dhcp network via ethernet and it will get an ip, so you can exploit the machine over the network... If it's not vulnerable to anything you just wait for new vulnerabilities to come out as the machine is never going to patch itself while it's turned off.
Not terribly sophisticated, needs an ethernet switch and a copy of metasploit.

A more sophisticated attacker could extract the contents of memory using custom hardware once the machine has booted.

Re:Fishy

[rev0lt]

This stupid method of distributing binary packages from a central repository also smells like something governments would like.

And if you really think about it, signed repositories only protect you against tampering with the actual packages, not the source. I'd guess it would be quite feasible to gain access one of the most well-known-less-cared-about libraries (or their servers) and add some easteregg to the code (think stuff like libjpg, libpng, zip handling, etc), and the fancy signed package would be silently built and installed downstream.

Re: Fishy

[Bert64]

Auto unlock to boot, ie autonomous booting... not unlocking of non system drives, but unlocking of the system drive in order to boot without requiring user intervention (i.e. entering the key).

Windows system passwords are laughable, the encryption is extremely poor by modern standards (no salts etc), and if certain network services are running (e.g. smb - running by default) you can login using the hash even without knowing the plaintext password.

If the system can boot autonomously, you can use specialised hardware to extract the contents of memory, which will include the password hash.

Even if you don't have access to such hardware, you can probably plug the machine into a small isolated network and try to attack it that way... If the system is fully patched you just keep the box turned off and wait for new exploits to come out as it's not going to patch itself without a working internet connection.

Re: Fishy

[Bert64]

Hence "boot autonomously", as in boot without a password having to be entered.

Re: Fishy

[rev0lt]

Until you access that specific secret non-documented register that is available after some fancy port-knocking (bit-knocking) that will leave an internal gate to 1 instead of 0... Given that most chips do have extra circuitry for internal testing, this would be almost trivial to implement and very very difficult to detect.

Re:Fishy

[Joey+Vegetables]

The license under which TrueCrypt was distributed is neither Free by the FSF definitition, nor Open by the OSI's, mostly because of usage restrictions which are not allowed by either. None of this is in any way controversial. It is simple fact, acknowledged by anyone who is familiar with all three. You do not appear to be familiar with any, thus your confusion. Source availability is a necessary but NOT sufficient condition for both freedom and openness.

Re:Fishy

[Joey+Vegetables]

OK, you got me on this one. Some people are that stupid. What I should have said was, "even most within Corporate America." No one in any of the companies I've ever worked for would trust it, and I'm not certain that any publicly traded company legally even can, because of Sarbanes-Oxley.

Re:Fishy

[Joey+Vegetables]

By "more difficult" I mean "not worth their effort." I'm hoping to dissuade them from even trying, not because what I have to protect is particularly valuable, but because in principle I don't want them snooping on my stuff, *or* anyone else's either. I want the bar for them to do so to be high enough that they won't bother unless there is some plausible reason for them to do so.

Here is what my belief explains that yours does not: if their actions were not coerced, then the only other possible explanation is that they were rude, unhelpful, not in keeping with the general standards of open (or in this case semi-open) software in general, and burned every possible bridge back to the security community forever. There was no possible incentive for them to do this and every reason not to. The only reasonable alternative is that they were coerced, and the only entity likely to do so, and capable of getting away with it, would be some agency of the U.S. government.

Re: Fishy

[im_thatoneguy]

4. I'm pretty much certain that the DOD uses bitlocker to secure all of their systems--even in warzones. If the NSA was pressuring them to add a backdoor I imagine Microsoft would knock on a senior DOD officer's door and go "Hey, uhhh, the NSA over there wants us to open up your data to possible breach. Go talk some sense into them."

Re: Fishy

[VTBlue]

"Truecrypt - Schrodinger Security"

Re:Fishy

[strikethree]

What I can't quite get my head around is the suggestion to use BitLocker though. I know MS resisted an NSL recently, but that doesn't meant we can trust BitLocker.

As someone else already pointed out: It is a huge red flag that you simply can not miss that warns you that there is a problem that can not be discussed directly.

LOL, think about it: Duh! Suggesting a Microsoft product for security is like suggesting Satan as a babysitter for your children. :)

Re:Fishy

[viperidaenz]

They haven't burnt any bridges. No one knows who they really are.

It's easy to be rude and unhelpful if you're anonymous.

Maybe they didn't want to further the project and didn't want anyone else to profit from their work.
Maybe they found a security issue and deemed it to too much effort to fix.

Re:Fishy

[TangoMargarine]

mostly because of usage restrictions

Source availability is a necessary but NOT sufficient

Is the "freely distribute" bit the specific part that makes it not FLOSS? Everyone seems reticent to actually point to the verbiage in question, which is a large part of why we've been going back and forth on this for so long now.

I'm not trying to say that it's controversial, I just find it weird that a license that seems to me pretty clearly in the spirit of open source is not recognized as such because of clauses that make it "more" free (from the end user's point of view).

Re: Fishy

[LordLimecat]

It is not false security. Bitlocker means that you cannot load a linux image and bypass all of the Windows security controls; attempt to do so, and the TPM will refuse to release the keys to decrypt the drive. This means that you have to boot the system up and deal with Windows credentials in order to do anything.

It is apparently possible to manually extract the keys from TPM, but is also apparently quite difficult (requiring months in a lab), so for the purpose of securing laptop data against theft, it is effective. If your concern is more severe (nation-state attacks) you can enable 2-factor and store a certificate on a USB drive.

I personally prefer the Truecrypt style of "really long password" because its not something that can be stolen-- but there are a number of benefits to Bitlocker.

Re:Fishy

[LordLimecat]

Anyone volunteering to take the hit just so we can all find out who's behind TC?

Re:Fishy

[Joey+Vegetables]

You've already referenced the Debian Free Software Guidelines. That would be a perfectly good place to start. Read the TrueCrypt license (as I have, although it was a couple years ago) and compare with the four freedoms mentioned therein. I think you will find it violates at least the first.

Re: Fishy

[DarkAce911]

duh, the former head of the NSA was an Army General, he would tell DOD "Top Secret and Need to Know". They would then shut up and tell Microsoft to quit bothering them.

Re:Fishy

[epyT-R]

Eventually what will happen is that any country that is out of conformance will simply be cut from the network...or bought off. Passive resistance like that only works for so long.

Re:Fishy

[epyT-R]

You think they're not monitoring that too? It runs over the same lines.. It would also be illegal. eventually. Would you, with a cushy career, risk it all for this? For every snowden there thousands who wouldn't.

Re: Fishy

[epyT-R]

The point is that you cannot trust microsoft because it's an obvious target for an NSL. You asked me to trust them just because "they would not knowingly backdoor bitlocker". What kind of proof is that? For all I know you're paid to shame/defame people like me to get others to use the software.. If you're going to use crypto it pays to be a bit paranoid. Real security is self evident and intrinsic. Shaming language that may hide possible smoke and mirrors is not.

You're right, there's no guarantee for TC, but at least the source is available which grants the possibility of code review. That alone puts it ahead of microsoft and other closed solutions.

Legal this legal that. At the end of the day, the only people who care about that are government sellouts anyway (which microsoft is most certainly). If my company had data that was even remotely interesting to governments I would not trust bitlocker worth a damn...at least not by itself. As far as liability is concerned, I don't consider any software truly reliable. I assume it will fail at some point, wherein the vendor will kick in its "we're not liable" clause that's in their license...you know, like microsoft's?

If microsoft truly cared about their customers they would unite with them against the feds, along with google, apple, and the wireless telcos.. Of course, they're all in bed with them instead.

Re:Fishy

[RockDoctor]

I'm wondering who the fuck trusts MS enough to use Bitlocker. I don't.

The corporate IT people who provide this laptop [types - this one] for their corporate purposes using my skills trust MS enough to mandate Bitlocker on all their laptops. The user doesn't get an option - if the machine connects to their network, it must have Bitlocker installed and running, otherwise the machine won't be allowed any network traffic.

Their machine ; their choice.

Even if I had a Windows machine at home, that's not going to persuade me to use it. Or Windows.

Re:Fishy

[TheMMaster]

The TC license actually has the following text in it :

    NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED AS A PROMISE,
    OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT OR TRADEMARK
    INFRINGEMENT.

A license is a promise not to sue, if you follow the licensing conditions. The license literally says 'there is nothing you can do to potentally stop us from suing you'. This makes it non-free because nothing in the license allows you to do anything more than regular copyright would allow (which is nothing) without risk of being sued. It's not only not FLOSS, it's literally not distributable or usable without a risk being sued.

http://lists.freedesktop.org/a...

Re: Fishy

[RockDoctor]

(yes... when I was in college, I was asked to help someone who had some private things stored on his laptop... and when the thieves stole it, they demanded $3000 or else they would post all the nudie pictures of his GF that the victim took to the Internet.)

What on earth did your friend (for which I expect that you mean "yourself") expect from you? The hardware with the data on it has gone ; the thieves have it, they know what they have, and they know enough to be able to contact the person they stole it from, so it's pretty likely that they know how to contact the girlfriend in question.

• Were you expected to somehow reach out through the airwaves and wipe the drive remotely, as well as all the drive and memory sticks to which they'd already copied the extortion-worthy pictures? OK - I'm told there are tools like that for Macs, in which case your "friend" either had them installed and hadn't used them for some reason, or they weren't installed, or hadn't worked (e.g., the pictures were now on another floppy somewhere other than the stolen computer).
• Or, were you meant to be some sort of private detective, track down the thieves and beat them with a $5 wrench until they promise to not post their backups of the pictures to the net after you let them go.
• Or were you just part of the find - murder - corpse disposal squad? That's a smart move, boasting about it in a public forum.
• Or were you the one who had to explain to the girlfriend what happened. Actually, that's about the only credible scenario I can come up with - explaining that some bad shit had happened that your "friend" would have had a hard time predicting, and that the consequences were going to happen whatever your "friend" and/ or the girlfriend did. What - you expected the blackmailers to stay brought?

The story simply is not credible.

I smell something more sinister. The thieves knew the people they stole from, perhaps (so they knew that $3000 was a credible first bleed ; and they knew the images would cause embarrassment). Or the pictures had been taken without the girlfriend's consent. Or it was the girlfriend that the "official" girlfriend didn't know about.

Re:Fishy

[TangoMargarine]

You got a link to that? (TC license)

And we just got done talking about how the FSF and OSI define FOSS and now you're giving me a link to the Debian guidelines? Really?

Re:Fishy

[TangoMargarine]

Thank you! Finally a concrete explanation. If true, that does sound pretty sucky.

Re:Fishy

[Kiwikwi]

AFAIK, the TrueCrypt audit project has done no such thing. (Citations welcome.)

But this guy did: https://madiba.encs.concordia....

Re:Fishy

[AC-x]

Ah I see, I had re-read the original slashdot post about it and misread it as a quote from the truecrypt audit project.

Re:Fishy

[WaywardGeek]

You're right. I guess it is just about impossible to build a truly secure OS. OpenWall tries, though I haven't checked it out properly and don't really know how secure it is, though it's designer is a genius. It seems that isolation from the Internet is the safest way to maintain privacy. Also, close your window blinds and never leave the house :-)

Re: Fishy

[Enigma2175]

RSA is a purposefully weak cipher? Citation needed!

I wasn't talking about RSA the cipher, I was talking about RSA the company, which used a weak SSL cipher in their product after being paid $10 million by the NSA. link

"Reuters reported in December that the NSA had paid RSA $10 million to make a now-discredited cryptography system the default in software used by a wide range of Internet and computer security programs."

Re: Fishy

[phorm]

Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling

Well, it's not like the NSA would go ahead and surreptitiously do it without permissing. Kinda like the NSA intercepting Cisco gear deliveries and backdooring it with hardware bugs. Good thing that sort of thing never... oh wait!

Re:Fishy

[Joey+Vegetables]

The TC license you'll probably have to hunt for a bit, as it has been pulled from the Web and was never included in the Wayback Machine. I was not able to find it. But as for the DFSG, I mentioned them because (a) you did first, and (b) it is more or less what the OSI uses as its definition of Open Source. The FSF's definition is extremely similar.

Re:Fishy

[rev0lt]

Building a secure OS isn't "that difficult" (as in, its quite feasible). Building a secure OS that runs software people want to run and need for work and can communicate with insecure computers (aka the internet) is a complete different story :) Everything that is 3rd party is potentially tainted, and that includes usually the compiler and the build toolchain. Some projects like OpenBSD integrate some 3rd party software into their own codebase, and do an audit to make sure no major holes are present. But unless you're using it as a firewall or to serve some static files, sooner or later you'll need 3rd party software from external sources. And if even in your codebase some "easter eggs" are difficult to detect (look at OpenSSL, the heartbleed vuln went unnoticed for what? 2 years?), it is almost impossible for external programs.

Re: Fishy

[thegarbz]

Right I miss-read. I was under the impression he was talking about auto-unlocking other encrypted partitions / files / usb sticks. In this case the encryption key can only be stored on an encrypted drive, under the assumption that if you have permission to decrypt the drive you give consent for the OS to also decrypt the other partitions, files, or usb sticks. I didn't realise there was a mechanism for auto-decrypting the boot partition.

But on further reading it appears auto-decryption of the boot paritions only works if you use a system for external key storage. The choices appear to be a USB key, or a TPM module.

Wish I had a system here to test that.

Re: Fishy

[thegarbz]

Ahhh right, but on further reading it looks like you can only autoboot with an encrypted system drive if you have some form of external key storage.

Technet lists that you either need a TPM module or a BIOS that supports booting from USB, and the keys are then stored either on the module or the stick.

The rest of your argument boils down to attacks are possible if the system is already decrypted. Well no kidding, who'd have thought! But that's a fundamental problem for all systems and has nothing to do with MS.

As for salting passwords, that worries me more when there's more than 1 or 2 accounts on a typical home computer. If you can crack the administrator password there's little reason to have to go after any other hash on the system as you have explicit trust to reset other passwords anyway.

Re: Fishy

[TangoMargarine]

Ah, okay. I forgot about dongles. Sounds like the best way to go about it--require the dongle (and maybe a password) at boot, then "auto" after that point doesn't really matter.

Re:Fishy

[TheMMaster]

Check out the link in my previous post, it has a fairly complete legal interpretation of the license by the Fedora lawyers.

I wonder...

[halfEvilTech]

If the dev's decided to go full Lavabit mode after getting a NSL for the keys. So instead of letting people know that specifically they did this.

Also in the new version they removed all of the code to encrypt data, only the decryption remains.

Re:I wonder...

[CelticWhisper]

But TrueCrypt doesn't have master keys as I understand it. It's not like Dropbox. There's nothing an NSL (plague be upon whoever got the idea to legalize that) could discover that would do NSA/DHS/USA any good.

Re:I wonder...

[halfEvilTech]

yes but there is still the private signing key that allows for trusted uploads of new (possibly compromised) versions.

Re:I wonder...

[cbhacking]

They could get the signing key, and release their own version of the software that appears legit? It's a stretch, but maybe even (secretly) take over the project to *add* backdoors, so TC decided to commit seppuku first?

I really don't know. It's a mess. If they come back and *say* it was just defacement/mis-timed April Fools/whatever, they're going to be under even more scrutiny than before for a good long while.

Re:I wonder...

Or in tonight's interview, Snowden reveals that TrueCrypt is an NSA product.

 

Re:I wonder...

Maybe downvoted to oblivion by an NSA guy with an access to Slashdot's backoffice. We"ll never know.

Re:I wonder...

[Charliemopps]

But TrueCrypt doesn't have master keys as I understand it. It's not like Dropbox. There's nothing an NSL (plague be upon whoever got the idea to legalize that) could discover that would do NSA/DHS/USA any good.

The NSA would just need to force them to install the NSA's code. Keep in mind, we have no idea what their capabilities are. They're probably the highest payer for almost every exploit out there. The NSA is likely also very adept at obfuscating their code. I don't know if this is the case here, but I put no limits on their capabilities. I'm in full on paranoia mode now.

Re:I wonder...

[Darinbob]

Which isn't covered by security letters though. If they wanted the private keys they'd use the $5 wrench approach rather than go through a legal system that's going to say "no" to the warrant.

Re:I wonder...

[mlts]

Even more concerning is that both their code signing keys were used. If an Authenticode key got compromised, that is one thing. However, both their gpg and Authenticode keys were used to sign that last release, so it either was a very sophisticated intruder, or the TC Foundation dropped their cards on the table and stopped playing ball for some reason.

Re:I wonder...

[cultiv8]

Also in the new version they removed all of the code to encrypt data, only the decryption remains.

They also changed all references from "U.S." to "United States"

Re:I wonder...

[Jake+Dodgie]

Nope if Snowden was aware that Trucrypt was compromised by the NSA he wouldnt have organised a cryptparty in Hawaii showing people how to use it and TOR after he had allready stolen his pile o docs.

Re:I wonder...

WTF... I heard that all TC developers are from Czech Republic, (or some other central european country)... They don't need to answer to any US NSL.

Re:I wonder...

[dinfinity]

There are quite a number of minor changes to the strings in the code (grammar fixes, additions of code comments).

Also, the specific changes you're talking about all concern changing 'English (U.S.) resources' to 'English (United States) resources'. That line is apparantly auto-generated by VS: https://www.reddit.com/r/priva...

Or just Google search for it:
https://www.google.com/webhp?s...
https://www.google.com/webhp?s...

Re:I wonder...

[Cederic]

Actually that's one of the few things they would bust him for.

His pictures of himself prancing around in little girlie panties however are probably safe.

Re:I wonder...

[MrNiceguy_KS]

yes but there is still the private signing key that allows for trusted uploads of new (possibly compromised) versions.

True, but it's still an open-source project. Uploading backdoored binaries would be easy enough, but compromising the code would be a lot more complicated.

I'm sure the NSA is very good at writing obfuscated code, but there are other factors in place. The TC code audit started a few month ago, and there hasn't been an update to TC in 2 years. Any new updates to TC are going to be reviewed *very* carefully - sudden updates to a 2-year-stable project right after the beginning of a code audit looks very suspicious.

I use TrueCrypt. I realize that there are other options out there, but TrueCrypt has a few advantages - namely that it allows hidden volumes and it's cross-platform, free-as-in-beer, and open-source, (even if not technically FOSS). So now what? TrueCrypt won't go away. I can save a copy of the installer for the 2012 release, and, more importantly, there are copies of the code out there - particularly in the hands of the code audit team.

If we assume that the TC dev got an NSL, it would potentially explain the announcement. The dev decided to burn the crop and salt the field rather than let it be co-opted by the NSA. And, based on what happened with LavaBit, the NSA must have anticipated at least the possibility of this response. If anything, it was probably more likely. LavaBit was a commercial operation - they had a financial incentive to go along, keep their mouth shut, and keep the business going. Instead, they decided to do the right thing and shut down.

So assuming the NSA sent a National Security Letter to the TC dev, why, and why now? NSLs have been around for years. It seems odd that the NSA would wait until now to try to force in a backdoor, particularly with the likelihood that attempting to do so would result in the "burn and salt" response. If the NSA felt it was worth forcing TC into a go-along or shut down choice, they would have done it years ago.

One possibility is that TrueCrypt has an exploit that is currently know by the NSA, but not known by TC devs. Once the code audit started, the NSA was concerned they would lose their backdoor, and issued National Security Letters to the audit team requiring they don't expose the flaw, and to the dev team requiring they don't fix it. At this point, this seems like it might be the most likely option, assuming we aren't looking at a site defacement. Hopefully we'll get some clarification soon.

Re:I wonder...

[MrNiceguy_KS]

WTF... I heard that all TC developers are from Czech Republic, (or some other central european country)... They don't need to answer to any US NSL.

Their actual identities and locations are unknown. There's plenty of intelligence agencies around the world that would go along with a firmly-worded "request" from US intelligence agencies. I think it's safe to assume that, if this announcement is due to government threat, we're talking about legal threats rather than death threats. An agent that says "backdoor your software or we kill you" is very likely going to kill you for making the sort of announcement that popped up today.

Re:I wonder...

[balbus000]

Other notable minor changes (yes, I noticed the oxymoron too):

-because it breaks the main font app when the app is running on XP (likely an MS bug).
+because it breaks the main font app when the app is running on XP.

They don't want MS to be associated with bugs?

- // The Windows API sometimes fails to indentify the file system correctly so we're using "raw" analysis too.
+ // The Windows API sometimes fails to indentify the file system correctly (observed under Windows XP) so we're using "raw" analysis below too.

Alright, maybe they're okay with XP taking some heat, as long as Win 7&8 are implied to be better.

-- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads)
+- Microsoft Visual C++ 1.52
...
- header files (available at ftp://ftp.rsasecurity.com/pub/...)
+ header files
...
- wxWidgets 2.8 library source code (available at http://www.wxwidgets.org/
-- FUSE library and header files (available at http://fuse.sourceforge.net/
- and http://code.google.com/p/macfu...)
+ wxWidgets 2.8 library source code
+- FUSE library and header files
- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
- header files (available at ftp://ftp.rsasecurity.com/pub/...)
- located in a standard include path or in a directory defined by the
- environment variable 'PKCS11_INC'.
+ header files located in a standard include path or in a directory
+ defined by the environment variable 'PKCS11_INC'

They're trying to make it harder to find what you need to build your own binaries?

Also, when did /. start auto-creating links? Yes, I used preview and actually edited my post before submitting. Although now since I said that, someone will point out a typo somewhere in my post.

So, what now?

[Archeron]

So what do we use to replace TC as a multi-platform solution for things like external drives? There are many decent products, but TC seemed to be alone as far as OpenSource tools capable of running on Windows, Linux and Mac. Suggestions?

Re:So, what now?

[TCM]

It's not as if 7.1a is suddenly unexecutable...

Re:So, what now?

[cbhacking]

7-Zip encrypted files? I kind of hate to recommend them as a "safe" alternative, and they're definitely not as convenient from a "mount this volume, work in it, save your files, unmount the volume, it's now securely encrypted" user experience standpoint.

Re:So, what now?

[cbhacking]

That works fine for now, but it's a terrible idea to just keep using software that has known flaws (which will continue to accumulate) but no longer gets patches. At some point, while 7.1a will still be executable, it will no longer be safe in any way.

I took Archeron's question to mean "So, what should we start migrating to now?" That's a very good question, sadly...

Re:So, what now?

[TCM]

They're not only not convenient, they're also not secure in the sense that in order to work with your data, you have to decrypt it _somewhere_. Unless you secure erase your free drive space after zipping your files back up and deleting the unencrypted copies, I wouldn't consider that data to be secure anymore, at all.

Re:So, what now?

[steveg]

But it does appear to be unavailable if you don't already have a copy. Source is gone as well.

Re:So, what now?

Sure, it works now, but once you require GUID Partition tables, you're sunk.

DiskCryptor is our only real alternative now, and it has GPL license, it is not a proprietry license like TrueCryt is (was).

We are in the era of 4TB spindles going up to 6 then 10 then 10TB a spindle. WE NEED GPT (Guid Partition Tables - 64bit addressing, MBR is only 32bit addressing).

Re:So, what now?

[Qzukk]

You can get your copy from www.totallynotnsa.com/truecrypt.7.1.nsa.zip

Re:So, what now?

[viperidaenz]

Unless you secure erase your swap files/partitions, unencrypted data may still be left on your disk.

Re:So, what now?

[mister_playboy]

https://thepiratebay.se/torren...

Re:So, what now?

[fireman+sam]

Windows setup: http://www.4shared.com/file/ya...
Mac dmg: http://www.4shared.com/file/QH...
Source tarball: http://www.4shared.com/archive...

md5sums have be checked against those listed at http://truecryptcheck.wordpres...

Re:So, what now?

[Darinbob]

I thought it really hadn't been updated much for over a year.

And will flaws continue to accumulate, or do you mean flaws continuing to be discovered?

Re:So, what now?

This version is safer: https://www.totallynotnsa.com/truecrypt.7.1.no-nsa-backdoor.zip?evil=false

Re:So, what now?

[tomofumi]

for those who want a linux binary: http://www.4shared.com/file/wU...

Re:So, what now?

[joemck]

One cross-platform option that looks good is EncFS. There's a FUSE module for it on Linux, and Safe (getsafe.org) is a port of the same thing, plus a GUI, for Mac and Windows. Or stick with TrueCrypt format and move to a different program for accessing it, like tc-play or cryptsetup.

(NOTE: I haven't tested these products. This is just from reading stuff here and there, and looking around.)

Re:So, what now?

[cbhacking]

Hadn't been updated much... but there's a big ongoing audit of the code that already turned up some findings. Nothing major, certainly not enough that I'd say it warrants the kind of warnings currently all over the site, but enough that there really *should* be a newer version to patch them.

Flaws will continue to be discovered, including after the audit. They don't even have to be flaws in TC itself, properly speaking; if somebody finds a major break in some cryptographic primitive (cipher, hash function, etc.) that TC uses, then TC needs to stop using that primitive even if it implemented it correctly (or consider something like DES, which was secure 30 years ago but today can be brute-forced quickly and inexpensively, though none of the current primitives we use should be *that* weak anymore). In any case, if flaws do not get patched as they are discovered, they will accumulate, and sooner or later there will be one that's either too big to accept or some combination of them that makes attacks on the software or its data practical.

Re:So, what now?

it's a terrible idea to just keep using software that has known flaws (which will continue to accumulate)

If it has flaws in the way it encrypts data, then any encrypted data that gets leaked is compromised, now or in the future - it doesn't matter whether the flaws were known at the time it was leaked.

Bugs don't accumulate over time in unmaintained code. They were always there.

Re:So, what now?

[johanw]

More like not updated over almost 2,5 years. My copy of 7.1a is from February 7, 2012.

Re:So, what now?

[steveg]

Thanks. Are we sure that the truecryptcheck site has clean checksums?

What!

[rock56501]

The website itself says that integrated encryption is supported in Windows 8/7/Vista, but when you go to MS's website about Bitlocker for Win 7, it says that it's only supported in Enterprise and Ultimate versions of Windows 7. Guess everyone on Home / Pro versions gets screwed!

Re:What!

[cbhacking]

Yeah.. the TC site gives you a step-by-step on how to upgrade your Windows edition, but they don't seem inclined to hand over the money it costs. Not that they're under any obligation to - it's not as if they were under any obligation to develop TC in the first place, either - but as a guide its usefulness is severely limited.

Win8 at least has BL in the Pro edition (having reduced the range of SKUs considerably from Win7) but... yeah. Vista doesn't even (officially) support BL on removable media at all, in addition to (like Win7) only offering it on Enterprise and Ultimate SKUs.

Re:What!

[harrkev]

So, assuming that this IS real, any suggestions on FOSS encryption for those without access to BitLocker?

On a side-note, how could TrueCrypt be actually broken? Even if the encryption is broken, that can be fixed in a later release. There is a LOT of stuff in TC (boot manager, GUI, etc.), and you cannot tell me that ALL of it is bad.

Re:What!

[cbhacking]

7-Zip is FOSS and supports file (well, archive) encryption. It's not a replacement for volume-level encryption, but it's a thing.

GPG still works fine for file encryption too... but again, not for volumes.

Re:What!

[TCM]

As long as this matter is in its current state, I wouldn't even bother thinking about the minute details of the "suggestions" on the page.

This whole thing is just absurdly smelling like Lavabit.

Re:What!

[viperidaenz]

That's why the developers of a project like TrueCrypt shouldn't all reside in the same country.

Re:What!

[nurb432]

Guess everyone on Home / Pro versions gets screwed!

Or not running windows at all..

Re:What!

[mlts]

BitLocker runs fine on my machines, none of which have a TPM chip. You have to change a policy setting, but after that, they will work as normal, and you can also encrypt the boot/system volume and have it ask for a password when it comes up.

TPM chips are a double-edged sword. They can be used for ill (DRM) in consoles, but I've found them a decent way to protect machines with BitLocker. If you use a TPM + PIN, after a few missed passwords, the TPM will block and demand one waits before another entry... and that wait time doubles with each failure. So, with the anti-brute force mechanism present, it provides good protection for stuff on a laptop.

Re:What!

[tomofumi]

their hard promotion of windows bitlocker cause me to think that, are they being employed by Microsoft?

Re:What!

[Lennie]

Well, it never was a great open source project. Because the license of TrueCrypt is restrictive in several ways.

Re:What!

[philfr]

From wikipedia : "There is an independent, compatible implementation, tcplay, for DragonFly BSD and Linux." Not totally cross-platform like TrueCrypt, however.

Re:What!

[Spiridios]

Guess everyone on Home / Pro versions gets screwed!

Or not running windows at all..

FreeBSD has built-in full-volume encryption, and it's pretty simple to make that volume a file-backed volume if you wish. I'd be extremely surprised to find out that Linux doesn't also have similar support.

Re:What!

[nurb432]

Right, i was speaking more towards the original post, like all that matters was windows users.

Full disk is supported most everywhere these days ( and everyone should use it if they can ), but i do have to admit that with true crypt having a way to encrypt individual files in a portable way was nice. Plus, 'hidden partitions' was a 'really good thing' ( tm ) for the paranoid among us.

One caveat i have found with default BSD full disk is you are screwed if you need to reboot and dont have console access... ( or your power cycles on you )

Re:Smells Scamspicious

[cbhacking]

If it weren't for the new binary that is signed (but the same key as before), that would be the obvious answer. As is, it could still be correct but seems less likely.

I don't have enough info on the priors of this kind of thing yet to establish a Bayesian probability. We've got clues but no idea what *their* probabilities are.

Bummer

[I'm+just+joshin]

The best aspect of Truecrypt was the cross-platform compatibility. Being able to open an encrypted drive on any platform was the killer feature.

Re:Bummer

The TrueCrypt encrypted volume format is well known and there are FOSS projects[1][2] that can create and open TrueCrypt volumes. If the project goes under,the format will still live on and block device encryption projects in windows and osx can start supporting the format as a cross platform solution and it will be like nothing has changed.

[1] https://github.com/bwalex/tc-play

[2] https://code.google.com/p/zulucrypt/

Re:Bummer

[Darinbob]

BSD license is FOSS, and the truecrypt was also FOSS. Even the FSF says that BSD license really is a free license only that it's not as good as their GPL is.

Re:Bummer

[Zanadou]

https://diskcryptor.net/wiki/F...

" Q: What operating systems are supported?

DiskCryptor supports any Microsoft operation system since Windows 2000. Windows 2000 support will cease with the release of DiskCryptor 1.0 which will require Windows XP or newer.

Other operation systems (like Linux, etc.) are currently not supported and no plans exist to add support.

Re:Bummer

[LordLimecat]

There's always Jetico's BestCrypt.

What's in my TrueCrypt volume?

[Cruciform]

The only things in my TrueCrypt volume are password lists, tax info, etc.
And those are encrypted separately before being put in the Truecrypt volume.
That way if my machine were to be hijacked while I have the volume mounted, I wouldn't lose all the data to nefarious purposes.
And if the device is stolen, there's two layers of security to get through. (Which around here would just be the thieves deleting everything and selling it for Oxy)

Re:What's in my TrueCrypt volume?

[rvw]

Noob. I put my TrueCrypt volumes in TrueCrypt volumes in TrueCrypt volumes.

Good that you do this three times, as you probably know that twice simply undos the first attempt! I'm a little confused as to why you put your "volumes" in "volumes", so plural. Is that a confusing tactic?

Re:What's in my TrueCrypt volume?

[Cruciform]

It's not to hide income info. It's to keep the tax forms that the Canadian government uses that have enough info for ID theft secure from prying eyes.

Re:What's in my TrueCrypt volume?

[Darinbob]

I used rot13 twice to be extra sure.

Re:What's in my TrueCrypt volume?

[SeaFox]

Yo Dawg! I heard you like deniability...

Re:What's in my TrueCrypt volume?

[rainmaestro]

Tax returns contain the following:
Name, address, Social Security number, income, employer info, spouse and dependent names and Social Security numbers, bank account number and routing number (if using direct deposit for your refund). Surely you can see why you wouldn't want that information falling into the hands of whoever stole your laptop, right? A tax return is basically the golden snitch of identity theft.

Re:What's in my TrueCrypt volume?

[Bob+the+Super+Hamste]

This needs some more +1s.

This is why I keep my tax returns stored in a TrueCrypt volume. I also have volumes for bank statements, and electronic copies of important documents. All of these would be important and extremely valuable for someone who wants to commit interstate wire fraud in my name (this is really what identity theft is). Now add in that being simple TrueCrypt volumes I can easily back them up and have a copy on my computer, another one on a USB stick in the fireproof safe, and another copy on a USB stick in my desk drawer at work.

Hacked or NSA?

[Dega704]

Taking all bets! I also offer video poker! -Kudos if you can name who I'm quoting.

Re:Hacked or NSA?

[viperidaenz]

Select text, right click, click "Search Google ...."
First result - a transcript of a Futurama episode

Bender 1: No, that's how you always look. [Another Leela walks in carrying a mug. Her hair is red and her trousers are tinged red.] This throws my entire perception of reality into question. Clone? Robot? Or long-lost twin? Taking all bets! I also offer video poker.

So... Kudos if you can click a mouse 4 times.

Re:Hacked or NSA?

[PrimaryConsult]

... and *you're* the reason they have to ban smartphones during trivia night at the local bar...

Million-dollar question

[CelticWhisper]

I think what a lot of people want to know is whether 7.1a is still reliable and, if not, how many versions back one must go to get a release that's still feature-complete but not questionable in security.

In the meantime, if you need to encrypt a file, you can use GPG and Cryptophane if you want a GUI. Nowhere near as elegant as TC but it should get the job done.

Re:Million-dollar question

[viperidaenz]

Go back until a different code signing key was used.
If the site has been compromised, the key has too. Without knowing when they key was compromised, you can't tell which releases were legit. I think they all have been signed with the same key...

Re:Million-dollar question

[TangoMargarine]

If you have an old copy of the installer and can dig up the SHA somewhere, it doesn't seem like a problem.

Trust

[pjbgravely]

Personally I wouldn't trust any software writen for Microsoft windows. Any news on the nix releases?

Re:Trust

[vux984]

Personally I wouldn't trust any software writen for Microsoft windows.

Depends who you want privacy -from-.
If you are using encryption because you don't want the kids (parents?) getting at the files into your computer, bitlocker is fine.

If you are using encryption because your venderA, and you don't want a lost/stolen computer ending up in the hands of VenderB then bitlocker is fine.

If you are a low/mid criminal in small town Z peddling drugs to the local elementary school or supplies the dealers that do, bitlocker is probably fine. While technically the 'government' is your threat vector, the odds that the local sherrif will be able to recruit the NSA to break into your seized computer with their top secret hush-hush back door to bit-locker is pretty low.

If you are foreign vendor A competing against american vendor B for high profile military/industrial/nuclear/security products then yeah, the NSA is a genuine factor and bitlocker is not ok.

If you are a terrorist plotting an attack... then bitlocker is not ok.

Re:Trust

[viperidaenz]

There are Linux releases down the bottom of this page
http://truecrypt.sourceforge.n...

Re:Trust

[pjbgravely]

I have the Linux release, I have used it for a long time. The update release is the new read only version. I will have to disable the repository so I don't update to this until I can find a replacement.

That is if this isn't a hoax.

Re:Trust

[viperidaenz]

You asked for news on platforms other than Windows. I gave it to you. I didn't ask for your Linux zealotry

Re:Trust

[pjbgravely]

Sorry I thought you was showing me where the Linux binaries were. I personally don't care what OS you trust to run your software.

Delayed April Fools?

[bmurray7]

I hope so

Re:UEFI

You're exaggerating. Building Truecrypt requires Microsoft Visual C++ 1.5.2 (from 1993, 16 bit software), not Visual C. TrueCrypt does work with modern UEFI computers, you just can't boot Windows on UEFI with Truecrypt. You can still create encrypted volumes and such.

Truecrypt was the hardest thing for the NSA

[ourlovecanlastforeve]

Truecrypt was the hardest thing for the NSA and the US government to deal with when seizing storage equipment. It makes sense that they would pressure the project to shutter.

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

Not like there aren't a ton of other disk encryption options, so not sure what they would hope to accomplish if that were the case.

Re:Truecrypt was the hardest thing for the NSA

[MrCoke]

Truecrypt is so much more. Read some documentation.

Re:Truecrypt was the hardest thing for the NSA

[AmiMoJo]

What other open source and somewhat trustworthy options are there for Windows?

Re:Truecrypt was the hardest thing for the NSA

[creepynut]

Not only for Windows, but cross platform. I love Truecrypt because I can keep a volume in my Dropbox and use it on my personal Mac, my work Fedora desktop, and my secondary PC at home running Windows. There are even mobile apps to mount them. Linux has cryptsetup which can mount TC volumes, but as far as I know there aren't any comparable options outside Linux.

Sounds like Bitlocker might be a reasonable option for full disk encryption at least. All our our work laptops which leave the office currently use TC for full disk encryption, might be time to switch.

Re:Truecrypt was the hardest thing for the NSA

Please provide proof for any of the following:

1. There exists a method to detect a hidden volume within an unmounted TC container file.
2. There exists a method to detect a hidden volume in a TC container file when the outer volume is mounted.

Otherwise, stop wasting our time.

Re:Truecrypt was the hardest thing for the NSA

[rainmaestro]

The big problem is: if the summary is correct and the new code was signed with the same GPG key, how could we trust anything from TC from this point on? If it wasn't them posting and someone managed to pilfer the signing key, a security lapse that serious introduces major doubts about the trustworthiness of their security product. If it was them, then something happened to cause this that would make any return suspect by default.

In either case, the only safe option is to assume TC is compromised.

Re:Truecrypt was the hardest thing for the NSA

[Baki]

It is the only one I know with plausible deniability (i.e. hidden partitions).

Re:Truecrypt was the hardest thing for the NSA

[Threni]

Citation needed.

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

It's been well known for years, publicized first by Bruce Schneier. If you can look at the volume on two separate occasions then you can see that large portions of the "free" space change for no reason. Before you say that is unrealistic, how many times do you lose possession of your laptop? Between airport security, leaving it in a hotel room, just walking away to go to lunch, it can be a lot.

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

I replied to another post, but Bruce Schneier has a paper where they show it is trivial to reveal hidden volumes if you can look at the disk on two separate occasions. A large segment of the "free" space will change for no reason. And it is quite reasonable for an adversary to have access more than once given how often people leave their machines unattended.

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

I replied to another post, it has been known for years that it is easy to break that.

Re:Truecrypt was the hardest thing for the NSA

The volume will fill to the advertised size. It will also wipe the hidden volume at the same time.

Re:Truecrypt was the hardest thing for the NSA

[pnutjam]

That assumes the items in the hidden file are changing, maybe they are an archive?

Re:Truecrypt was the hardest thing for the NSA

[Threni]

I see your point, although there are other reasons for that behaviour (two sessions in between your two occasions, where files in the outer/only container are added then deleted).

It would be a reason for Truecrypt to be modified to optionally write random data into outer/hidden containers when they are mounted.

Re:Truecrypt was the hardest thing for the NSA

[foreverdisillusioned]

Just turn off your computer when you are not around. Problem solved. There's also something to be said for being able to boot your computer and hand it over for inspection if customs agents demand it (including customs agents of China, North Korea, etc.)

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

How does that solve anything? You can easily get a hard drive dump when the computer is turned off.

Re: Truecrypt was the hardest thing for the NSA

[joemck]

Though if it's already been mounted by the user with hidden volume protection on, you can write near the end. If there's a hidden volume, the write will be discarded and the old data will remain. Apart from that, hiden volumes are pretty hard to detect unless you've captured multiple versions of the container and things have changed in the hidden volume in between.

Re:Truecrypt was the hardest thing for the NSA

[foreverdisillusioned]

Bios lock it to not boot from anything but the FDE bootloader, so they have to actually dismantle it to get a dump. I can think of a few ways to rig it so you know if it's been opened up or not. There's a bunch of other physical security measures you can take as well--hiding your laptop when not in use (maybe with a dummy lying around), surveillance cameras (they can disable them sure, but will they be able to quickly rig up a fake video feed that matches? Especially if you leave the TV on in the background or something.) Seriously, if you're actually worried people are sneaking into your damn house then, relative to *that* level of paranoia (justified or no), these measures are not that difficult to take.

Re:Truecrypt was the hardest thing for the NSA

[foreverdisillusioned]

Or just think of it this way: If they have physical access they can install keyloggers, MITM devices on your network, audio bugs and cameras, etc. Imaging your hard drive is comparatively minor--oh no, you you have evidence strongly suggesting the presence of a hidden container. Why on earth would you worry about that really, really minor annoyance instead of the potential for captured passwords or intercepted network traffic?

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

I don't know what you're talking about. How can they do any of that stuff if your drive is encrypted? They would have to wipe your whole operating system which I am sure you would notice.

Re:Truecrypt was the hardest thing for the NSA

[cryptizard]

Umm or you could come up with a better hidden volume method.

Re:Truecrypt was the hardest thing for the NSA

[bingoUV]

They can install hardware bugs which doesn't need wiping operating system.

Re:Truecrypt was the hardest thing for the NSA

[foreverdisillusioned]

As bingoUV said, I was referring to hardware keyloggers (harder to install on a laptop, but not impossible), hardware network surveillance / MITM boxes, physical microphones or cameras planted in the room (not your webcam), etc. If you are somewhat delayed discovering evidence of a break-in, it won't be too late to take action as long as they haven't examined your hard drive a second time, but it would already be too late if the attacker leaves behind any physical devices that broadcast or phone home.

Re:Truecrypt was the hardest thing for the NSA

[arshat]

I replied to another post, it has been known for years that it is easy to break that.

Surely that only applies if the data in the hidden volume was changed? What if you just put everything you wanted to be secure in the hidden container and never added more?

Re:Truecrypt was the hardest thing for the NSA

[vakuona]

To be able to determine that someone has a hidden volume, you would have to be able to look at the volume twice - the first time after you first suspect that there is a hidden volume, and the second after someone has changed something in the hidden volume.

There are a few ways this "threat" could be countered in my opinion.

1. Always "overwrite" the free space with random garbage when you use the volume. This gives plausible deniability. if the free space has changed a lot, then it could be because you have written to the hidden volume, or because the programme has just overwritten some portion of the free space like it always does.

2. Assuming the program doesn't allow (1), don't make any changes to the hidden volume once your encrypted disk has been inspected once. Basically, if the only thing that could give you away is making further changes to the hidden volume, then don't make the changes. You will still have access to your files, but won't be able to change the volume.

What's in my TrueCrypt volume?

Noob. I put my TrueCrypt volumes in TrueCrypt volumes in TrueCrypt volumes.

Dumb reasoning?

[K.+S.+Kyosuke]

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues ... Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

Am I the only one to see a problem with that juxtaposition?

Re:Dumb reasoning?

[creepynut]

All the major platforms can create virtual disk images, it's just not one of them is cross platform.

Windows 7 (not sure about previous) lets you create VHD disk images in Disk Management. I assume BitLocker can be enabled on these, more cumbersome than TrueCrypt since you'd need to attach the VHD then mount the BitLocker volume. Not sure how correct this is as I have Windows 7 Home Premium which doesn't do BitLocker.

Alternatively you could GPG encrypt the VHD file, but that would require decrypting it before attaching and would require that it be stored on disk in a decrypted state. TrueCrypt is purely on-the-fly, the data never touches the disk without being encrypted.

Macs support easily creating encrypted disk images through Disk Utility and mounting+unmounting them is painless. Even more so than TrueCrypt.

Linux you can create encrypted loopback files with losetup or cryptsetup. Cryptsetup supports mounting TrueCrypt volumes so there's that.

Yeah...

Because I'm really going to trust a closed source application by Microsoft for hiding stuff which obviously has some kind of master password in it for the authorities/NSA/etc.

captcha: stupid

Foul Play

[rock56501]

The Register [theregister.co.uk] suggests that the version 7.2 binary has in fact been compromised and is suggesting not to touch that binary.

Re:Foul Play

The Register has no idea what it's talking about.
This is pure speculation.

Yes, they might have been compromised. But very early analysis shows they aren't blatantly backdoored, but that's all we know and they have no business claiming the changes are "eyebrow-raising" and hinting that it is malware. The changes are mostly removing the encryption/volume creation part of TrueCrypt.

Wait and see. They probably just want to "make the buzz".

Re:Foul Play

[tomofumi]

they said that there is a Wikipedia user "Truecrypt-end" https://en.wikipedia.org/wiki/... keep messing the TC's wiki page, this user should be closely related to this case, maybe some genius able to trace out who this user is?

Re:Foul Play

[Threni]

The Register always were a bit slow. The new version 7.2 is for decryption only, so you can "migrate to bitlocker". Why would you not use the old version for that?

Re:I'll ask...

[jones_supa]

An Estonian website seems to hold the source, but of course you would have to verify that it has not been tampered with. Sadly, the older 7.1a version (which I'm assuming does not have the features removed as is being claimed) seems to not be available at the project's SourceForge source code folder.

my 2p conspiracy theory

[s0litaire]

OK
Main currently accepted theory is the NSA or whoever (insert your fave 3 letter agency here!) tried to get the signing keys TC decides all it can do is "salt the field" and shut up shop.

may as well throw in my 2 theories :
[less likely]
1) one lucky scammer/hacker got the mother-load of a hack and got access to one of the developers systems and managed to get the signing keys as well as full access to the TC sites.

[more likely]
  2) Due to internal ego's and in-fighting one of the development team did a "Eric Cartman" on the others and go "Screw you guys I'm outta here!" putting up the "closed for business sign" and issuing a suspect (but officially signed!) version that only decrypts, killing the brand in the process.

Re:my 2p conspiracy theory

[Kythe]

It says above that the signing key was updated prior to the change in site/posting of new binary.

Re:my 2p conspiracy theory

[s0litaire]

I've seen conflicting reports on the key change!
Some are saying the latest compromised binary was signed with the OLD valid keys before new ones were uploaded.
Others say it was signed by the new keys.

Re:my 2p conspiracy theory

They REUPLOADED a new key file, that contains the SAME key they used before.
The new files were signed with that key (the new and old key are the SAME, but they wiped everything and reuploaded new key files, then the TC 7.2)

Re:my 2p conspiracy theory

[s0litaire]

ok thanks for the clarification ^_^

Re:my 2p conspiracy theory

[jonwil]

The other possibility is that the last active developer no longer wanted to work on the project and rather than leave a release with unknown security issues, they decided to shutter the project.

Re:my 2p conspiracy theory

Alas, one or more of the TrueCrypt devs (syncon?) have been located and are acting under duress, as a 'canary' previously agreed upon has been published:
1. Compiling with VC2010, and then not manually changing the .rc's language from "English (United States)" to "English (U.S.)" as it was in VC6;
2. Changing the published release date from "on " to "in ";
3. Format/InPlace.c #12, remove reference in comment to "(likely an MS bug)" - changing this parenthetical should not be counted as canary, but removing it should

TC's build process is surprisingly arcane (includes old software due to bootloader code size, etc), and while a lot of it is accumulated dust, some of the dust is deliberately placed.

I do not know precisely what this means, as I have no contact with the developers anymore: but this is what was agreed upon.

They should no longer be trusted, their binaries should not be executed, their site should be considered compromised, and their key should be treated as revoked. It may be that they have been approached by an aggressive intelligence agency or NSLed, but I don't know for sure.

While the source of 7.2 does not appear to my eyes to be backdoored, other than obviously not supporting encryption anymore, I have not analysed the binary and distrust it. It shouldn't be distributed or executed.

Re:my 2p conspiracy theory

[foreverdisillusioned]

This is either a magnificent troll or the single most interesting thing I've thus far read this decade.

Dude, if you can say more, please go for it. Use public wifi (McDonald's, etc.) and if you're worried about lingual forensics use short, stubby sentences without any words an elementary school child couldn't grasp.

Re:my 2p conspiracy theory

[TechyImmigrant]

It's a bit odd. A good warrant canary involves inaction. So you don't need to do anything to trigger it. You do need to do something to keep it untriggered.

Having a warrant canary where you have to put signals in the open leaves you at risk when the canary is confirmed.

If you work in delivering real world crypto that it used by people, do arrange warrant canaries with your friends and base them on inaction.

TrueCrypt screwed me

[Trax3001BBS]

I figure it was my fault but still not sure what I did wrong. I read all of the text on trueCrypt from the site and thought I had a handle on it, so two hard drives were organized and TrueCrypted.

I had just assumed a password would allow one to access the/a device.

I install Windows when it starts doing odd thing, about every 6 months. I installed a new clean install of Win7, hooked up the drives and the passwords wouldn't allow me access to the drives. Ended up formatting both drives as I couldn't access them no matter what I tried.

So I am very reluctant to try TrueCrypt again, yet BitLocker isn't an option.

Re:TrueCrypt screwed me

[viperidaenz]

So you had a password to unlock encryption keys, you deleted the password protected keys and are upset you can't decrypt your data and blame the software?

Re:TrueCrypt screwed me

[Malc]

That sounds more like user-error, or you've corrupted the hard drive somehow.

That said, I've had some problems with TrueCrypt:

• It falls over with big files. I found the throughput to a TC volume dropped to a few KB/s copying a 90GB file to it. I work on professional video compression tools, so I have a few files this size and larger. Google revealed a few other people have encountered the same issue
• There's a bug somewhere in the Windows version of TC that prevents it releasing drive properly. I'm not sure how people use this with USB flash drives, but when I tried it with an external 4TB USB drive, I was unable to safely eject the drive after unmounting my TrueCrypt volume

Re:TrueCrypt screwed me

[dargaud]

I remember when I was still using windows (a long time ago), if you connected a TC-encrypted disk (at the device level), it of course wouldn't recognise it, but would ask to 'sign' it (or some other similar term), which would actually write some tag in the first sector and nuke the TC header, thus rendering the drive unusable. 99% Windows fault, but maybe TC should have a backup of the header in some later sectors.

Anyway, I've been using TC on linux for a decade, very happy about it, and just like everybody else I wonder what's coming.

Re:The key has CHANGED

[jones_supa]

Interesting if true. What key? The executable signing key?

Re:I'll ask...

From my Software folder. I don't have the keys to help you verify them, but feel free to Virus Total or them or something if you're totally paranoid.

7.1: http://www.sendspace.com/file/rjeukf
7.1a: http://www.sendspace.com/file/ihsea5

Convenient

[javajeff]

What makes TrueCrypt Convenient is that I can have an encrypted envelope that I can drop on a usb drive and then access it from Linux or Windows. I do not always want to encrypted a HDD or partition.

Re:Convenient

[lsllll]

Actually you do not have to do a whole partition. You can do a file (created with dd on Linux) and use losetup to set up a loop device, which can then be opened in Linux. Under Windows it can be opened via FreeOTFE.

Yawn...

[davmoo]

Until such time as the iSEC audits turn up an actual problem, I'll keep using 7.1a as usual.

Re:Yawn...

[jareth-0205]

Until such time as the iSEC audits turn up an actual problem, I'll keep using 7.1a as usual.

Yawn? Probably one of the most scary blatant anti-security developments in recent times and all you can do is "yawn"? What does it take to worry you, exactly?

And good luck getting a copy of 7.1a if you haven't already got one.

Re:Yawn...

[ProzacPatient]

I've had copies of TrueCrypt 7.1a on my TrueCrypt'd external HDD (I tend to save everything I download) from about a year ago predating this event so I'll provide MD5 and SHA-1 hashes of them if that helps at all. I'm just a random guy on the internet so you may want to take this with a grain of salt but hopefully it'll help you find legit copies or validate any downloads that you find somehow.

TrueCrypt Setup 7.1a.exe
MD5: 7A23AC83A0856C352025A6F7C9CC1526
SHA-1: 7689D038C76BD1DF695D295C026961E50E4A62EA

truecrypt-7.1a-linux-x64.tar.gz
MD5: BB355096348383987447151EECD6DC0E
SHA-1: 086CF24FAD36C2C99A6AC32774833C74091ACC4D

TrueCrypt 7.1a Mac OS X.dmg
MD5: 89AFFDC42966AE5739F673BA5FB4B7C5
SHA-1: 16E6D7675D63FBA9BB75A9983397E3FB610459A1

Re:Yawn...

[oji-sama]

At least the exe has the same hashes as my copy downloaded on 13.2.2014.

distinction without a difference

[AdamWill]

So, either they got attacked by someone who was able to both deface the website and *sign code with their GPG key*, or the announcement is genuine.

I think the obvious response is precisely identical in either case...

Re:distinction without a difference

Keep using 7.1a until there's more details.

Re:distinction without a difference

[Bite+The+Pillow]

Was it the same key, or one that matches a new public key? I don't know, but you have to answer that before you put faith in your deductive reasoning skills.

Re:I'll ask...

[mythosaz]

Pretty sure the guy who did the compare of the two sources has already provided (roundabout) the 7.1a source.

https://www.alchemistowl.org/a...

Here's something interesting...

truecrypt.org

>This URL has been excluded from the Wayback Machine.

Re:Here's something interesting...

truecrypt.org

>This URL has been excluded from the Wayback Machine.

and it's vanished from google cache as well...

Re:Here's something interesting...

[nurb432]

But is this new, or has it always been that way but no one noticed?

Re:Here's something interesting...

[Xolvix]

The Wayback Machine honors a site's robots.txt file, and it's quite possible (and perfectly allowed by archive.org if you read their FAQ) to prevent an entire site from being archived. Given it has no history it stands to assume the site was being excluded from the beginning.

Remember - the people/person who made TrueCrypt is still anonymous. Perhaps that paranoia also meant they wanted greater control over how the site is run, which includes preventing it from being archived automatically.

Who Stands To Benefit...

[NotSanguine]

From confusion surrounding the future and efficacy of TrueCrypt?

It seems strange that random h4x0r elements would post such an odd screed rather than trumpeting their success at compromising TrueCrypt's site.

It could be some sort of false flag/ploy by the intelligence/industrial complex, but that doesn't make a whole lot of sense either.

Potentially, it could be part of some targeted effort to access data encrypted with TrueCrypt by convincing some user(s) to move off of a secure platform so their data can be compromised. Presumably, this would need to be something important enough to expend significant resources to gain access to said data.

It's always a good bet to "follow the money."

Or, it could be a troll. I guess we'll just have to wait and see.

Re:Who Stands To Benefit...

[nurb432]

That wont work as no one with 1/2 a functioning brain will trust it.

Re:Who Stands To Benefit...

[swb]

The best idea seems to be not a false flag operation but a false motive operation; the motive not being to compromise TrueCrypt but to sow distrust/disuse of TrueCrypt because it's too good and makes essentially unbreakable encryption of computers possible. Intelligence agencies must run into all the time, it's trivial, portable and very flexible to use.

Pushing users to another encryption scheme leaves data vulnerable, either through known weaknesses in other systems or compromises built into other products.

I can only assume that the only reason the developer(s) haven't spoken out is that they were pressured by the government somehow.

Re:Who Stands To Benefit...

[NotSanguine]

The best idea seems to be not a false flag operation but a false motive operation; the motive not being to compromise TrueCrypt but to sow distrust/disuse of TrueCrypt because it's too good and makes essentially unbreakable encryption of computers possible. Intelligence agencies must run into all the time, it's trivial, portable and very flexible to use.

Pushing users to another encryption scheme leaves data vulnerable, either through known weaknesses in other systems or compromises built into other products.

I can only assume that the only reason the developer(s) haven't spoken out is that they were pressured by the government somehow.

That seems to be a fairly reasonable explanation. Since whatever went down was purposeful (even if we don't know for sure what that purpose was) and took time and effort, it's reasonable to assume that someone is gaining from this. If we can answer the "who" question, then the "why" will likely become obvious, IMHO.

Re:Who Stands To Benefit...

[AHuxley]

Re the intelligence/industrial complex, but that doesn't make a whole lot of sense either.
Classically the intelligence/industrial complex will find a tame brand that reverts to plain text for them (and only them) while been secure to all known 3rd party efforts.
They will then top down, middle staff the project in key areas to ensure ongoing plain text ability and that such new code/hardware is not questioned within the brand.
The final step is to out class, out price and upset all other 'real' products on the market. Low price, standardization, gov contracts will ensure tame brands rise and all others fail over years. That was the late 1940's to 1980's 'hardware and 'software' key for the intelligence services.
With in any new merging generation of hardware or software you have all plain text.
Open source provides the option to start a gov run 100% fake crypto effort and keep it funded, to turn a small group of key people in a larger effort or fund/shape an expert group into long term amazing non crypto projects.
Thats the bright side. The other aspect is just to have a chat with key people and project is no longer updated.
The current game at a state, federal and intelligence/industrial complex seems to be to turn people, run/take over projects and attract as many new people in.
Soak up the skill set so nothing too new forms.
The GCHQ view was to sit back, watch, learn and build. Not many understood crypto, talked about it and all was good for decades.
The US effort now seems to be very public, legally active. People are now talking about crypto. The UK gov seemed to have the better vision for long term decryption.

SourceForge problem?

[CygnusTM]

Hmmm. SourceForge forced a password reset last week citing "changes to how we're storing user passwords." Coincidence?

Re:SourceForge problem?

[nogginthenog]

Good point. I thought that was a bit suspect.

Linux section odd

Crypsetup-LUKS is the obvious recommendation; you can even mount Truecrypt volumes in recent versions. Or copy data over to a loop-AES encrypted volume but that requires patching the kernel.

Re:I'll ask...

[Solozerk]

It's only a diff of the new fishy 7.2 changes. You can grab the source on the archlinux FTP though.
Presumably the guys in charge of the public crowd-funded audit could also provide a version of the source that would be deemed "trusted" by most people (and those that have already downloaded the source previously can offer confirmation).

Why?

[jason777]

I didnt see anyone ask this yet. They say it is unsecure and to download an alternative. But why is it unsecure? Do they explain anywhere why they think it is unsecure?

Re:Why?

[lagomorpha2]

Probably better they give people a chance to migrate off of it before they release the major exploit that was found to the public.

Instill fear

[nurb432]

So, who will *ever* trust TC again? Past, Current ( and future, if this isn't an official move ).

The safe assumption needs to be that its been compromised, and we dont have a clue when it happened. Regardless of who did it, be it a kid, NSA or even a competitor, they have effectively killed true crypt.

Follow the Money

[ldapboy]

If you think about how someone would make money from this stunt, consider whether the TruCrypt developers are now working with a vendor that makes a product with similar functionality to TruCrypt (just to be clear : I'm not saying anything bad about any such company or their products, in fact I found one with a few minutes reading on Wikipedia that looks like a plausible alternative to TC for many people, which made me think -- I bet their sales will go through the roof now, then go on to wonder if there is a causal link...).

Re:UEFI

[PCM2]

The developer didn't have time to implement UEFI support, so he's killed the project instead.

But what sense would that make? Why not just say, "Somebody else will have to implement UEFI support, because I'm Audi 5000" and abandon the project where it sits?

Re:I'll ask...

[mirix]

Nice try, NSA. You're not gonna fool us that easily.

Re:I'll ask...

[hodet]

If this is legit you can certainly understand why nobody could ever download these right?

The reason is...

[myforwik]

They probably just decided to end the project. My experience is that it has been slowly dieing for a long time. I have been heavily involved with truecrpyt and its source code for many years. I make programs to custom edit the boot screen and otherwise customise TC's appearance. My programs are not forks, rather they edit the actual binary code installed, so that users can easily use it on existing installations. What you have to understand is that truecrypt has added very little functionality for a very long time. In particular they seem to have lost the key developers who did the code in the boot sectors. For those who don't know, along time ago the program was to big to fit into the boot sectors, and a special deflate algorithm was added to decompression the boot sector code. My code to unzip the boot program and edit its string display strings is still the same code from tc 5.0, and it still works on the latest edition. The guys who code this section appear to be long gone from the project, hence absolutely nothing done over UEFI. The changes that have occured look questionable, in that the people making them seem to have very limited assembly understanding and were hacking on bits instead of properly modifing the programs flow. Secondly getting TC to work with operating systems is extremely complicated, especially for windows. It was micorosoft who eventually released the API's that were used to make truecrypt properly handle sleep/hibernate. These API's are not forthcoming to Win8 or beyond, and in all honesty - windows is the only market that matters. I am going to guess that one of the last known developers knows there is a bug that they can not longer believe they have the experience or skill to fix properly, and hence has decided to shut it down.

Re:The reason is...

[thegarbz]

Yes that would be a sensible excuse except, programs which are abandoned typically do not cause:

- the website to be defaced and debranded.
- a new version of the software to be released with gutted functionality.
- old versions to be removed.
- recommend commercial alternatives to open source programs.
- pretend that the announcement happened due to loss of support for an OS still used by 20% of all machines.
- not get in contact with the outside world.

Someone went to great lengths to make this look as nefarious as possible. This isn't the typical project shutting down. Actually my first thought was hacked, and my second through was NSA'd even though I swore not to follow the typical Slashdot NSA paranoia.

Re:The key has CHANGED

[Dock]

People keep saying that, but that's not what I'm seeing:

C:\Users\Paul\Downloads>gpg --verify TrueCrypt-7.2.exe.sig
gpg: Signature made 05/27/14 12:58:45 using DSA key ID F0D6B1E0
gpg: Good signature from "TrueCrypt Foundation "

The key I have isn't new:

pub 1024D/F0D6B1E0 2004-06-06
uid TrueCrypt Foundation
sub 4077g/6B136ECF 2004-06-06

The new binary has not been signed with a new key.

Re:I'll ask...

[cbhacking]

The initial report of the audit includes the SHA1 hash of the source archive (for 7.1a) that they built from. That should help...

NSA

[plazman30]

What if the TrueCrypt authors found a flaw the NSA was already exploiting and are doing this as a pre-emptive strike against the NSA by trying to get people off TrueCrypt?

If I were a conspiracy theorist...

I would wonder if there were any direct links between Edward Snowdens NBC televised interview tonight, and this sudden seeming takedown TrueCrypt's creators...

Torrent download

[jdwoods]

TrueCrypt 7.1a original source, binaries, signatures and public signing key plus PDF of the 7.1a audit paper
torrent: https://www.dropbox.com/s/mozg...
25MB total
Select which file(s) to download with most torrent clients.

I'm plan to seed for the foreseeable future.

Re:Torrent download

[jdwoods]

Alternate torrent URL: http://tinyurl.com/TrueCrypt71...

Re:Torrent download

[MyFirstNameIsPaul]

# sha1sum TrueCrypt-7.1a.torrent
689e239a8d40e25c2bb9877581d0e2538b48e0a7 TrueCrypt-7.1a.torrent
# sha1sum TrueCrypt\ 7.1a\ Source.zip
4baa4660bf9369d6eeaeb63426768b74f77afdf2 TrueCrypt 7.1a Source.zip
# sha1sum --version
sha1sum (GNU coreutils) 8.13
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later .
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Ulrich Drepper, Scott Miller, and David Madore.

That second check matches the checksum stated in the initial audit report.

Re:Torrent download

[MyFirstNameIsPaul]

In an archive I just found a download of the Windows binary from April 4, 2012.

# sha1sum TrueCrypt\ Setup\ 7.1a.exe
7689d038c76bd1df695d295c026961e50e4a62ea TrueCrypt Setup 7.1a.exe

That matches the checksum of the same file in the the torrent.

Re:Torrent download

[MyFirstNameIsPaul]

That's from my own, personal archive. I only saved it to local devices, and it may be that the archive I found it in is the original location I downloaded to (I don't compress binaries).

Alternatives to Truecrypt for Linux

So, what alternatives to Truecrypt exist for Linux?

An alternative that:

1) uses "container" files, i.e. like the *.tc (etc.) files in TC

2) is cross-platform

3) uses AES-NI

4) is open source with peer-reviewed code (seems to be important now, huh?)

5) uses a GUI for easy mounting/unmounting (it's important for the masses)

LUKS looks promising, but I don't think it satisfies (1), (2) and (5).

Re:Alternatives to Truecrypt for Linux

[kevlar_rat]

You can use luks with loopback files (e.g. http://paolobertasi.wordpress....) (1). FreeOTFE on Windows can open LUKS volumes (2). So only (5) is missing.

Re:UEFI

[epyT-R]

It uses that only to build the bootloader. The rest of the software is compiled with vs 2008.

Re:Way ahead of you...

[epyT-R]

Good to know you have stairs in your house, citizen. You will be protected from the terrible secret of space.

Re:Truecrypt wrecked my PC, burn in hell

[ledow]

The recovery disks all work. I can guarantee you. I had a batch of laptops that we Truecrypt and I saved all the recovery disks as ISO's onto a removable device (a Zalman - you put .iso's on it and it pretends to be a virtual USB CD-Rom which you can boot from).

We had a particular set of laptops with a particular BIOS version that was incompatible with any form of encryption. We found it out after encrypting every laptop (the problem was that the BIOS expected a certain part of the disk to be zeros, and in plain NTFS filesystems it always was - even the pre-boot check passed because that part hadn't gone encrypted yet). Upon full encryption of the disk, the computers became unbootable - and though we had backups, the sheer amount of data and laptops we had meant we didn't want to restore them all.

So we fought for a BIOS update from the manufacturer (they delivered, eventually, but weeks later) but in the meantime needed to decrypt all those laptops. We booted the Zalman with the respective ISO file, manually decrypted them all (which takes a long time using only BIOS calls without the benefit of SATA drivers etc.), and gave them back to users for a while until the BIOS update arrived.

Sorry, but there's nothing wrong with Truecrypt's rescue disk functionality. You just need to store and verify the rescue disks and remember the password that you used on them (even if you later change the PC to use a different TC password). I recovered over a dozen random laptops using them.

Suggest looking at this URL

[privacyforall]

Have a quick look at this URL - http://cyberside.planet.ee/tru... - I think other backups (like all over the 'net) are a good idea at this point.

Re:Suggest looking at this URL

[davmoo]

Thanks for the URL...wish I had mod points this week. That wooshing noise you just heard was me running 'wget' :)

Re:I'll ask...

[jones_supa]

It's only a diff of the new fishy 7.2 changes. You can grab the source on the archlinux FTP though.

Of course you can. Many Linux distros still host the source in their source repositories. But the GGP wanted the Windows version source.

FreeOTFE no longer maintained, it seems

[Mathinker]

Wikipedia:

The FreeOTFE website is unreachable as of June 2013 and the domain name is now registered by a new owner. The program can be downloaded from a mirror at Sourceforge.

Given what we know about Big Brother nowadays, I'd say that it would be nice if we could maintain several diverse solutions to this problem. Unfortunately, it seems that there's not enough developers around to do that...

What if...

[lagomorpha2]

For an even stranger theory, what if the NSA made TrueCrypt under COMSEC and now that SIGINT has been prioritized over COMSEC the people who made it decided that terminating and discrediting the project would be more effective than inserting a back door in the middle of an audit?

Re: Truecrypt not in archive.org???

[jafiwam]

Does archive.org mention anything about the presence of a robots.txt file if a site is blocked that way? The messages appearing do not look like something about robots.txt. Does anyone know? If so, and it is not mentioning robots.txt, where are earlier snapshots?

Several years ago, robots.txt usage where the webmaster asked not to be archived, did not say anything about robots.txt on Archive.org. It just didn't have it.

Why not go look at what the robots.txt says and cross reference it with what Archive.org says you have to do?

Your full of it

[cheekyboy]

Name me one person who has sued MS and has ever won any dollars from their code being dodgy.

MS might simply say, look the law says this and dont need to pay up. But its only the govt peeking not china so its ok.

Bingo, your so wrong on all counts.

Streisand Effect

[organgtool]

I've always been curious about full disk encryption but I've never taken the time to set it up. Regardless of whether or not this was precipitated by a three-letter agency or not, this makes me want to use TrueCrypt even more. The next time I format my drives, TrueCrypt 7.1a is going on there (assuming I can verify it's signature).

As for everyone wondering about the status of the project, couldn't the project resume development off of U.S. soil? Between software patents and government spooks, the U.S. is definitely becoming a more hostile environment for software developers.

Re:Streisand Effect

[Kazoo+the+Clown]

I tried it once. Secured a thumb drive with it. I then proceeded to forget the pass phrase almost immediately, making it useless. Fortunately it was just a test so I didn't lose any data but I figured that for me the risk of the data going inaccessible outweighed any real need to encrypt anything. And it's hard enough to keep old drives operational and find stuff on them without having to remember what some old encryption password is-- unless I stick a written note right on the drive.

Is GELI safe?

[cpghost]

Instead of Truecrypt, I'm considering using GELI on a wide scale. I'm wondering about its quality, cryptography-wise.

Unanswered Questions

[foreverdisillusioned]

This is the strongest argument I've seen against NSL theories, but if it's true why did they do this in such a sensationalistic way? Why not gently explain the situation? Why the over the top site defacement and source code warnings? Why not release all of the source (not decrypt only) under the GPL so a fork could develop? Why the laughable non-sequitur reference to XP's EOL? And why did they recommend Bitlocker over, say, the excellent GPL that is DiskCryptor? Or mention this might be a good time to migrate to Linux?

Re:I'll ask...

[mythosaz]

Nah, it's a full diff, every changed, deleted, and added line.

With the 7.2 source, and that diff, you could fully reconstruct 7.1a if you wanted to.

Here's something interesting...

[yestertech]

FWIW, here's my archive from backups...
  https://www.dropbox.com/sh/ath...

7.1a still available on CNet

[MikeTheGreat]

... and probably elsewhere. I'm guessing there's a window between when TrueCrypt.org posted 7.2 and when the various mirrors will pick up on it.

For now: http://download.cnet.com/TrueC...

Here's something interesting...

[yestertech]

Disregard previous, copy/paste failure

TrueCrypt 7.1a source and binary archive:
  https://db.tt/bsPZdg6p

veracrypt anyone?

[Mr_Nitro]

http://www.idrix.fr/Root/conte... with reinforced rounds... not best solution if codebase was compromised since the beginning...but still.... interesting to see if they will be taken down too... but as someone above said, I would rather not trust US based software too much anymore.... too many weak spots.... unfortunately... hope it changes... peace

Re:Theory

[freakmn]

In other words, public surveillance and using the constitution are perfectly OK, but the NSA draws the line at copyright infringement.

Re:Theory

[freakmn]

s/using/abusing

Nicely done, Truecrypt team!

From the "new" website, in red letters: ...TrueCrypt is not secure as...

Now, with added emphasis: ...TrueCrypt is Not Secure As...

NSL for sure. Nicely sidestepped.

(Captcha: "collects" Really.)

I'm waiting for Bruce Schneier's final takeon this

[kriston]

I'm waiting for Bruce Schneier's final take on this.

Right now he is throwing up his hands and saying "WTF?"

https://www.schneier.com/blog/...

FreeOTFE

[kevlar_rat]

The only other open-source option for windows is FreeOTFE, which is also no longer developed. It works on Windows 7 with a hack

Abuse paid for by Microsoft?

[Futurepower(R)]

Microsoft has been, in my opinion, extremely abusive. See my article, Microsoft Windows XP "end of life": Conflict of interest. Part of the story: Steve Ballmer was fired after being called the "worst CEO". Firing a CEO with no technical knowledge did not fix the problems. Microsoft has been collapsing.

The comments on this Tom's Guide article are interesting: TrueCrypt Encryption Software Shut Down, May Be Compromised.

NSA

[koan]

The message on TrueCrypt's new website got me thinking:
        Using TrueCrypt is not secure as it may contain unfixed security issues

        Let's isolate the first letter of each word:
        (U)sing (T)rueCrypt (i)s (n)ot (s)ecure (a)s (i)t (m)ay (c)ontain (u)nfixed (s)ecurity (i)ssues

        Result?
        utinsaimcusi

        Let's spread that!
        uti nsa im cu si

        That is latin for
        "If I wish to use the NSA"

        Stay away from future Truecrypt releases. This is clearly a warning from the developers.