Slashdot Mirror
TrueCrypt Website Says To Switch To BitLocker
Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. ... You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there's been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases. A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a 'big announcement' soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.
The best aspect of Truecrypt was the cross-platform compatibility. Being able to open an encrypted drive on any platform was the killer feature.
Truecrypt was the hardest thing for the NSA and the US government to deal with when seizing storage equipment. It makes sense that they would pressure the project to shutter.
Except most Windows 7 editions doesn't support Bitlocker - only Enterprise and Ultimate.
The Register [theregister.co.uk] suggests that the version 7.2 binary has in fact been compromised and is suggesting not to touch that binary.
If you're gonna post compromised binaries of TrueCrypt, you generally wouldn't stick them on a page with "WARNING: Using TrueCrypt is not secure" in large, bright red text. You'd also expect some kind of statement from the good folks that have been running TrueCrypt for the past decade.
I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow. I would stay far, far away from that latest binary, if I had to guess it contains whatever loophole they were ordered to put in place, hence all the big and bright warnings.
Or they were smoked out by NSA, because TrueCrypt encryption was "too good", and Microsoft's BitLocker has an NSA backdoor.
Yep, I'm guessing National Security Letter. The only defence against being forced to hand over signing keys or release versions with flaws and backdoors is to release a final version yourself to discredit any future releases.
The web site looks hastily knocked up, which supports this theory. What I can't quite get my head around is the suggestion to use BitLocker though. I know MS resisted an NSL recently, but that doesn't meant we can trust BitLocker.
Alternatively, maybe the site is by the person behind the NSL, trying to drive people to BitLocker which is already compromised. Since TrueCrypt is being audited maybe they figure they can't insert back doors now.
Either way, this is and extremely worrying development in the crypto wars.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Except most Windows 7 editions doesn't support Bitlocker - only Enterprise and Ultimate.
I'm wondering who the fuck trusts MS enough to use Bitlocker. I don't.
Be seeing you...
Here's a theory, based on the timing:
TC was Sabu's pet project. Since he was caught and working for the Feds, he has provided the very access everybody is afraid of them now having.
Sabu was just released from the service of the Feds a few days ago. Enough time to rewrite the binaries, change the passwords, and disable the whole lot since it's all been compromised for years. Gets rid of a dangerous product, and pisses off the Feds without violating the terms of anything since TC is still available for download, just in a crippled form.
Work sucked, until it became unemployment, when it became slightly more tolerable. -Tet
truecrypt.org
>This URL has been excluded from the Wayback Machine.
You can get your copy from www.totallynotnsa.com/truecrypt.7.1.nsa.zip
If I have been able to see further than others, it is because I bought a pair of binoculars.
Hmmm. SourceForge forced a password reset last week citing "changes to how we're storing user passwords." Coincidence?
They REUPLOADED a new key file, that contains the SAME key they used before.
The new files were signed with that key (the new and old key are the SAME, but they wiped everything and reuploaded new key files, then the TC 7.2)
Crypsetup-LUKS is the obvious recommendation; you can even mount Truecrypt volumes in recent versions. Or copy data over to a loop-AES encrypted volume but that requires patching the kernel.
Um, anyone using Windows should trust Microsoft enough to use their disk encryption. Or they shouldn't be using Windows at all.
They probably just decided to end the project. My experience is that it has been slowly dieing for a long time. I have been heavily involved with truecrpyt and its source code for many years. I make programs to custom edit the boot screen and otherwise customise TC's appearance. My programs are not forks, rather they edit the actual binary code installed, so that users can easily use it on existing installations. What you have to understand is that truecrypt has added very little functionality for a very long time. In particular they seem to have lost the key developers who did the code in the boot sectors. For those who don't know, along time ago the program was to big to fit into the boot sectors, and a special deflate algorithm was added to decompression the boot sector code. My code to unzip the boot program and edit its string display strings is still the same code from tc 5.0, and it still works on the latest edition. The guys who code this section appear to be long gone from the project, hence absolutely nothing done over UEFI. The changes that have occured look questionable, in that the people making them seem to have very limited assembly understanding and were hacking on bits instead of properly modifing the programs flow. Secondly getting TC to work with operating systems is extremely complicated, especially for windows. It was micorosoft who eventually released the API's that were used to make truecrypt properly handle sleep/hibernate. These API's are not forthcoming to Win8 or beyond, and in all honesty - windows is the only market that matters. I am going to guess that one of the last known developers knows there is a bug that they can not longer believe they have the experience or skill to fix properly, and hence has decided to shut it down.
Alas, one or more of the TrueCrypt devs (syncon?) have been located and are acting under duress, as a 'canary' previously agreed upon has been published: .rc's language from "English (United States)" to "English (U.S.)" as it was in VC6;
1. Compiling with VC2010, and then not manually changing the
2. Changing the published release date from "on " to "in ";
3. Format/InPlace.c #12, remove reference in comment to "(likely an MS bug)" - changing this parenthetical should not be counted as canary, but removing it should
TC's build process is surprisingly arcane (includes old software due to bootloader code size, etc), and while a lot of it is accumulated dust, some of the dust is deliberately placed.
I do not know precisely what this means, as I have no contact with the developers anymore: but this is what was agreed upon.
They should no longer be trusted, their binaries should not be executed, their site should be considered compromised, and their key should be treated as revoked. It may be that they have been approached by an aggressive intelligence agency or NSLed, but I don't know for sure.
While the source of 7.2 does not appear to my eyes to be backdoored, other than obviously not supporting encryption anymore, I have not analysed the binary and distrust it. It shouldn't be distributed or executed.
I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow.
I think that's exactly wrong -- I think he DID follow the court order and actually gave up the keys.
:-) the trick: in order to keep them from actually using their new keys to create TC-NextGen -- with New! and Improved! Holes for Your Convenience! -- he trashed the brand. Now, *NO ONE* will trust new versions of TC.
And therein lies
"I gave you the keys just like the order said. But you never said that I couldn't make any new version worthless."
This is an analog to a groups' public secretary who in every meeting says they haven't received an NSL, and then in one fine meeting doesn't say that.
Lets see who now up-and-disappears on some weird charge.
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
From the "new" website, in red letters: ...TrueCrypt is not secure as...
Now, with added emphasis: ...TrueCrypt is Not Secure As...
NSL for sure. Nicely sidestepped.
(Captcha: "collects" Really.)