Auditors Release Verified Repositories of TrueCrypt

Trailrunner7 writes: As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software and ended development.

The message that the TrueCrypt posted about the security of the software also was included in the release of version 7.2a. The OCAP team decided to focus on version 7.1a and created the verified repository by comparing the SHA2 hashes with files found in other TrueCrypt repositories. So the files are the same as the ones that were distributed as 7.1a. "These files were obtained last November in preparation for our audit, and match the hash reported by iSec in their official report from phase I of the audit," said Kenn White, part of the team involved in the TrueCrypt audit.

7.1a for x64 linux

Luckily I have a copy of 7.1a for x64 linux. Because this is a great opportunity to release a trojan horse version of Truecrypt and many people would be affected

Re:7.1a for x64 linux

What are the hashes for your copy?

Re:7.1a for x64 linux

[Runaway1956]

I would be suspicious of 7.1 just as much as 7.2. If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised? Discussion below shows that the big difference between the two is, 7.2 won't create new encrypted volumes. The message seems to say "We've been compromised - get your stuff out of the existing volumes, because they are NOT PROTECTED!" Or, "no longer protected".

If NSA demanded keys and/or back doors, and if the NSA actually got anything for their trouble, then those keys will open backdoors into older versions as well.

Re:7.1a for x64 linux

[lister+king+of+smeg]

Luckily I have a copy of 7.1a for x64 linux. Because this is a great opportunity to release a trojan horse version of Truecrypt and many people would be affected

I wonder was its source in any of repositories for the larger Linux distros? Perhaps Debian, Gentoo,or Arch would have a cryptographically signed copy of it if so that would be a simple matter of grabbing the source with a apt-get source command.

Re:7.1a for x64 linux

[lgw]

If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised

The only kind of guarantee there is: an open, publically funded audit of the code. That's the point of this exercise, even before people realized that blindly trusting the TrueCrypt code was a mistake, and that an audit by non-government researchers was needed.

Re:7.1a for x64 linux

[Varka]

If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised

The only kind of guarantee there is: an open, publically funded audit of the code. That's the point of this exercise, even before people realized that blindly trusting the TrueCrypt code was a mistake, and that an audit by non-government researchers was needed.

You're assuming the binary is actually compiled from the source being audited. Once the source audit is complete, AND a recompiled version FROM THAT SOURCE is available, then I might consider using TC again...

Re:7.1a for x64 linux

[Z00L00K]

It depends on the level of security you expect. To make sure that your documents don't get into the open when someone steals your laptop it may be sufficient since most thieves just don't worry about the contents and just reformats it after a cursory glance on the contents. So everything that's not obviously visible or takes more than 5 minutes to access is probably safe.

If you are targeted by the authorities I would say that no wide-spread security system is safe. The authorities are even more likely to have backdoors into bitlocker than TrueCrypt, even though I suspect that they have TrueCrypt backdoors as well.

Re:7.1a for x64 linux

[lgw]

That was actually the first step of the audit - to ensure repeatable builds and ensure the source matched the object (well, the Windows version - the Linux version was built and verified by many people over the years, but the Windows build took some non-default make setting and then it matched, so confirmation of that was ~1 year ago).

Re:7.1a for x64 linux

This has already been done. It was the first thing the auditors did.

Re:7.1a for x64 linux

[nmb3000]

Luckily I have a copy of 7.1a for x64 linux

I noticed something the other day when looking for a copy of the install on my own system. It turns out that when you install TrueCrypt for Windows, it puts a copy of the installer in the destination directory! If you're on Windows, take a look in your %ProgramFiles%\TrueCrypt directory. You will probably find a TrueCrypt Setup.exe file (at work so not sure of the exact filename). This can be used to install/repair/reinstall TrueCrypt on any computer.

There have been some good attempts to create a trustworthy TrueCrypt archive, but nothing beats your original installation source, which you can use to verify against various signatures found online.

Re:7.1a for x64 linux

[Pow]

Gentoo doesn't keep the source in the repository, but it has the hashes.
from /usr/portage/app-crypt/truecrypt/Manifest:

DIST truecrypt-7.1a.tar.gz 1949303 SHA256 e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc SHA512 b5e766023168015cb91bfd85c9e2621055dd98408215e02704775861b5070c5a 0234a00c64c1bf7faa34e6d0b51ac71cd36169dd7a6f84d7a34ad0cfa304796a WHIRLPOOL 5e7f4360746a30639aea96eaf4deac268289c111c0efa96f50487527f0406499 2c26ad4c8ae0fd565d80e77f0ce8add82b03930d877fe5adedc8a733b482fe38

(the filter did not like awful long strings of letters so I added spaces to WHIRLPOOL and SHA512 hash strings.

Re:7.1a for x64 linux

[Kjella]

First of all, they said TrueCrypt has unfixed critical bugs not that it was compromised. It wouldn't really make a lot of sense either, if it was compromised back in 2012 and you wanted to be a whistleblower why wait well over 2 years to do it? It's not like NSA or whomever would let that sort of gag order expire. And if they're under any kind of pressure now, it would be to discredit the software they made years ago that doesn't contain any backdoors. Which brings us over to the next issue, they claim there's critical bugs but they won't tell anyone where they are so others can fix them nor fix them themselves. I mean they don't just want to shut down their project, they want tarnish the name, burn it to the ground and salt the earth after them and you really have to ask: Why?

I don't think and you probably also don't think that it's because XP support has ended and we should now all go use Bitlocker, so they're lying to us now. Why are they lying to us? I don't know, either they're pressured to it or working for commercial alternatives or threw a hand grenade to start conspiracy theories and get everyone reviewing the code or just went plain nuts I don't know. But there's no reason for any agency to kill off a version that has a backdoor and if there really was a government backdoor wouldn't the best way to be a whistleblower be to point it out? Why this ominous yet vague FUD? The answer that makes the most sense is that they're lying about everything. The developers don't know of any critical issues with 7.1a, but they're being pressured to or want to kill it.

That doesn't mean TrueCrypt is bug free, of course it may have bigger and smaller issues. But I think they're lying about knowingly withholding anything, that they're not working on the code and not maintaining it isn't the same as deliberately avoiding fixing issues. If they had said nothing at all and TrueCrypt had stayed at versjon 7.1a for another few years I'd still use it and despite what looks to me like a best effort they can't go back in time and sabotage their old release. So while I wouldn't trust anything they do from now on, the older code looks good. Why else would they go through so much effort to get rid of it? Somebody badly wants TrueCrypt 7.1a to disappear and be abandoned, the question is who and why.

Re:7.1a for x64 linux

[cjb658]

I have v7.1a for Windows, downloaded 21 Oct 2013. md5 is 7a23ac83a0856c352025a6f7c9cc1526.

Re:7.1a for x64 linux

[WaywardGeek]

Source package (not Linux) sha256sum: e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc

That's what I just signed in the first ever signed git commit of the CipherShed fork of TrueCrypt. It's been a crazy week over there!

Re:7.1a for x64 linux

[WaywardGeek]

DIST truecrypt-7.1a.tar.gz 1949303 SHA256 e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc

Excellent. That's what I just got for the source we're using to build the CipherShed fork of TrueCrypt.

Re:7.1a for x64 linux

[WaywardGeek]

I believe I read about this guy on slashdot a year-ish ago. He verified the Windows binary comes from the official source. I replicated most of his steps, until I became a believer. It is the actual source used to compile the 7.1a binary.

Now, if you're afraid of back-doors, be afraid of what is already in the official source, all 110K+ lines of it.

Re:7.1a for x64 linux

[Runaway1956]

My question is academic. If they got a developer into a dungeon somewhere, and applied the five dollar monkey wrench interrogation method to extract a working back door - what assurance is there that this back door doesn't work on previous versions? FUD? I thought it a reasonable question. Does an exploit in version x.xxx work on version x.xxx - 1, or x.xxx - .001, or even x.xxx - 3? In some cases, I would imagine that the exploit might work all the way back to the project's startup and milestone .01, in other cases the same exploit might not work in a very minor version update.

Re:7.1a for x64 linux

[sillybilly]

The only cryptography you can truly trust is one you invent yourself, and don't tell anyone else about it, after you've learned all the top of the line methods and technologies and tricks available in the world. But don't trust these "expert proclaimed" unsolvable problems to really be unsolvable. Somebody somewhere might be passing off to you cryptography so you hide "secrets." Best thing is not to have secrets, or even if you do, they should not be something you absolutely can't have out in the public. Like putting a lock on a bicycle, sure somebody can cut it off with, it's like there is no lock that cannot be picked or wall that cannot be destroyed, unlike in the old days, until they invented cannons, but people still practice building walls and putting up locks, So consider all security to be a mild one, like a password, it's a minor obstacle. Like it's not possible to not have your credit cards stolen. Or be victim to false witnesses. It's not possible to have computer security, because whatever you do on the chips and whatever you see on the screen, somebody could be snooping on you. You wanna practice cryptography? Go hide in a cave somewhere and draw lines in the sand with a stick, and they will still find it with sniffing dogs, and only if it makes absolute nonsense because you did not mean anything by it you were just putting down nonsense marks in the hidden cave sand on purpose, they will still decrypt it into something and jail you for it. Such is cryptography. Who you wanna trust? A computer that has a sticker that says "intel inside" or some "amd?" You can't even trust a chip you made yourself and didn't tell anybody, cuz they replaced it with a rigged identical indistinguishable copy of theirs. All you can hope for is they make mistakes, and are not thorough - and who in the world does not make mistakes - and they forgot to detect a UV pen marker line you put on it, or even a trace of blood that - in theory - can be dna decrypted to your blood, and i mean in theory. So much for cryptography and security. You have no rights. Maybe the right to think freely, but only if you don't tell anybody, or don't express it on anything, like a computer screen, voices into the air, or a piece of paper, or sand. If anything, hiding in plain sight is best. You can store information by some rules you invent, and encode things into how you place say a pillow or a sock somewhere, rules that you don't tell anybody, and sometimes, you can just fuck with the snoopers without having rules, but making it look like the disarray you throw your socks into is an expression of something, like a secret, when you were just trying to fuck with them a little and give them something to decrypt. Like a lot of google books results are "top secrect" gov't documents from like 1940's and 50's written by absolute quacks, and you can tell after 3 sentences or 3 paragraphs into it, but sometimes they are amusing to read and entertaining. Such is the top secret released to you, and you can do similar top secret releases yourself. Not to really encrypt anything and believe it's not decryptable, but just to plain fuck with people decrypting it and disrespecting your privacy.

Re:7.1a for x64 linux

"Non-government" as far as you know.

Re: 7.1a for x64 linux

The only encryption you can trust without reservation is a properly implemented one time pad system.

Re:7.1a for x64 linux

In my case, I used truecrypt because I had to move data between Mac, Windows, and Linux on thumbdrives.
Not life-shatteringly important data, but stuff that shouldn't be just left lying around.

Truecrypt provided adequate obfuscation of the data to prevent casual prying, while still running on all the required OSs. Without it, I'd have to use zips with passwords, which is certainly less secure and more of a pain.

Re: 7.1a for x64 linux

[rioki]

Only if you can handle the keying material properly. The problem with one time pad is that the keying material needs to be as much as the message to encrypt. Now if you want to transfer 1 GB of data you need 1GB of keying material. This material needs to be shared with the receiving end. Although a one time pad is mathematically proven safe, the burden is shifted from the problem to keep the message safe to keeping the keying material safe.

Re:7.1a for x64 linux

Now that's one hell of a paragraph.

Re: 7.1a for x64 linux

[sillybilly]

Thanks, but it gets you in the same trouble as drawing nonsense lines in the sand - you get caught with a set of random looking characters in a hostile country and you can prepare for some good torture sessions to extract the meaning of them. They are just random crap? Boloni! etc. So you better be creative and ready to invent something they wanna hear, to get your ass out of trouble, kinda like the American pilot captured in WW2 by the Japanese, who was interrogated about how many nukes the Americans have. Of course he had no idea, but he told them many many, because that's what he thought they wanted to hear.

Re:7.1a for x64 linux

[L4t3r4lu5]

The authorities don't need backdoors or attacks on encrypted systems. They get a court order demanding the encryption key, and if you' don't provide it you go to jail, indefinitely, for contempt of court. If that doesn't swing in your jurisdiction, then the law probably already has something about providing keys being mandatory in some instances (In UK law it's an offence to not provide them when requested; 2 years in jail, or 5 years if it's regarding terrorism or CP).

Failing that, they already have the best backdoor to secure systems that there is; A dark room in a foreign country where they pour water over your face until you're just about ready to end yourself.

But yeah, it should be fine for use against a smash-and-grab break in.

Re:7.1a for x64 linux

[Captain+Hook]

Authorities can only do that if they don't mind revealing the investigation against someone. There are still alot of reasons why authorities would want to be able to read something encrypted without it being obvious that they are doing so.

Re:7.1a for x64 linux

[Kjella]

If they got a developer into a dungeon somewhere, and applied the five dollar monkey wrench interrogation method to extract a working back door - what assurance is there that this back door doesn't work on previous versions?

Sure, with a $5 monkey wrench you can make someone implement a backdoor, but if the developer never made one and doesn't know of any exploits to produce one then beating him to a pulp won't help him find one. Sure I can't guarantee that I haven't made any big oopsies in my code, but if I did I'm not aware of them and if I found one it'd be patched immediately. I'd never knowingly sit around with an unpatched way to backdoor the system, it can only "extract" things you actually know how to do.

Re:7.1a for x64 linux

So why did you consider using TC in the first place when you make it sound like this changed your mind about the software?
Is this not supposed to be the baseline of open source security related software?

Re:7.1a for x64 linux

[hoggoth]

And you're assuming that your compiler isn't inserting extra code that wasn't in the source code.

Re:7.1a for x64 linux

[Varka]

The level of trust in the current binary builds, in my mind, approaches 0. Once the source code audit is complete, we'll see where my level of trust is in whatever newly compiled versions might be available. Ideally I'd be able to take the source with verifiable md5sum/etc. and compile my own, but a number of comments seem to indicate that this is unlikely, so maybe it's just time to move on to something else.

Re: 7.1a for x64 linux

[gearond]

In my opinion, the NSA flies other law enforcement people, have decided that TrueCrypt is too much of a problem. So either through layers day off extort it up on TrueCrypt to end their business or they just directly did it. And so now that it's Joe will be stuck with Windows alternative. And we know how much we can trust Microsoft. So I repeat True Grit probably is good, but the authorities don't want us to use it

Re:7.1a for x64 linux

[Vastad]

Oh that's fantastic! I didn't even know a setup.exe was stored there. Thanks for the tip!

Re:7.1a for x64 linux

[Runaway1956]

Fair enough. But, most developers know how to wreck their software. The guy holding the interrogation implement asks, "What is the weakest part of your encryption tool?" WHACK! "You don't need to think so long, you know the weakest part of your scheme, tell me!"

Given that answer, it would help to focus attention where WE would least want attention.

The best thing going right now, is that so many eyes ARE focused on the last "known good" version. Maybe if there is a weak link, someone will notice it. Of course, there is no guarantee at all.

Re:7.1a for x64 linux

[sillybilly]

It's like jazz, spontaneous - it has no paragraphs. If I had more time or were not as lazy, I would have had paragraphed it for you, and made it shorter too, to the point of unfollowable mentally. Euler or some other mathematicians, like Gauss, used to get off on just presenting the end results, without detailing how they arrived to it, or giving some inhuman, unnatural flow of thoughts official and strict proof, but where is the fun in that?

Re: 7.1a for x64 linux

[fisted]

The nice thing about one time pads is that for any ciphertext there's a OTP which produces any (alibi-)cleartext you desire.

The news headline a year from now...

[StandardCell]

SHA2 Preimage Attack Discovered

Re:The news headline a year from now...

Ya have to give all these money losing bitcoin engines something to do...

I wonder how much the NSA "donates" to folk that can mod source or binaries to match certain SHA checksums.

What's the difference between the US and China?

[bungo]

From my perspective, it appears that both China and the US are willing to bend to their control any IT organization that they can.

I'm happy that a verified source have been made, but sad to think that it has now come to this - the US, China, Russia, ..... so many countries that it is no longer safe to host security projects.

If only I could get a CISCO router build in China, packages in the US and sold through a reseller in Russia.... it could be marketed are the ultimate freedom router*.

(* Note: freedom is not for the end user)

Re:What's the difference between the US and China?

Has there been any big security scandal involving Russia comparable to the All-Seeing Eye of the US or the Firewall of China?

Differences between 7.1a and 7.2a

[chrisgagne]

Has anyone looked at the differences between 7.1a and 7.2a? It seems unlikely that the TC authors would intentionally release 7.2a with security-compromising bugs...

Re:Differences between 7.1a and 7.2a

[droptone]

Yep.

Re:Differences between 7.1a and 7.2a

The only difference as far as I've heard is that it doesn't allow encryption, only decryption.

Re:Differences between 7.1a and 7.2a

7.2 was stripped of encryption functions. Even if it was without bugs, what good is it? Not to mention the weird way they walked away from their software.

Re:Differences between 7.1a and 7.2a

The most obvious difference is that 7.2a will only decrypt files previously encrypted with earlier versions of TrueCrypt. 7.2a is crippled in that it cannot create new encrypted folders, files or whole disks. It was apparently engineered to be broken and serve only as a tool to recover previously encrypted volumes.

Re:Differences between 7.1a and 7.2a

those AbortProcess("insecure_apps")...

Re:Differences between 7.1a and 7.2a

[WaywardGeek]

7.2 was stripped of encryption functions. Even if it was without bugs, what good is it? Not to mention the weird way they walked away from their software.

It really was weird. Here's my new theory:

These guys released their best version ever, 7.1a, in Febuary 2012. They had a party, said goodbye, and moved on with their lives. Everyone assumed that since it's open source, some new guys would come along to take over the project. Instead, for two years, there were no security updates, and no credible fork. TrueCrypt was languishing. One of the developers decided to force the world to take action. He pulled that amazing stunt, complete with recommending everyone use Microsoft BitLocker. Now he's kicking back with a beer and watching the world go nuts. It's like kicking an ant hill.

Did it work? You bet! A bunch of geeks like me said, "I want to help!" A couple of Swiss Pirate Party dudes said, "We'll lead the effort", and before the weekend was over, they had thousands of offers for help. True to the Pirate Party spirit, they even pirated the TrueCrypt name: truecrypt.ch. Also true to the Pirate Party spirit, they don't really know how to organize a team of geeks to work together in a common direction. So, I said "Follow me!" on the forum, and signed up geeks as fast as I could at the site that became CipherShed.org. Now they're self-organizing like some sort of slime mold, creating order out of chaos. It's really fascinating to watch! I hope the original authors are enjoying the drama :-) At this point, I think the new team is going to do amazing things.

Re:Differences between 7.1a and 7.2a

Sure will!

-NSA Mole.

So, about those changes...

Will they also see if weird backdoors or other things were added in that last version before they all quit?

Re:So, about those changes...

[StandardCell]

That was part of my little joke but of course that's all cynicism on my part at this point.

The only truly reliable idiot-proof encryption method is a one-time pad where you commit the key to memory or parts of it among more than one person. Not that practical compared to a mountable volume or full-disk encryption like the old TrueCrypt, but everything has a price.

Even Better

Some of us probably have the 7.1a install file from when we updated. Doesn't get much more secure than that. I can't wait to get home and compare this "verified" repository with mine.

Match

Only anecdotal, but I have a copy of "TrueCrypt Setup 7.1a.exe" that I downloaded from truecrypt.org on May 25, 2012, with a SHA-1 sum of 7689d038c76bd1df695d295c026961e50e4a62ea, which matches the same file in this repository.

Re:Match

Good to know. What's the SHA-256?

Re:Match

SHA-256 of "TrueCrypt Setup 7.1a.exe" is

where hexstring = 'e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2' is the string substituted by the compromised backbone routers to match the untrojanized "TrueCrypt Setup 7.1a.exe" file.

Re:Match

Ah yes, but is the AC working for the NSA? Or am I?

Re:Match

[RoknrolZombie]

Whether you know it or not, the answer is "yes"

Re:Match

Thank you. Mine:

sha1sum *
16e6d7675d63fba9bb75a9983397e3fb610459a1 *TrueCrypt 7.1a Mac OS X.dmg
7689d038c76bd1df695d295c026961e50e4a62ea *TrueCrypt Setup 7.1a.exe
1d503ddb5f619ca868ea42bd7435f0dff5975997 *TrueCrypt_v7.1a.zip
c2a8c78a23f97ffb17bf47448c9f2daa3c8f80cd *truecrypt-7.1a-linux-console-x64.tar.gz
a53a7a609a25d9a1e33f720ce5c0265ddd4e8b25 *truecrypt-7.1a-linux-console-x86.tar.gz
086cf24fad36c2c99a6ac32774833c74091acc4d *truecrypt-7.1a-linux-x64.tar.gz
0e77b220dbbc6f14101f3f913966f2c818b0f588 *truecrypt-7.1a-linux-x86.tar.gz


sha256sum *
04db58b737c05bb6b0b83f1cb37a29edec844b59ff223b9e213ee1f4e287f586 *TrueCrypt 7.1a Mac OS X.dmg
e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2 *TrueCrypt Setup 7.1a.exe
4b87892bf9f217deb28eb67570803664512613aee7cf92df6e31dcca6e26fab7 *TrueCrypt_v7.1a.zip
3f48210cca1c17f433572845586d5e2a1a717a545480d136cb970689a44e3c32 *truecrypt-7.1a-linux-console-x64.tar.gz
7871a40aaca4556d2c6f3377d62347bc38302f4f1ef191e7d07123bdf4a4d008 *truecrypt-7.1a-linux-console-x86.tar.gz
43f895cfcdbe230907c47b4cd465e5c967bbe741a9b68512c09f809d1a2da1e9 *truecrypt-7.1a-linux-x64.tar.gz
9d292baf87df34598738faef7305cddaa15ea9f174c9923185653fb28f8cfef0 *truecrypt-7.1a-linux-x86.tar.gz


md5sum *
89affdc42966ae5739f673ba5fb4b7c5 *TrueCrypt 7.1a Mac OS X.dmg
7a23ac83a0856c352025a6f7c9cc1526 *TrueCrypt Setup 7.1a.exe
2c664c527ee622b17da6fcd76979fba4 *TrueCrypt_v7.1a.zip
eb71d8108afec84d4dc72c523b57763a *truecrypt-7.1a-linux-console-x64.tar.gz
218d80bbe69cb63dba124efb62600e0f *truecrypt-7.1a-linux-console-x86.tar.gz
bb355096348383987447151eecd6dc0e *truecrypt-7.1a-linux-x64.tar.gz
09355fb2e43cf51697a15421816899be *truecrypt-7.1a-linux-x86.tar.gz

# file sizes
9526318 TrueCrypt 7.1a Mac OS X.dmg
3466248 TrueCrypt Setup 7.1a.exe
24467591 TrueCrypt_v7.1a.zip
1642506 truecrypt-7.1a-linux-console-x64.tar.gz
1648060 truecrypt-7.1a-linux-console-x86.tar.gz
2667681 truecrypt-7.1a-linux-x64.tar.gz
2644819 truecrypt-7.1a-linux-x86.tar.gz

Re:Match

[crazyvas]

Sorry, meant to login FWIW before posting that:
Thank you. Mine:

sha1sum *
16e6d7675d63fba9bb75a9983397e3fb610459a1 *TrueCrypt 7.1a Mac OS X.dmg
7689d038c76bd1df695d295c026961e50e4a62ea *TrueCrypt Setup 7.1a.exe
1d503ddb5f619ca868ea42bd7435f0dff5975997 *TrueCrypt_v7.1a.zip
c2a8c78a23f97ffb17bf47448c9f2daa3c8f80cd *truecrypt-7.1a-linux-console-x64.tar.gz
a53a7a609a25d9a1e33f720ce5c0265ddd4e8b25 *truecrypt-7.1a-linux-console-x86.tar.gz
086cf24fad36c2c99a6ac32774833c74091acc4d *truecrypt-7.1a-linux-x64.tar.gz
0e77b220dbbc6f14101f3f913966f2c818b0f588 *truecrypt-7.1a-linux-x86.tar.gz


sha256sum *
04db58b737c05bb6b0b83f1cb37a29edec844b59ff223b9e213ee1f4e287f586 *TrueCrypt 7.1a Mac OS X.dmg
e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2 *TrueCrypt Setup 7.1a.exe
4b87892bf9f217deb28eb67570803664512613aee7cf92df6e31dcca6e26fab7 *TrueCrypt_v7.1a.zip
3f48210cca1c17f433572845586d5e2a1a717a545480d136cb970689a44e3c32 *truecrypt-7.1a-linux-console-x64.tar.gz
7871a40aaca4556d2c6f3377d62347bc38302f4f1ef191e7d07123bdf4a4d008 *truecrypt-7.1a-linux-console-x86.tar.gz
43f895cfcdbe230907c47b4cd465e5c967bbe741a9b68512c09f809d1a2da1e9 *truecrypt-7.1a-linux-x64.tar.gz
9d292baf87df34598738faef7305cddaa15ea9f174c9923185653fb28f8cfef0 *truecrypt-7.1a-linux-x86.tar.gz


md5sum *
89affdc42966ae5739f673ba5fb4b7c5 *TrueCrypt 7.1a Mac OS X.dmg
7a23ac83a0856c352025a6f7c9cc1526 *TrueCrypt Setup 7.1a.exe
2c664c527ee622b17da6fcd76979fba4 *TrueCrypt_v7.1a.zip
eb71d8108afec84d4dc72c523b57763a *truecrypt-7.1a-linux-console-x64.tar.gz
218d80bbe69cb63dba124efb62600e0f *truecrypt-7.1a-linux-console-x86.tar.gz
bb355096348383987447151eecd6dc0e *truecrypt-7.1a-linux-x64.tar.gz
09355fb2e43cf51697a15421816899be *truecrypt-7.1a-linux-x86.tar.gz

# file sizes
9526318 TrueCrypt 7.1a Mac OS X.dmg
3466248 TrueCrypt Setup 7.1a.exe
24467591 TrueCrypt_v7.1a.zip
1642506 truecrypt-7.1a-linux-console-x64.tar.gz
1648060 truecrypt-7.1a-linux-console-x86.tar.gz
2667681 truecrypt-7.1a-linux-x64.tar.gz
2644819 truecrypt-7.1a-linux-x86.tar.gz

Truecrypt authors-WARNING: TrueCrypt is not secure

[raymorris]

> Doesn't get much more secure than that.

The authors of Truecrypt said "WARNING: TrueCrypt is not secure".

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot, she's probably telling the truth when she says she's crazy. I think the same principle may apply here. If the Truecrypt project page says "Truecrypt is not secure", believe them - it probably is not secure.

Other options seem to be more secure. Personally, I use dm-crypt (cryptsetup) with 256 bit ESSIV AES CBC, plus a little magic I've thrown in.

TrueCripled to be released late 2014

[BoRegardless]

But this time it will be compromised and costly commercial SW.

Re:TrueCripled to be released late 2014

[DiamondGeezer]

How will we tell?

Subscribe

[tepples]

What are the hashes for your copy?

In order for a post of the hashes to be of any use, both the poster and anybody reading the post would have to pay Dice for a subscription to Slashdot. This is because Slashdot redirects all non-subscribers' HTTPS pageviews to HTTP. If the poster does not subscribe, a man in the middle could modify the hash on its way from the poster's computer to Slashdot's server. If the reader does not subscribe, a man in the middle could modify the hash on its way from the poster's computer to the reader's computer.

Re:Subscribe

It could still be of use if the reader checked the post from two different machines - say home and at the library. The bonus would be that if they were different, they'd know they were being MITM'd. If the poster checked from a second machine, they could update their post with a confirmation that it was indeed right.

Re:Subscribe

Oh, I get it. A MitM could see whenever someone posts the hash e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2 and convert it to e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2.

Re:Subscribe

Caution: If they can tell that you're the same user due to browsing habits or such, then they might feed you the same MITM'd page. Or the OP might just get lucky and avoid randomly drawing the page with the mangled hash (e.g. if the MITM randomly chooses to mangle the output to every 1000th page view).

Re:Subscribe

[alostpacket]

But the /. moderation system is infallible

Re:Subscribe

[jrumney]

If the poster checked from a second machine, they could update their post with a confirmation that it was indeed right.

I think you should update your post to clarify that Slashdot does not support updating of posts once they are submitted, least anyone get confused and spend time looking for that option.

Re:Subscribe

[sillybilly]

That's gay

Re:Subscribe

[sillybilly]

You're not supposed to enjoy stimulation to your prostate. Unless it's done by a female during a blowjob, but she might end up with smelly fingers. Even that can get you killed though, like in Russia, or muslim places like Africa, you get killed as soon as there are signs of gayness, they are very careful to keep the genepool clean of this deviant gene, which creates perversion and decay in society without any life-procreating effects, if anything, it goes against creating new life, just like contraceptives do. (Btw why don't muslims hate contraceptives more than homos?) So anyway, there are videos that in Africa you don't only get stoned to death for it, but there was this guy witch his legs chopped off with a machete, and he was still trying to run away on the stumps left, before getting killed. I'm trying to find some good images on google, like congo machete patrol, or rwanda machete, but it's not coming up with anything good right now. In any case, Alan Turing, the breaker of the nazi encryption code Enigma, was recently exonerated by the British crown against charges of perversion related to gay stuff. Perversion and creativity seems to go hand in hand, but in places like Japan it's more about pedophilia (you can buy actual used panties of a school girl with the proper scent in a street vending machine next to a candy bar or a pepsi bottle), and gay stuff, especially between men, is a horrible shame even there, but it's okay if the women do it, cuz the men force them to do it, but the men choose what they do among themselves, and nothing is ok unless there is at least one woman present. Even Socrates was killed over both pedophilia and gayness, his inquisitive mind pissed off everybody, the Socratic method is the best way in the world to piss anyone off, - as in let's talk, and I will show you through your own words how stupid you are, and i know I, Socrates, am stupid, but you're so stupid that you don't even realize how stupid you are, hence you're more stupid than me, and that's how the Oracle at Delphi was correct, in saying that Socrates is the wisest man in the world, not because he's wise, he's obviously stupid, but everybody else is even more stupid than him, so he's the wisest. So the charges against him were: 1. Impiety to the Gods. 2. Corruption of the youth. And he was 70, and even Plato was in on organizing his escape before the execution, even the authorities practically left the prison door swung wide open to let him walk out and just go away once and for all and stop being so annoying, but he was too macho, and he said something like respect for the law that the community erects, and he drank up the hemlock. So Plato wrote all this macho shit down. Friggin greeks fucking boys, not even preteen girls like them 70 year old Japanese, but boys. Something not right with that.

Re:Subscribe

[sillybilly]

Oh and Socrates did have a wife, called Xanthippe, possibly 40 years younger than him.

Re:Subscribe

[bruce_the_loon]

Hey, how did you get hold of the IPv6 address for my bathroom^H^H^H^H^H^H^H^Hsecurity camera system?

Signed, the janitor at St Trinian's School.

Re:Subscribe

you left out that the beta has this feature built in...

Re: Subscribe

What the hell did I just read...

Re: Subscribe

[sillybilly]

Encryption and information security related material - a somewhat humoros but highly homosexual and taboo spin on man in the middle attack, captcha:decorum, ssl certificate warning ignored, Alan Turing breaking the nazi Enigma code had a darker side to him, like Michael Jackson, or Richard Gere, or some Catholic bishops, or Socrates written down by Plato - I'm not sure he was actually messing with children, just young males, so to speak, but stuff like that is all over greek pottery, and it's called "greek love", and the greeks were one of the top ancient mathematicians, besides the hindus and egyptians and chinese, but they did have this darker side to them, of perversion related issues, and so do the japanese, they make awesome cars and top of the line high tech stuff, and they are at the forefront of science, but buddhism and shinto does not seem to be a strict enough religion there to completely regulate exuberance in sex, which has consequences, such as overpopulation, and no poverty yet, but it may get dangerously thin on resources - just watch images or videos of japanese public pools to get a feel. Usually poverty and too many kids go hand in hand, and wealth and lack of fecundity also go hand in hand. Irregardless of cultural, racial or other factors. Because it takes a tremendous amount of resources to rear a child, total dedication. Religion that functions well usually creates wealth and abundance of resources, and good life, or better balance, so to speak, by moderating the natural tendency to overpopulate, and it's rare that it creates a "too retarding" or exterminating effect. Perversion detracting from direct procreation also has this wealth creating effect, but it can go to the point of addiction and distraction from normal duties, but if not out of control, it's kind of interesting that really creative and intelligent people have this really dark and perverted side to them, and it's like they are free to do whatever they want as long as they can keep it secret or out of the public view, except when it involves children, and of those, those that are pre-puberty and have no idea what a sexual desire is. But it's really hard to control the girl-scout-cookie teenie weenie anime-like japanese pedophilia related to sexually mature depictions of extremely young girls, who're obviously mature from their breasts being fully formed and huge, because fast breeders take over any population and drive slow breeders to extinction. The bottleneck to fast breeding are the females that take 9 months to pop a baby, and have menopause, a male almost does not matter because he's a discardable item and who knows where he ends up by the end of 9 months, but the mother is with the baby after he's born almost 99% sure. So there are groups who breed at age 12-13 as soon as puberty hits, and by age 26 she's a grandma, by age 39 she's a great grandma, potentially to 100 offsprings out of 8 people (2 parents, 4 grandparents, 8 greatgrandparents) vs. someone who does not even have their first child by age 39, as it happens with a lot of women in new york, they end up having their first kids in their early 40's and they barely have 3 to 5 years before menopause, so they can't have 7-10 kids that can create a population explosion, like those groups that start reproducing at age 13. As I said the men don't really matter, as an 80 year old can father a child with a 13 year old, or he can father with 3 women per day for 3 months and that's 90 kids in one shot, so males are like instant fast breeders if circumstances require, but women cannot be fast breeders at age 80 like that, so there is a lot of selection pressure for young women. Also the younger the smaller the chances of a previous commitment as opposed to dedication to the first child, and possibly blood siblings following. How many times it happens that older men in their 40s-50s dump their mates of 30 years to hook up with a younger female 10-20 years younger than them? All the time. My downstairs neighbor did it before he moved out, and she was devastated, but with a naughty jo

Re: Subscribe

This. This was a good post.

Re: Subscribe

[kaatochacha]

I'm not sure what's worse: that I read through this thing, or the run-on sentences were the most notable aspect to me.

Huh? So what?

So the 7.1a code is verified as the same as that which was distributed as 7.1a. Great. But does 7.1 a have vulnerabilities, a backdoor, bugs?

Re:Huh? So what?

[ledow]

That's what the audit mentioned in the summary - and several dozen previous articles - will show (and has already intimated, in brief, that there's nothing obviously wrong with it but it can take years of analysis to have confidence that something this large is clean).

Keep up.

Re:Huh? So what?

[Z00L00K]

All softwares have bugs, the question is just if the bugs are serious or if they are benign.

The hardest bugs to find are those that are due to bad overall design. Each part may be perfect, but they are joined in a way that is unsafe.

Cross-platform

[tepples]

Personally, I use dm-crypt (cryptsetup) with 256 bit ESSIV AES CBC, plus a little magic I've thrown in.

Might this magic happen to let you write files to an encrypted volume on one operating system and read it on another?

Re:Cross-platform

I have some magic for that, called "NFS." An arcane conjuring named "Samba" is there too, though more as a test, and something call netatalk is supposedly in some grimoires too. Weirdly, I found that the read-but-not-write case turned out to be so frequent, that some cantrips named MediaTomb and even Apache(!!) often turned out to be some often-used simplest solutions.

Yes, I realize this totally dodges/undermines your intent. And yet, I bet it's potentially one of the best answers out there, for many people (but I admit, not everyone). Once you buy that second computer, you're headed this way. And so many people are into virtualization these days, that sometimes the second computer is inside the first.

Re:Cross-platform

My guess would be TRESOR. It's pretty much the only reason you'd be using CBC instead of XTS.

Re:Cross-platform

[David+Jao]

If you're seriously interested in disk encryption, it's pretty clear that there is no viable platform other than Linux, and maybe BSD. Any other platform will be riddled with NSA backdoors, and you'll have no way to check. So I don't understand why cross-platform compatibility is even desirable, much less necessary.

Re:Cross-platform

[mirix]

Pfft, there is only one operating system. ;-)

I am a big fan of dm-crypt.

Re:Cross-platform

[CaptnZilog]

Pfft, there is only one operating system. ;-)

I am a big fan of dm-crypt.

--
Sent from my PDP-11

RSX-11? :-D

Re:Cross-platform

[0111+1110]

If you are implying that LUKS + dm-crypt is more secure in practice I might mention that hidden containers have not been implemented AFAIK.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[cyn1c77]

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot, she's probably telling the truth when she says she's crazy. I think the same principle may apply here.

Suddenly I am less interested in my privacy and more interested in your anecdotal story!

Should I put it on eBay?

I have a legit copy of TrueCrypt 7.0.0.0 on an old Windows XP machine. The digital signature timestamp is July 18, 2010 @ 1:23:31 PM

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[Jawnn]

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot...

You say that as if it were a bad thing...

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[Z00L00K]

Have you ever seen any computer system that is completely secure? There's always a hole or backdoor in it, and I'm just waiting for a major one to show up in bitlocker.

How can we trust them to say it's not secure if we can't know in what way it isn't secure?

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[Mistakill]

The current train of thought, which may never be verified, is that the authors got a National Security Letter from the NSA (like Lavabit)... If so, pointing people away from it to something like BitLocker may be a way for the NSA to gain easier access to encrypted data

Sublime irony

[pla]

I find it truly delightful that the NSA has accidentally accomplished one small aspect of their cover-story mission through their bad PR of late...

By making us paranoid of the documented snooping of our own government, the NSA has managed to do what the likes of Bruce Stirling and Phil Zimmerman failed to accomplish for decades - Get us to finally start encrypting everything possible, from end-to-end. This code audit of TrueCrypt counts as only one tiny part of that whole, but attitudes have changed for the better!

Re:Sublime irony

[BoRegardless]

Did TrueCrypt go down because the NSA pulled their programmers off the team?

Re:Sublime irony

Safest protection against NSA:
Roll your own crypto. A person skilled in cryptography might not have any problem breaking trough it but you aren't going to automate decryption of a couple of million different retarded encryption methods.

Re:Sublime irony

[ledow]

You obviously know nothing about cryptography, nor the methods used to break them.

Rolling your own crypto is the WORST thing you can do. And automated analysis of "encryptions" like that are not only more feasible than breaking AES, but they stick out like a sore thumb when you do any analysis... that's the point - encryption is hard, and one of the hardest bits of encryption is stopping ANY sign or pattern of the original data showing through.

Even cryptographers wouldn't try this. Use something that's been attacked for 20 years or not at all.

However, personally, I'm more suspicious of exactly why EC cryptography started being pushed JUST BEFORE this whole NSA thing and is still seen as the only solution for it (especially regarding perfect-forward secrecy, whose only non-EC methods are incredibly computationally expensive and thus not being deployed).

To a suspicious mind, it looks like when you think the trick is happening, it's already been done.

Re:Sublime irony

[Electricity+Likes+Me]

Uh, because RSA was falling at a rather predictable if accelerating pace, and it was obvious "just use longer keys" wasn't really going to scale?

This wasn't a surprise. RSA is computationally expensive for the level of security provided, and the computing power to break shorter keys was becoming more and more available.

Re:Sublime irony

He's observing that the strength of the cryptography is a good defense against cryptographers, and that the obscurity of the cryptography is a good defense against automated mass-surveillance dragnet decryption attempts. It's an economics based defense in the same way that appealing traffic tickets clogs up the court system even though your adversary has you outgunned. If you clog the cooling system with jellyfish: you can suffocate a nuclear power plant.

http://en.wikipedia.org/wiki/Millennium_Challenge_2002

Re:Sublime irony

[rwa2]

I don't know why I don't see more of this... is it not obvious that TrueCrypt is most likely made by whitehats at the NSA? And that the blackhats at the NSA probably finally strongarmed them into abandoning their hobby project?

This seems consistent with the TrueCrypt End-of-Life announcement.

Re:Sublime irony

This.

Security through obscurity actually does work, when all the methods publicly known are pre-broken in a cookie-cutter fashion.

You can only publicly show your security when those methods are impervious to attack. Today I don't know if such encryption exists beyond the One Time Pad.

Thus it's not *safe* to use any pre-existing crypto. I'm told I cannot beat the Ph-D's who designed the algorithm, but no one mentions how the NSA pays *their* PH-D's to pre-break all the publicly existing methods.

Thus by using a public method, I already can be compromised in a sweeping drag-net fashion by essentially automated tools.

But if I roll my own, a human has to look at it. A human has to break it. I have to be a worthwhile target to even get this Human's attention.

Thus security through obscurity is really all we have in the age of automated pre-baked attacks and backdoors.

Thank you for confirming that at least some people are now thinking this way too.

Re:Sublime irony

You obviously are wrong.

Everything we may use is already compromised.

I'd rather that they are forced to bring a human into the game to get me.

Instead of some pre built scanner that collects encrypted snippits from the web and breaks them using some method or backdoor not yet known(or known but not public).

When we were crawling around on the floor, they already knew about differential cryptanalysis. Only later did we "discover" it and realize it was possible.

So I'll assume the public methods are all broken in some way that they keep very secret at the NSA.

It's harder to build a computer that solves random unknown crypto, than to pay a dude to manually analyse my home brew crypto. The requirement that a real human spend time on it is the saving grace that prevents drag-net surveillance.

I don't mind targeted lookups. That's warrant territory. I fear dragnet scanning which surely is on some list of operational requirements on some NSA whiteboard.

Put it this way, if I worked there I'd immediately want to break all publicly known crypto that is in popular use. Then I'd keep quite about it and scan.

Next up I'd say that I want backdoors to all major operating systems. Those would be developed or inserted depending on where the software is made. We'd craft backdoors for open source stuff, and forcefully insert backdoors into paid software under court orders for US business.

Next up I'd say that I want secret 3G/4G reception inside of the CPU, so I could use a transmitter to basically access the CPU from miles away. I'd use that to bypass memory barriers imposed by the OS and simply read your passwords out of RAM whenever you load your encryption program like PGP. I'd just have the CPU microcode have a detection routine which fingerprints programs. As they update PGP I just keep re-flashing the fingerprints across 3G/4G cellular service right into your CPU.

The CPU would then just sit quiet and capture passwords in memory storing them in some internal persistent area (probably next to microcode). It would be undetectable unless I have agents send out the 3G/4G signal which wakes up your chip and has it send me your passwords.

I wouldn't need to bust your network. I wouldn't need your computer to BE on a network (most secure stuff is airgapped anyways). I wouldn't need to bust your Operating system. I only need your computer to be within range of a cellular tower. Then I have ways to see heuristically what programs you run, what usernames are in memory, what passwords are entered in to apps I fingerprint, or hell just intercept the keyboard keys to a buffer when unknown program signatures are running.

That would almost guarantee that I'd breach you. So I'm just a 26 yr old punk software developer. I'd assume anyone truly running the NSA would be *smarter* and already have done the things I'd do.

For reference intel added 3G capability to SandyBridge under the guise of somehow disabling the CPU if stolen..... (because we all call the cops and have them force Intel to disable stolen computers). I think it was fishy and an implementation of the CPU hack I mentioned. It's just so smart and easy. It's how I'd do it.

Re:Sublime irony

10 years ago there was a man who worked for The Agency. He refused to use a personal computer at all. "You have no idea," he said.

Re:Sublime irony

You could just copy the structure of known good encryption systems and triple the rounds.

Re:Sublime irony

[pnutjam]

Refusal to use is luddite territory. Even if it's not secure, there are many non-secure things a computer is useful for.

Re:Sublime irony

[GuB-42]

Some automated attacks can defeat security through obscurity.
For a very simple example, read "The Gold-Bug" by Edgar Allan Poe. In this book, the protagonist explains how he managed to defeat a simple substitution cypher. This method uses frequency analysis and can be easily automated, it also work no matter how cleverly you generate your substitution table.
Of course, your cypher will probably be a bit more complex than that, but if all what it takes to break a substitution cypher is to read a short story from the 19th century, imagine what the NSA can do.
Cryptography is hard. It's hard because the output always looks random (if it doesn't, you are doing things very very wrong). It means that it is very easy to make a mistake and going back to rot13 level security without noticing it. Even experts get it wrong sometimes.

If you really want to roll your own, encrypt it with a well recognized crypto-system as a second pass. Using a different key of course.

Re: Sublime irony

[Steve+B]

"secret 3G/4G reception inside of the CPU"

Ruh roh! I'd better put my CPU in the middle of a metal box or something....

Should I put it out for bid on eBay?

[csdarknightcs]

I have TrueCrypt 7.0.0.0 timestamped July 19, 2010 at 1:23:31PM

Re:Should I put it out for bid on eBay?

I have a windows copy of TrueCrypt 7.0 from October 2011.

Re:Should I put it out for bid on eBay?

[Trax3001BBS]

I have TrueCrypt 7.0.0.0 timestamped July 19, 2010 at 1:23:31PM

The latest I have is TrueCrypt Setup 7.1aWindows-2000-Win7.exe
with a time stamp of Tuesday, November 19, 2013, 3:10:47 PM Modified Sunday, July 07, 2013, 5:05:54 PM another one modified: Monday, May 21, 2012, 12:43:08 AM

I also have a version of Linux truecrypt-7.1a-linux-console-x64.tar and x86 Modified and created Wednesday, November 27, 2013, 3:10:40 AM
I had plans on going to Linux at the time.

I don't expect money for anything I have, if anybody wants (them) I'll upload em someplace until I get a nasty gram from NSA.

suckers

thankfully I use windows and bitlocker and don't have to worry about any of this.

With most NAS drives, yeah

[raymorris]

Many consumer grade (and most enterprise grade) NAS devices run Linux or BSD. They are usable from a home desktop OS such as Windows, so yes, even Windows can write files to properly encrypted storage.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[davydagger]

>256 bit ESSIV AES CBC

cool story bro, CBC is broken. Truecrypt uses XTS, and TLS added GCM.

Truecrypt also includes the options for serpent and twofish, both AES finalists with higher margins of absolute security than rinjidael.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[rogoshen1]

i think you're confusing 'spontaneous' (which is fun) with 'crazy' which is bunny-burning, jealous lunacy.

Qatar ball

[tepples]

That's fine so long as home and the library don't use the same ISP. Cable monopolies tend to do this, such as if home uses Xfinity and the library uses Comcast Business. In extreme cases, an entire country's web traffic passes through the same proxy, as when Wikipedia temporarily blocked all editing from Qatar.

Oh, and a correction to an error that I failed to spot in preview: "from the poster's computer to the reader's computer" at the end of #47205895 was supposed to be "from Dice to the reader's computer".

The OCAP Team

[kat_skan]

So who exactly is "the OCAP team?" I admit not following crypto research very closely so the only name I recognize on their site is Bruce Schneier, and though there's a few comments mentioning them on his blog he hasn't as far as I can tell said anything about being involved.

Smartphone app to replace flash drive

[tepples]

But to make it competitive with a TrueCrypt volume on a USB flash drive, you'd have to shrink the NAS down to pocket size and get it onto the WLAN somehow. Is there a smartphone app for that yet?

Re:Smartphone app to replace flash drive

Just buy a WLAN router for $15 and flash openwrt.

for what it's worth

This is what I get...
truecrypt-7.1a-linux-x64.tar.gz

MD5: bb355096348383987447151eecd6dc0e
SHA1: 086cf24fad36c2c99a6ac32774833c74091acc4d

Matches mine, but I also have 64-bit Linux & M

[antdude]

Here's mine:

2667681 Apr 9 2013 truecrypt-7.1a-linux-x64.tar.gz
9526318 Jan 20 2013 TrueCrypt 7.1a Mac OS X.dmg
3466248 Jan 20 2013 TrueCrypt Setup 7.1a.exe

$ sha1sum *
086cf24fad36c2c99a6ac32774833c74091acc4d truecrypt-7.1a-linux-x64.tar.gz
16e6d7675d63fba9bb75a9983397e3fb610459a1 TrueCrypt 7.1a Mac OS X.dmg
7689d038c76bd1df695d295c026961e50e4a62ea TrueCrypt Setup 7.1a.exe

My SHA-256

[Futurepower(R)]

SHA-256:
e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2
TrueCrypt Setup 7.1a.exe
Downloaded 02/10/2012 04:19 AM.

Same answer from the CNet.com, FileHippo, and Steve Gibson versions. MD5's also match. Using sha256deep64.exe and md5deep64.exe.

Who audits...

[Rinikusu]

the auditors?
.
.
.
.
.

Re:Who audits...

[amigabill]

I'm sure that the NSA would be happy to appoint someone to check the work of the NSA appointed auditors doing the current investigation. :)

I have 7.0a

which should do me just fine until the dust clears and someone produces a verified-safe version (if that's at all possible in this situation).

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

Not him, but as I said above on another reply, TRESOR uses CBC. I don't know about CBC being *broken* (citation, please? I'm not an expert), but I would imagine that protection from cold boot attacks is worth the tradeoff.

https://en.wikipedia.org/wiki/TRESOR

TRESOR (recursive acronym for "TRESOR Runs Encryption Securely Outside RAM") is a Linux kernel patch which provides CPU-only based encryption to defend against cold boot attacks on computer systems by performing encryption outside usual random-access memory (RAM).

EDIT: holy crap, captcha is "decrypt"

Re:Nonsense

This HTTPS stuff is nonsense! My Truecrypt password is 'Hunter2'. I don't need HTTPS because my password shows up as stars when I preview it.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[swillden]

cool story bro, CBC is broken. Truecrypt uses XTS, and TLS added GCM.

CBC is not broken. It doesn't provide the authentication properties an AEAD mode like GCM does, and it's more subject to ciphertext tampering attacks than XTS, but it's a perfectly good mode when applied with understanding of its strengths and weaknesses -- which is also true of GCM (which is terribly insecure if tags are truncated too much; far worse than CBC) and XTS (which isn't authenticated and therefore still subject to ciphertext tampering). And if you want CBC to have authentication and tamper-resistance, they can easily be added by HMACing the ciphertext.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[weedenbc]

They said it was not secure because it "may contain unfixed security issues". That statement was 100% true for every earlier version of TrueCrypt and every single piece of software ever created. Including dm-crypt, your recommendation.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

Therefore, according to Grice's maxims, they must have had something else to say.

You thinking of SSL? CBC is as "broken" as XTS is

[raymorris]

Are you thinking of SSL (not TLS) and how it used a predictable IV in CBC mode? That's an SSL issue, not a CBC issue.

CBC is "broken" to the extent that it isn't tamper-evident, so if a bad guy has write access to your encrypted storage you might not know it (unless you hash the file, just like any other storage). XTS is the same!

 

Gumstix

[raymorris]

> volume on a USB flash drive, you'd have to shrink the NAS down to pocket size

See Gumstix and many similar options.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

i think you're confusing 'spontaneous' (which is fun) with 'crazy' which is bunny-burning, jealous lunacy.

QFT. Personally, I can add an example of "crazy" which included her living in a fantasy construct, pathologically lying, stealing thousands of dollars from me, faking a pregnancy and abortion (to get more cash from me), eventually getting institutionalized briefly after we broke up, and drunk texting me annually on her mother's death anniversary with passive-aggressive suicide notes (don't respond to those). I eventually changed my phone number I had for 10 years in order to escape.

Listen to the man. Don't stick your dick in crazy.

And was promptly backdoored

[Gothmolly]

SUUURE, this new verified installer is legit.
Love, the NSA (who wrote the thing in the first place) ..tries to download it...
"Using GitHub on Windows has never been this easy."

Sad Internet user has a sad.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

That's something special. I was only one step down from you. She was living in a fantasy construct, pathologically lying, but she didn't steal thousands, only hundreds, no faked pregnancy, but she did, either fake or real, try to kill herself and she took a big chunk of skin from my back. Although she was never institutionalized (she's too smart for that) she did lose her kids (yes, she has kids...) and I haven't heard from her since I left.

I completely agree with you on the don't stick your dick in crazy. Bad results tend to happen.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

It's a bad thing.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

Wow. How did she end up getting a chunk of your skin, and for what reason?

I didn't mention that she ended up losing her first kid, probably as a result of her institutionalization. She compensated by having three more, with at least two other guys. So, four kids by at least three males.

I was seriously mindfucked by the fake pregnancy thing. I avoided pursuing romantic relationships for three years after this crazy bitch.

Sorry to say...

[duke_cheetah2003]

But I have come to the conclusion the devs just got sick of giving us free stuff, especially when these auditors came along and got PAID to review code the TrueCrypt devs have been toiling on without pay for years.

All your NSA conspiracy theories are fun to read, but really.. I'm pretty convinced there's nothing wrong with 7.1a that will come to reveal it's fundamentally flawed and insecure.

I think I'd be giving you all the finger too if I worked 10 years without pay and some hooha's came along and got paid a bunch of dough to review my stuff and criticize it.

Move along, nothing to see here now. Just some p/o'd devs giving us all the finger.

Re:Sorry to say...

Speak for yourself. I recognized the value of the service they were offering, and I paid.

Re:Sorry to say...

[duke_cheetah2003]

Speak for yourself. I recognized the value of the service they were offering, and I paid.

And you are probably very much in the minority.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

The current train of thought, which may never be verified, is that the authors got a National Security Letter from the NSA (like Lavabit)... If so, pointing people away from it to something like BitLocker may be a way for the NSA to gain easier access to encrypted data

That is just one theory, and it doesn't seem to have more support than other theories from people familiar with the project. So calling it "current train of thought" should be prefaced with a "my". This OSS project was already languishing, big time, and some see it as just the developers finally walking away from it - in a way that generates action to create alternatives/someone taking over (happening right now, didn't before).

If you take the first letters of the warning...

...and translate it from Latin.

https://translate.google.com/#la/en/uti%20nsa%20im%20c%20usi

uti nsa im c usi -> I used the NSA to use C
uti nsa im cu si -> If I wish to use the NSA ...Coincidence? Yeah.

This is such a weird story.

[Crookdotter]

Does anyone know who the devs are? Why such a strange webpage and release? Are they trying to hint that the NSA has forced a backdoor upon them with the latest release and they've just nuked it? I use truecrypt and I want to know what the hell happened.

Updates without editing

[tepples]

Slashdot does not support updating of posts once they are submitted

Of course it does. True, Slashdot is WORM in the sense that it doesn't allow users to edit submitted comments. But if you reply to yourself with the correction, the correction will be displayed below your original comment. See, for example, my post "Qatar ball" above.

2013 releases make me nervous

[0111+1110]

To me the most likely and simplest explanation of the strange canary-like behavior is to assume a warrant canary is indeed what we are seeing. Which probably means that 7.1a has not been compromised, but that a compromised version of 7.1a will eventually be introduced into the wild. Hence the need for a trusted repo for windows.

Nevertheless are the changes between 7.0 and 7.1 so significant that it is worth the additional risk of a more recent release? I'm thinking of using my 7.0 download from 2011 instead. A 2 year delay and then suddenly an update might in itself seem suspicious to a sufficiently paranoid individual given what we now know about the aggressive behavior of the NSA. The drawback is that the code verification process is based on 7.1a. Until the verification/cryptanalysis process is complete downgrading to 7.0 temporarily might be worthwhile.

FWIW here are some md5sums for my Windows copies.
5.0a: 4ec2b386f5d786b3017727aaecf28aa8
6.0: ec0827315825a035ff9a4203ddddfef7
6.1a: c413ecd820d2f912996ae86327b0d622
7.0: eadd4ae48541b830638f279d83938497
7.0a: 354e280c4bb56704e3925770f282588f
7.1a: 7a23ac83a0856c352025a6f7c9cc1526

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[Jawnn]

QFT. Personally, I can add an example of "crazy" which included her living in a fantasy construct, pathologically lying, stealing thousands of dollars from me, faking a pregnancy and abortion (to get more cash from me), eventually getting institutionalized briefly after we broke up, and drunk texting me annually on her mother's death anniversary with passive-aggressive suicide notes (don't respond to those). I eventually changed my phone number I had for 10 years in order to escape.

Listen to the man.

There's a difference between "dating" and "letting the crazy person affect you to the point of theft, personal harm, etc.". Maybe I just have more experience with them and know when to pull out, so to speak. Not that that's a particularly cool badge to have earned, but I have been able to see where things were heading and jumped off the train. Still it was usually worth the ride.

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

I have been able to see where things were heading and jumped off the train. Still it was usually worth the ride.

Some people like to BASE jump. That's fine, but it's disingenuous to insinuate it is a fun, safe activity. BASE jumping and fucking crazy bitches is in the same realm of safety.

In the case of crazy bitches, I suggest getting a vasectomy first. It's too hard to ensure they won't poke holes in condoms or impregnate themselves after sucking you off.

YMMV wrt to HIV, etc.