TrueCrypt Audit Back On Track After Silence and Uncertainty

itwbennett writes: In October 2013 Cryptography professor Matthew Green and security researcher Kenneth White launched a project to perform a professional security audit of TrueCrypt, partly prompted by the leaks from Edward Snowden that suggested the NSA was engaged in efforts to undermine encryption. Their report, published in April 2014, covered the first phase of the audit. Phase two was supposed to involve a formal review of the program's encryption functions, with the goal of uncovering any potential errors in the cryptographic implementations—but then the unexpected happened. In May 2014, the developers of TrueCrypt, who had remained anonymous over the years for privacy reasons, abruptly announced that they were discontinuing the project and advised users to switch to alternatives. Now, almost a year later, the project is back on track.

Um,

What did the TrueCrypt developers have to do with the audit of TrueCrypt?

Re:Um,

They are very familiar with the code base, otherwise they would have to spend a lot of time just learning how it works.

Re:Um,

You sound like someone new to the concept of 'independent audit'.

Re:Um,

[jeffmeden]

What did the TrueCrypt developers have to do with the audit of TrueCrypt?

Is there a point to continue auditing a platform whose entire developer team has abandoned whilst urging all users to seek other encryption tools? At this point the audit is probably going to be interesting (related to the aforementioned dev abandonment), but not exactly useful... If you are still using Truecrypt, you have already been warned.

Re:Um,

[gurps_npc]

Yes. Because some people think that TrueCrypt was killed BECAUSE it was actually secure and the NSA wanted them to de-secure it.

As such, a warrant would let people continue to use it, secure in the fact that it actually works as required.

It also lets people fork it.

Frankly, I have been severely disappointed with BestCrypt, which I had hoped would end up as the replacement for TrueCrypt. (multiple problems with getting the regular operating system to recognize the 'mounted' drives)

Re:Um,

[cfalcon]

I don't think the devs were helping anyway. They remain anonymous to this moment, at least to all of us.

Re:Um,

[jeffmeden]

Yes. Because some people think that TrueCrypt was killed BECAUSE it was actually secure and the NSA wanted them to de-secure it.

As such, a warrant would let people continue to use it, secure in the fact that it actually works as required.

It also lets people fork it.

Frankly, I have been severely disappointed with BestCrypt, which I had hoped would end up as the replacement for TrueCrypt. (multiple problems with getting the regular operating system to recognize the 'mounted' drives)

Given that the authors were anonymous is it postulated that the NSA hunted them down and was ready to doxx them for not complying? What leverage could they possibly have had?

Re:Um,

[bloodhawk]

It is far easily to hide a well engineered backdoor than it is to find it. No matter how good the auditors are and even if you 100% trust them there is no way they can be certain to uncover a backdoor if one exists. At this point with the exiting statement of the developers only a fool would trust Truecrypt with anything important.

Re:Um,

[grep+-v+'.*'+*]

[Backdoors are hard to find.] At this point with the exiting statement of the developers only a fool would trust Truecrypt with anything important.

Let's see: only a fool trusts things that actively lose data. (ie, bitrot, or email systems used by important people. If it's important, have 2+ independent copies)

So let's posit that TC is "sane", that it doesn't actively corrupt your data (Actual disk bitrot is another matter.)

Is it secure? (Ignoring keyloggers, CPU tampering, OS-file I/O interception, not to mention on-bus DMA controllers that have direct access to physical memory, and other out of band things? You could argue they need to detect this but they aren't an A/V vendor and you do halfway have to trust your hardware. Oh, visit CC PIN hacking via a IR camera to see your hardware "betray" you.)

Well, given a correct encryption key, things work correctly; given seemingly any incorrect key, things don't -- a very good start. So they need to protect the working in-memory key (because it's game-over if not.) They erase it if enough idle time has passed and try to keep it from being swapped out to disk. Process memory isolation is great, but in both cases the OS itself can do whatever it wants. So you have to trust the OS, at least a bit.

So, what everybody actually means: is the encryption secure? Can someone who doesn't know my password read my data due to stupid password handling, bad encryption routine choices (ROT-26), or leaky code of good routines? (Say perfect AES file encryption, but the unencrypted source file moved to the recycle bin, never mind about any corruptible buffer or stack overflows. [That's an example; TC doesn't encrypt single files.] ) Are there password collisions, ie password are actually case-insenstive? or silently truncated after 2 characters?

I suspect that you're (humans) the weakest link because of the XKCD wrench, an easily guessed password, or your likes/habits that could lead to your password. If you can't type your password it's not going to work, and you have to remember how to type it.

It seems to boil down to do you trust the vendor to act in good faith every step of the way? Let's see: -anonymous vendor, +access to source code that compiles to the released binary, +routine usage that makes sense, +updates over time, -weird final message. Personally, i trust them more than MS's native BitLocker, which is sane but has a (understandable) business-released AD key recovery function. (It's not your data but the companies, and they have keys to continue read it.) But is BL actually secure? Dunno, can't tell; we have to trust MS completely on that.

If it (TC v7.1) was good to use the day before sunset, it was good to the use day after too, until known problems arise or non-OS support kills it. But YMMV -- trust whom you see fit. So being curious: what are you using, if not TC?

Re:Um,

[TheReaperD]

If they lived in the U.S., it would be comply or go to prison. If they lived outside the U.S., work for us or GITMO baby! Even if the NSA couldn't actually enforce it, the current nebulous state of U.S legal enforcement powers would make anyone with a bulls-eye on their head nervous.

Re:Um,

Given the developers last message we actually DON'T know if 7.1 was safe to use or not. That is the issue, they could have been compromised well before then, they could have discovered a systemic weakness or they could have just had enough of developing it Without that information you don't have a fucking clue whether it was safe at sunset the day before or completely fucked over by the NSA already.

Re:Um,

[Damarkus13]

Isn't that kinda the point of a security audit?

Re:Um,

The government doesn't need to threaten or do violence. They start with an appeal to conscience -- 'Your software is being used by criminals and terrorists and innocent people are suffering. This is a photo of a father or 3 who was murdered in cold blood by someone we've been monitoring, but we've been unable to access their files. But for your software, we could have saved his life, and his 3 children would have grown up with a father." If unsuccessful, this merges into "Truecrypt is being used by Al Queda, ISIL and North Korea. The groups are actively killing not just innocent people, but your countrymen. They hate your country and they will do whatever they can to bring it down. We'd like to stop them, but your software is giving them free haven. Do you want these people's blood on your hands. It is directly on your hands." Finally, threats of incarceration "We've been tracking high-level persons of interest in these terrorist organizations, and we know that they mean to do harm imminently. We've access their systems and are ready to act to cancel the threat, gather more information, and eventually bring their organization down, but we're not able to read the encrypted data. Encrypted by your software. While we understand that you're not a member of their organization, in so far as you're not assisting us, you're impeding us. If you don't withdraw your encryption software, we'll put you in prison for aiding the enemy. Strong encryption, by the way, is considered a munitions, and is illegal to transfer overseas which you evidently have done."

Somewhere along the line, people who's job/interest is encryption will throw in the towel and just want their normal life back without this stress and pressure.

Re:Um,

[TheReaperD]

It's likely that people working on a project like TrueCrypt that the earlier arguments are not going to work. They know bad people are going to use their software. It's just comes with the territory. It's impossible to build a tool that will help a free speech activist in China (or the U.S. for that matter) and not be able to help an Al Qaeda group or child pornographers. It starts to get a whole lot harder to keep to your principles when your freedom and personal safety start being threatened. That's why the developers of TrueCrypt choose to stay anonymous. It's likely the NSA or similar agency tracked them down and whatever powers that be started threatening them... with what we won't know unless the developers come out of the shadows and tell their side of the story. But, given their final message and the clues that they seeded it with, it sounds like they were served a National Security Letter (which has a built-in gag order or you go to jail) and told to put a backdoor in. Now National Security Letters are complete bullshit and a violation of the U.S. Constitution but, unless you're willing to fight it to the SCOTUS and sit in jail the whole time, it's safer to fold up shop and hide. That's what the developers of TrueCrypt and Lavabit did.

Re:Um,

[grep+-v+'.*'+*]

we DON'T know if 7.1 was safe to use or not.

Isn't that kinda the point of a security audit?

Really, my personal tin-foil take (and I know actually know, I'm just guessing from the reported results and my internal biases) is that the TC authors were "given an offer they couldn't refuse" and forced to hand over the control of the website and code signing keys to someone else.

THAT they did -- but they were not told NOT trash the brand beforehand. So in my happy little fantasy world they put that weird final notice and gleefully handed over the control keys to the code, knowing that no one would ever use any new code originating from it again. Thus complying with the letter of the law, if not quite the imposed spirit of it. (And then survived to tell the tale, or at least managed to survive the encounter. I hope.)

On a completely different topic, antagonizing people with guns is never a smart thing to do. But sometimes it is the right thing to do. Maybe we should ask Paul Revere or another American patriots from years past -- I hear they bothered men with guns a long time ago, too.

(I don't suppose we could give DC -- it's not a state -- back to the British and fund a new capital somewhere? I'd suggest somewhere in Washington State; that way we wouldn't have to change the stationary THAT much.)

Re:Um,

One problem with OSS code is that it turns into a elite-coder-competition so the code is completely obscure to the casual reader (a potential many-eye).

I am not going to bother decrypting your fucking oneliners.

Re:Um,

I use dm-crypt, minus LUKS. Wiped a spare disk with random data so no one can tell which parts have encrypted data and which don't. I use a "horse battery staple correct" style passphrase instead of keys so there are no keys to be found anywhere. If someone beats an incorrect passphrase out of me they will mount the disk no problem, but just see an empty volume. If I really wanted to go super tinfoil hat mode I could set up a second disk with forementioned fake passphrase and chuck some junk on, just to plausibly prove the other disk is empty if I ever had to.

Re:Um,

[Kjella]

Maybe the first clue should be the "other encryption tools" they urged people to use? "Don't use this open source tool, use a closed source tool from Microsoft located in Redmond, Washington, US - home country of the NSA." You can not take that message seriously, it's so absurd that the only purpose of it would be to utterly destroy their credibility. So far we're in agreement. There are three cases where they might do that:

1. There is already a backdoor and they've been under a gag order for years, but decided to release a "canary"
2. There is already a backdoor and they first discovered it when they released their "canary"
3. They were being pressured to include a backdoor and instead released a "canary"

The first one seems highly unlikely, why come with this out of the blue two years after their last release? And if you're going to take the flak for violating a NSL or such, why not come forward as a hero instead of anonymously disappearing into a federal prison? It doesn't make sense. The second one doesn't either, if you're not under a gag order why not publish the backdoor and fix? Why go out in an ominous "you really shouldn't use our software" way? And the likelihood of them finding it in software they're hardly touching and haven't made a release of in two years also seems really slim.

The third possibility makes perfect sense though. The software from 2012 is fine, we're being pressured in 2014 to make a new and compromised version. We can't tell who'll take over our domain/keys and what they'll do after we've been silenced, so we're releasing a canary to make sure nobody will trust anything we say from now on. Hopefully the audit will clear 7.1a of any suspicion leaving the general public with a "last known good version" while we keep our integrity and don't wind up in prison.

Re:Um,

The only place terrorists could probably nuke in the U.S.A. without retaliation is Washington DC.

Re:Um,

Yeah, but it's still a great tool for hiding your porn from kids and spouses....

Re:Um,

[bloodhawk]

No matter how good the auditors are a security audit doesn't guarantee no vulnerabilities or back doors. If it did software security would be a lot easier.

Re:Um,

[Damarkus13]

Perfect is the enemy of good, and all that.

Re:Um,

[hoggoth]

And hope the auditors haven't gotten a compelling visit themselves.

Hmm?

[bhcompy]

Now, almost a year later, the project is back on track. Ptacek, a cryptography expert and founder of Matasano Security, will no longer lead the cryptanalysis and the effort will no longer be crowdsourced. Instead, phase two of the audit will be handled by Cryptography Services, a team of consultants from iSEC Partners, Matasano, Intrepidus Group, and NCC Group.

Are these auditors trustworthy? At least if it's crowdsourced it's an open process.

Re:Hmm?

In other words, OK'd by NSA.

Re:Hmm?

[cdrudge]

Are these auditors trustworthy?

They are the most trustworthy auditors the NSA, CIA, FBI, and the PTA could find.

Re:Hmm?

I know I've been holding out for crypto endorsed by the PTA.

Re:Hmm?

The suddenness of the TC team's departure (having throughout TC's history promised never ever to have any backdoor) coupled with the U.S. gov (FBI)'s inability to crack a South American's business computer after a full year of trying, suggests that their departure was a consequence of U.S. government pressure.

Recent disclosures by Mr. Snowden (Feb, 2015) make it clear that more than mere analysis of the TC code is necessary: the NSA's newly discovered ability to implant code-compromising elements in devices' firmware suggest just how difficult it might be for any analysis to confirm that TC is secure. TC could be perfect, but
if HD firmware is able to read and share passwords then clearly much more work has to be done. I'm proud to have helped the crowd-source effort and wish this new team well .. but their analysis must address topics beyond the TC code itself.

Re: Hmm?

Finally, someone is thinking of the children.

Re:Hmm?

But 9 out of 10 dentists recommend it!

Re:Hmm?

[QuietLagoon]

... TC could be perfect, but if HD firmware is able to read and share passwords then clearly much more work has to be done ... their analysis must address topics beyond the TC code itself.

I disagree. Taking your point to its logical conclusion, the TC auditors should audit every computer on Earth, and all the software running on those computers.

.
That is very clearly beyond the scope of auditing TC.

I do think the TC auditors should publish a caution of some sort about ~the computer that runs TC~ but beyond that, it would be out of scope.

Re:Hmm?

Why stop at drive firmware? What about CPUs? Those are made overseas - maybe China has implanted secret code into CPUs? And what about EEPROMs? What if those are infected? What if there is a way to use satellites to push code through powerlines that tells PSUs to transmit a BlueTooth signal that infiltrates via an exploit into GPU RAM? I supposed the audit should cover that, too? I mean, is there anything that shouldn't be covered by this audit before it could be considered complete?

Re:Hmm?

[chiefcrash]

Isn't that a bit like saying someone auditing Java must also audit the Linux kernel because Java can run on Linux? After all, compromised HDD firmware would affect more than just TrueCrypt. PGP/GPG, Bitlocker, etc... I think it's reasonable to say compromised HDD firmware, while a serious problem, is outside the scope of a TC audit...

Re:Hmm?

[Kjella]

That isn't an either-or thing, more like belt and suspenders. Having crypto-experts review it reduces the risk of subtle compromises going unnoticed, having the general public review it reduces the risk of the reviewers being compromised. To be honest though, I feel the value of a crowdsourced review would be really low. I expect an NSA backdoor to be subtle and highly unlikely to be found by a casual review by developers not particularly specializing in security and code audits. On the other hand it can't harm, all it takes is one man getting "lucky", if you want to be that man the code is open for everyone to look at.

Re:Hmm?

I'd rather trust the guys who get paid to do this every day rather than the armchair psychoanalysts who think it's easy to roll your own crypto. Maybe if among the crowd were Rijmen, Schneier, Shamir, Merkle, Diffie, Elgamal, Biham, et al I'd trust the crowd.

Re:Hmm?

I'd rather trust the guys who get paid to do this every day rather than the armchair psychoanalysts who think it's easy to roll your own crypto. Maybe if among the crowd were Rijmen, Schneier, Shamir, Merkle, Diffie, Elgamal, Biham, et al I'd trust the crowd.

And Theo de Raadt.

Re:Hmm?

[smallfries]

Why bother? The NSA has already done most of them. It would just be redundant.

Re:Hmm?

So sayth the ADA

Re:Hmm?

Stop that Theo. It's impolite.

Re:Hmm?

[Aighearach]

The suddenness of the TC team's departure (having throughout TC's history promised never ever to have any backdoor) coupled with the U.S. gov (FBI)'s inability to crack a South American's business computer after a full year of trying, suggests that their departure was a consequence of U.S. government pressure.

I'm not saying it didn't happen, because nobody knows. But the connection to the US Government here is only as strong as the connection to the Chinese Government, the Russian Government, or the Martian Government. You're just waving your hands while being anti-American.

Re:Hmm?

[AmiMoJo]

Passwords never touch the HDD so there is no way the firmware could read them. They are only ever stored in ram, along with the decrypted keys.

The real danger is that the firmware sends a rootkit instead of the real MBR at boot time, and compromises the whole OS.

TrueCrypt, now with even more backdoors!

[drew_92123]

Courtesy of your friendly freedom loving NSA...

Jesus

Just reverse engineer the code with a decompiler and step through it if you're so concerned.

Re:Jesus

[DiSKiLLeR]

It's already opensource?

Re:Jesus

it was already open source since even first releas.

There is no NSA backdoor.

You won't believe it, but is is actually a giraffe.

Re: There is no NSA backdoor.

The NSA giraffe, saving the Internet since 1754.

Uh, ALL those companies are NCC

"Instead, phase two of the audit will be handled by Cryptography Services, a team of consultants from iSEC Partners, Matasano, Intrepidus Group, and NCC Group."

Uh, all those companies *are* NCC Group. They've got some fantastic talent, but it's a bit of an odd way of putting it. NCC owns iSEC Partners, Matasano and Intrepidus.

Re:Uh, ALL those companies are NCC

"Instead, phase two of the audit will be handled by Cryptography Services, a team of consultants from iSEC Partners, Matasano, Intrepidus Group, and NCC Group."

Uh, all those companies *are* NCC Group. They've got some fantastic talent, but it's a bit of an odd way of putting it. NCC owns iSEC Partners, Matasano and Intrepidus.

Shh. :-)

Really Glad to see this

[pugugly]

I really would like to see Truecrypt live and usable again. Just in terms of having a great and useful interface/featureset Truecrypt was and hopefully will again be the best crypto out there. Assuming it audits well of course.

Truecrypt inside BTsync would be amazingly powerful.

Pug

Re:Really Glad to see this

I assume you've seen VeraCrypt and CipherShed? I know VeraCrypt fixed some of the issues highlighted by the first part of the TrueCrypt Audit.

Re:Really Glad to see this

I am not a criminal, I don't care if the feds and their GPU server farms can unencrypt my files. I only want to protect the files on my laptop and backup drives in case some meth head steals them. What is the best/easiest way to do this?

Re:Really Glad to see this

Draw a Venn diagram and find out who's in the intersection of "feds" and "meth heads", then save yourself the trouble by handing over your data to them.

Re: Really Glad to see this

yeah. quite happy with veracrypt so far. now have 10 or twenty containers shared across all the main oss's linux macos and windows via btsync.

is there any alternatives to achieve that?

Riiiiight.

[geminidomino]

So an audit performed by a closed group of corporates who have, no doubt, been thoroughly vetted and has never, ever, ever gotten a phone call from anyone in a suit offering them the choice of a bag of cash to play ball, or an increased probability of "accidents" and "unfortunate data leaks."

Given the farewell address we got from the TC devs, which I'm sure most of us remember, and the laughable suggestions of "alternatives," there are two strong possibilities for why the project was shuttered:

1. The developers all suffered a massive psychotic break at the same time.
2. A canary so big and obvious that it's more of a "warrant roc."

They may have ended the "silence", but the "uncertainty" is still alive and well, AFAIC.

Re: Riiiiight.

developers like veracrypt will still provide a another eye over the code.
plus the source code is available and any cs student can look over it.

the actual code is quite simple. I've looked over it myself. doesn't have any of the usual complex gumpf and doing an audit would actually make a good tutorial for some cs students.
so at the very least what they find will make it more secure. and no way given the first audit they are going to give it a clean bill of health. the results of that audit will help many other developers ensure they don't make the same mistakes.

What it really reveals

[Overzeetop]

This is good, or bad, depending on the tightness of your tin foil, but I think it reveals something far more important about encryption: we, the average users, are powerless to verify or truly trust any encryption solution offered. To realize that an audit of the code for a single-purpose program can only be done by a very small set of people shows that even with open source we're still just trusting others to safeguard our data. The need for encryption and the mathematical and coding complexity required to understand what we are using to safeguard our data is simply beyond our ability to check that it even makes sense at a basic level.

I'm not so sure I welcome our mathematical overloads.

Re:What it really reveals

[rvw]

This is good, or bad, depending on the tightness of your tin foil, but I think it reveals something far more important about encryption: we, the average users, are powerless to verify or truly trust any encryption solution offered. To realize that an audit of the code for a single-purpose program can only be done by a very small set of people shows that even with open source we're still just trusting others to safeguard our data. The need for encryption and the mathematical and coding complexity required to understand what we are using to safeguard our data is simply beyond our ability to check that it even makes sense at a basic level.

We - even IT power users and programmers - are mostly powerless to verify not only encryption programs, but the underlying OS as well. As Shutterworth said, if you use our OS, you have to trust us, because we have root .

Re:What it really reveals

We also trust others to remove the toxins from our water. I think there is some other issue here, which is that very few people ever actually evaluate code.

Re:What it really reveals

You're naive at best to disagree and use that as a supporting argument. Even you are aware you are trusting source you aren't verifying ( and very few are, or capable)

Re:What it really reveals

[grep+-v+'.*'+*]

I had a high-security scenario ... [and] was happy enough that everything was traced back the sources enough to make me feel secure.

So you've compiled "everything" from source code? Then you're all good to go -- the code will be exactly what the compiler produced, but NOT necessarily what the source code actually says.

Huh? See Reflections on Trusting Trust, from back in the pre-NSA days where one special guy could easily log into any Unix system: "I could log into that system as any user."

He's not BSing or joking, either.

Re:What it really reveals

[Aighearach]

Ah, yes. We know that know nothing, so have learned everything. Wait, we know everything, so we learned nothing. Nonono. We learned everything, so we know nothing. Okay, okay, we know nothing, and... and... I keep getting stuck right there. We can't really know anything. Encryption relies on trust, and nothing can be trusted. There is no method of verification of anything.

The obvious implication is that encryption cannot protect us from over-arching conspiracy. You don't need to adjust your tin foil for that, either; however much conspiracy you believe in/worry about, then encryption can't protect you from that. So don't bother.

Encryption is probably only useful against relatively powerless individuals who want to steal your crumbs or find out who you're sleeping with. The more safety you think you need, the less able encryption will be to provide it. If you're a dishonest spouse and trying to hide that, it might be effective; unless you're willing to write a part in the conspiracy for your spouse, then not so much. Though getting busted and divorced might be the most expedient path to a healthy, self-consistent life. But encryption can never protect you from yourself.

And if you want to protect your data from The Wench, you'll need an automatic suicide implant with a strict watchdog timer. But nobody should ever let themselves become that embarrassed about what pr0n they watch.

Re:What it really reveals

[Aighearach]

Luckily for us, we were inside your ISP's server, and were able to provide you with corrected hashes from the official URLs, and various original sources. It wasn't that hard, we just dumped your traffic through special transparent proxies that scanned the response data for the original hashes, and replaced them.

True, you didn't built everything from source, but you were happy enough that everything traced back to "the" sources to make you feel secure. That's a lot more protection than anything from a commercial vendor, who probably just sold you formulaic encryption without any extra work to make you feel secure. Your data would have been more secure, if not actually secure, but you'd have felt it less, because really you have no way of knowing. So without somebody taking the extra time to make you feel secure, you naturally wouldn't feel it very much, if at all.

DISCLAIMER: FICTION fnord

Re:What it really reveals

Huh? See Reflections on Trusting Trust, from back in the pre-NSA days where one special guy could easily log into any Unix system: "I could log into that system as any user."

He's not BSing or joking, either.

You're distorting the point of his article. I really get sick of non-security people who don't know much about programing referencing Ken Thompson. It's asinine to say you can't trust code that you did not totally create yourself.

There are a number of ways to audit compilers and the hardware that composes a computer system for tampering and malicious behavior.

http://programmers.stackexchange.com/questions/184874/is-ken-thompsons-compiler-hack-still-a-threat

Re: What it really reveals

[Threni]

No different to trusting Microsoft to not send your data to them when they do virus checks. You're already trusting the food chain, doctors etc.

Re:What it really reveals

[Aighearach]

Nonsense, it is absolutely do-able to have a realistic understanding of your actual security. The impossibility of secrecy does not refuse the usefulness of true information.

And I agree, there are few things more secure than the best available open offerings. But well financed law enforcement and security agencies are outside of that security. That the attack vectors are not revealed as such in the media is meaningless when the necessary capabilities are know to be possessed by them, and where their tactics are considered secret.

Luckily once somebody being honest about the security situation understands all that, they can just get on with locking out black hats, which is what the software can do; protect you from those without legal recourse to tell your ISP what to do. You just can't protect your privacy from government actors based solely on technology. They're in the position to MITM anything, to keylog anything, to anything anything.

Truecrypt's dead; what do you recommend then?

It's pretty clear that no one is willing to touch truecrypt with a ten foot pole, so that raises the question of what are people using and recommending to others to use in its' place?

Re: Truecrypt's dead; what do you recommend then?

DiskCryptor - open source
https://diskcryptor.net/wiki/Main_Page
Unlike TrueCrypt which was designed for empty volumes, diskcriptor was designed from the ground up for data volumes in use and is therefore faster. Vera is based on TC and uses the same lame, imho, emtpy volume theme.

vera crypt

I installed VeraCrypt on a new laptop. It took a few minutes to mount a volume (160GB on SSD). I uninstalled VC and installed TrueCrypt. Maybe NSA can decrypt it - I don't care - I'm not their target. I just need to protect projects that I'm working on from laptop thieves.

Re:vera crypt

Maybe NSA can decrypt it - I don't care - I'm not their target.

Don't be silly. You are their target. Everyone that fits into one of these groups is a target:

1) Not an American citizen
2) Is an American citizen

Re:vera crypt

[BronsCon]

How many files? Probably took a minute to transmit the directory structure and file hashes to the NSA.

Re:vera crypt

I suspect you're being sarcastic, but the reason for the delay VeraCrypt has when opening TrueCrypt volumes is explained on the VeraCrypt website. VeraCrypt uses different encryption algorithms and parameters by default than TrueCrypt, and there's no way to "detect" what algorithm was used. Therefore, VeraCrypt first tries to use its default algorithms to open the encrypted volume. If that fails, then it iteratively tries other combinations of encryption algorithms until it finds one that works. It takes it a while before it gets down to the algorithms TrueCrypt used to use.

Re:vera crypt

Volume was empty - I just created it.

Re:vera crypt

I selected encryption that should be used. I tested AES with sha512, sha256 and whirpool. Results was similar. This was stable version of VeraCrypt.

Re: vera crypt

latest version of veracrypt opens truecrypt files.

Re:vera crypt

[BronsCon]

Yes, is usually a good indicator that someone was making a "tinfoil hat" joke. Been here long?

old maxim

You get what you paid for?

Leverage?

[YuppieScum]

I imagine that the the suggestion of trepanning ones extended family using 9mm hollow-points might act as an incentive...

Comment removed

[account_deleted]

Comment removed based on user account deletion

TrueCrypt is not open source software.

[dwheeler]

TrueCrypt isn't open source software, in spite of the author incorrectly claiming it is. More detail is here, which the author could have learned in 2 minutes of Googling: http://en.wikipedia.org/wiki/T... ... for your amusement, I have quoted it below:

TrueCrypt was released under the "TrueCrypt License" which is unique to the TrueCrypt software. It is not part of the pantheon of widely used open source licenses and is not a free software license according to the Free Software Foundation (FSF) license list, as it contains distribution and copyright-liability restrictions. As of version 7.1a (the last full version of the software, released Feb 2012), the TrueCrypt License was Version 3.0.

Discussion of the licensing terms on the Open Source Initiative (OSI)'s license-discuss mailing list in October 2013 suggests that the TrueCrypt License has made progress towards compliance with the Open Source Definition but would not yet pass if proposed for certification as Open Source software.

According to current OSI president Simon Phipps:

...it is not at all appropriate for [TrueCrypt] to describe itself as "open source." This use of the term "open source" to describe something under a license that's not only unapproved by OSI but known to be subject to issues is unacceptable.

As a result of its questionable status with regard to copyright restrictions and other potential legal issues, the TrueCrypt License is not considered "free" by several major Linux distributions and is therefore not included in Debian, Ubuntu, Fedora, openSUSE, or Gentoo.

The wording of the license raises doubts whether those who use it have the right to modify it and use it within other projects. Cryptographer Matthew Green noted that "There are a lot of things [the developers] could have done to make it easier for people to take over this code, including fixing the licensing situation", and speculates that since they didn't do those things (including making the license more friendly), their intent was to prevent anyone from building on their code in the future.

End of life and license version 3.1

The 28 May 2014 announcement of discontinuation of TrueCrypt also came with a new version 7.2 of the software. Among the many changes to the source code from the previous release were changes to the TrueCrypt License — including removal of specific language that required attribution of TrueCrypt as well as a link to the official website to be included on any derivative products — forming a license version 3.1.

On 16 June 2014, the only alleged TrueCrypt developer still answering emails, replied to an email by Matthew Green about the licensing situation. He is not willing to change the license to an open source one, believes that Truecrypt should not be forked, and that if someone wants to create a new version they should start from scratch.

Re:TrueCrypt is not open source software.

On 16 June 2014, the only alleged TrueCrypt developer still answering emails, replied to an email by Matthew Green about the licensing situation. He is not willing to change the license to an open source one, believes that Truecrypt should not be forked, and that if someone wants to create a new version they should start from scratch.

While in principle I usually agree that the authors copyright should be respected, if the author is going to remain anonymous then how is he/she going to sue for an infringement? I suppose they could sell/pass the rights to TrueCrypt to a non-anonymous entity that could turn up in court and sue. Otherwise, I respectfully suggest that the anonymous developer fuck off.

Re:TrueCrypt is not open source software.

Said the AC ;) You have a good point though.

Re:TrueCrypt is not open source software.

if the author is going to remain anonymous then how is he/she going to sue for an infringement? I suppose they could sell/pass the rights to TrueCrypt to a non-anonymous entity that could turn up in court and sue. Otherwise, I respectfully suggest that the anonymous developer fuck off.

That said: it is well established that even a pseudonymous author still legally owns copyright unless they've signed it over. Is it possible that "The Truecrypt Foundation" is an actual legal entity that can sue without revealing the developers names?

Re:TrueCrypt is not open source software.

One theory is that the TrueCrypt authors are a department within CIA or NSA. They did not want a license that permitted changing the code and embedding it in other products because that could break their invisible backdoor or built in flaw.

Re:TrueCrypt is not open source software.

This use of the term "open source" to describe something under a license that's not only unapproved by OSI but known to be subject to issues is unacceptable.

I find it rather unacceptable that some douches want a monopoly on the definition of "open source." In common language it means absolutely nothing more than "the source code is open," in other words, you can download it and look at it. So TrueCrypt absolutely is open source software.

I'm also rather annoyed that they claim it isn't possible to continue development simply because it isn't possible to strip TrueCrypt of its license and apply the GNU GPL instead. Fuck the GPL, just use BSD code or code under any other free software license. There's no reason projects can't exist that combine code under different licenses. The only issue is that the GNU GPL forbids it, and that's the sole reason people are bitching about the TrueCrypt license: It doesn't allow you to drop the TrueCrypt license and apply the GPL license instead.

That's exactly what people mean when they say a license is "GPL-compatible." BSD is GPL-compatible because it's OK to apply the GPL license to BSD code. (at least it doesn't forbid it, but it doesn't permit it either, so who knows really) However, get a license like the TrueCrypt License and it isn't GPL-compatible because it says that you are not allowed to apply another license to the code. That doesn't mean that you can't add new code and say that your code is under the BSD license. It just means that you can't add code and say that your code is under the GPL license, because the GPL requires that you license the entire project under the GPL and you're not allowed to do that because you didn't write the entire project and you don't get to choose the license for the code you didn't write.

Fucking "Free with a captial F" people piss me off. You want to be all Orwellian with your redefinition of language to suit your own purposes? Go fuck yourself. We all know what "free" means and we all know what "open source" means and you don't get to bandwagon on the popularity of "free" and "open source" things by redefining your bullshit as the true meaning of "free" and "open source" just so that you can pretend that everyone is genuinely interested in your bullshit and not the actual meanings of those words.

Re:TrueCrypt is not open source software.

[Richard_at_work]

...it is not at all appropriate for [TrueCrypt] to describe itself as "open source." This use of the term "open source" to describe something under a license that's not only unapproved by OSI

Seriously, talk about pretentious - sorry, OSI you don't get to decide who gets to use the term, you don't have a monopoly on it.

Re:TrueCrypt is not open source software.

Hey moron, OSI has nothing to do with the GNU GPL folks, or the BSD ones, etc...

Re:TrueCrypt is not open source software.

...it is not at all appropriate for [TrueCrypt] to describe itself as "open source." This use of the term "open source" to describe something under a license that's not only unapproved by OSI

Seriously, talk about pretentious - sorry, OSI you don't get to decide who gets to use the term, you don't have a monopoly on it.

Actually they do. http://opensource.org/osr-intro

The Open Source Initiative (OSI) is a global non-profit that supports and promotes the open source movement. Among other things, we maintain the Open Source Definition, and a list of licenses that comply with that definition. See our about and history pages for more.

Re:TrueCrypt is not open source software.

[Richard_at_work]

Did you even read the link you posted? It merely backs up exactly what I said - they don't have a monopoly on it, but claim to anyway.

The fact that it is a global non-profit doesn't give them exclusive rights to the term.

The fact that they support and promote the open source movement doesn't give them exclusive rights to the term.

The fact that they maintain a definition which they created doesn't give them doesn't give them exclusive rights to the term.

The fact that they maintain a list of licenses which comply with their aforementioned definition doesn't give them exclusive rights to the term.

Basically all that page says is "we made up a definition of 'open source' against which everyone else must measure up" and now they stomp around claiming to own the term. Fuck them.

Creating a definition doesn't give you exclusive rights to the term you are defining - they created one definition, that's all. That doesn't give them the right to claim themselves as the only measuring stick against the term - so saying "its not open source" is nothing more than marketing bullshit from them, because they have not added the proviso of "as per our definition of the term".

Re: TrueCrypt is not open source software.

[Threni]

How can they prove that I am not a member?

Re: TrueCrypt is not open source software.

[Threni]

You're confusing open source and free. It's open source. You can see the source, use it, change it, and fork it, subject to certain restrictions, such as not calling it Truecrypt. Seems fair to me. Whether this or that distro has decided to include it or not tells us very little.

Re:TrueCrypt is not open source software.

No fuck you, you're a moron. As defined by the international moron group. IMG.

Re:TrueCrypt is not open source software.

So there's more than one group of douches. Does that change my point?

Re:TrueCrypt is not open source software.

Keep in mind the context you're replying to. Someone suggested decompiling TrueCrypt in order to analyze it, to which someone replied that that isn't necessary because it's already open source. In the context of this discussion "open source" just means that the source is available.

This use of the term "open source" to describe something under a license that's not only unapproved by OSI but known to be subject to issues is unacceptable.

I find it extremely arrogant that the OSI thinks it can dictate what the term "open source" means. It's not their trademark. The term has been around much longer than OSI. Before it became a political ideology, "open source" just meant the opposite of "closed source." The only distinction was whether the source was available or not. Of course now it has come to mean more than that but depending on context it's still perfectly acceptable for anything that isn't closed source to be called open source.

Re:TrueCrypt is not open source software.

[rdnetto]

As a result of its questionable status with regard to copyright restrictions and other potential legal issues, the TrueCrypt License is not considered "free" by several major Linux distributions and is therefore not included in Debian, Ubuntu, Fedora, openSUSE, or Gentoo.

While this is true of the others, it is not true of Gentoo. Gentoo's policy seems to be that while the base system should not depend on non-FOSS components, having them present in the main tree is fine. (This might be partly because it's pretty easy to filter which licenses you want on your system using ACCEPT_LICENSE.)

Another rumor ...

... was that TC was actually developed by the NSA. There's a webpage somewhere arguing for this, partly based around the insistence on anonymity by the (allegedly 3 only) developers, on the dubious code provenance and suspicious registration of the "Truecrypt Foundation", and also on the shear amount of work it would take to put out TC releases across three platforms and keep these tested and maintained. This would normally take a small company of developers to produce, certainly more than three.

When the backdoored or weakened code looks like being found out by an audit, TC suddenly goes bye-bye and the unknown developers are nowhere to be found.

It is not implausible?

Re:Another rumor ...

... was that TC was actually developed by the NSA. There's a webpage somewhere arguing for this, partly based around the insistence on anonymity by the (allegedly 3 only) developers, on the dubious code provenance and suspicious registration of the "Truecrypt Foundation", and also on the shear amount of work it would take to put out TC releases across three platforms and keep these tested and maintained. This would normally take a small company of developers to produce, certainly more than three.

When the backdoored or weakened code looks like being found out by an audit, TC suddenly goes bye-bye and the unknown developers are nowhere to be found.

It is not implausible?

http://www.privacylover.com/encryption/analysis-is-there-a-backdoor-in-truecrypt-is-truecrypt-a-cia-honeypot/

The CIA was mentioned, not the NSA. But same difference.

Re:Another rumor ...

[joe_frisch]

Once trust is lost, you can't get it back. There is no way to trust the people who are telling you to trust the audit. NSA *could* be anywhere. That doesn't mean that they ARE anywhere, but I can't see any way to trust any software or audit process. (unless you are one of the extremely rare people who can personally audit the code).

If you had a piece of code that *you* knew was completely secure, how could you convince me of that?

Re:Another rumor ...

[Aighearach]

Once trust is granted, all is lost.

One credulous enough to grant trust today, might renew that trust tomorrow.

If you think trust was lost because "NSA," then you might just be credulous enough to be convinced. Maybe not by me, but by a person commanding enough resources and enough parallel constructions that relate to your own life.

The only way not to be deceived by trust is not to trust. Trust lost is trust longing to be re-found.

Re:What about North Korea and USA regimes?

Last time I checked there were crazy people all over the world shooting non-crazy people. While there is gun violence in the USA, it is not limited to the USA.

It's a TARP!

"I warned him!" - The real joker

Pissed off developers needed money

I suspect Truecrypts real fate was the fundraising for it. Truecrypt promoted donation for it on their website to continue development. I was tempted to donate a big wad of cash, but only after audit.

The fundraiser for the AUDIT of Truecrypt got a lot more money than the fundraising for Truecrypt, I suspect, and so the developers said f*** it and pulled the plug in disgust.

Fair enough, their work deserved money and they weren't getting it.

Re:Pissed off developers needed money

"The fundraiser for the AUDIT of Truecrypt got a lot more money than the fundraising for Truecrypt, I suspect, and so the developers said f*** it and pulled the plug in disgust."

this.

Wrong order

[allo]

First clean room reverse engineering / rewriting
Then an audit of the resulting tool. What does a audited truecrypt help, if you cannot continue developing it, because the license is nonfree? So first rewrite it with a free license.

Re:Wrong order

Since the developers are gone and not keen to show their faces in public, the chance they'll sue for copyright infringement is approximately zero. TrueCrypt is effectively public domain software now.

Re:Wrong order

[allo]

except no serious software developer will start an project with a new licence based on abandonware.

Proof

The only proof as to the security of these programs is going to be the government revealing data that was secured by TV/VC/etc and thereby exposing that the programs have been broken.

Words have meanings

[dwheeler]

The vast majority of people who use the term "open source software" use it with roughly the same meaning as OSI does, which is all that matters. You can confirm this with a quick Google search. Also, note that many organizations that require something to be be "open source software" will point to the OSI definition.

By the commonly-used definition of "open source software", you MUST be able to fork the project and maintain your own version. You cannot legally do that with TrueCrypt, therefore, by definition it is not open source software. Case closed.

Repost.

[Zarjazz]

I think /. needs to audit their own posts ...

http://it.slashdot.org/story/1...

Comment removed

[account_deleted]

Comment removed based on user account deletion