Slashdot Mirror

← Back to Stories (view on slashdot.org)

Newly Found TrueCrypt Flaw Allows Full System Compromise

Posted by timothy on from the so-maybe-move-on dept.

itwbennett writes: James Forshaw, a member of Google's Project Zero team has found a pair of flaws in the discontinued encryption utility TrueCrypt that could allow attackers to obtain elevated privileges on a system if they have access to a limited user account. 'It's impossible to tell if the new flaws discovered by Forshaw were introduced intentionally or not, but they do show that despite professional code audits, serious bugs can remain undiscovered,' writes Lucian Constantin.

3 of 106 comments (clear)

  1. See? by Lirodon · · Score: 4, Interesting

    This is why it was discontinued. Stop using TrueCrypt.

  2. Re:Clarification? by Anonymous Coward · · Score: 0, Interesting

    True but it's always safer to run security-sensitive software on a non-Windows system.

    This is empirically provable because Windows is closed source. Since it's impossible to prove a negative, the number of flaws in a closed-source system can never be determined and thereby always must be considered more insecure. Even if we subtract out the effect of low-quality coding/design inherent in the Microsoft ecosphere.

    And this is of course obvious from an anecdotal standpoint given the vast majority of viruses and bot-ted Windows systems out there over the last decade.

  3. Re:Clarification? by GuB-42 · · Score: 3, Interesting

    I am not aware of any security technology which can stop an attacker who has broken the file system driver for the root file system. I am not sure what that kind of technology would even look like -- all the ideas I can think of are completely impractical.

    It would look like what a lot of people here tend to hate.
    - Bootloader (BIOS, EFI, ...) checks that the OS kernel is signed by a trusted authority
    - The kernel checks that each module and system file has the correct signature before it is loaded
    If the root filesystem driver is compromised, it can tamper with system files but because the signature won't match, the kernel will refuse them. And it can't patch the kernel either because it will be refused by the bootloader.

    Samsung KNOX is a full stack implementation working from the bootloader to user applications. On PCs you can start with the UEFI secure boot. Unfortunately, all these solutions tend to impose some root of trust and often don't go well with opensource communities.