TrueCrypt Safer Than Previously Thought

An anonymous reader writes: Back in September, members of Google's Project Zero team found a pair of flaws in the TrueCrypt disk encryption software that could lead to a system compromise. Their discovery raised concerns that TrueCrypt was unsuitable for use in securing sensitive data. However, the Fraunhofer Institute went ahead with a full audit of TrueCrypt's code, and they found it to be more secure than most people think. They correctly point out that for an attacker to exploit the earlier vulnerabilities (and a couple more vulnerabilities they found themselves), the attacker would already need to have "far-reaching access to the system," with which they could do far worse things than exploit an obscure vulnerability.

The auditors say, "It does not seem apparent to many people that TrueCrypt is inherently not suitable to protect encrypted data against attackers who can repeatedly access the running system. This is because when a TrueCrypt volume is mounted its data is generally accessible through the file system, and with repeated access one can install key loggers etc. to get hold of the key material in many situations. Only when unmounted, and no key is kept in memory, can a TrueCrypt volume really be secure." For other uses, the software "does what it's designed for," despite its code flaws. Their detailed, 77-page report (PDF) goes into further detail.

Oh, bore off

This is not the first TrueCrypt's audit (no, I'm not linking the others, search for them), nobody has ever found critical flaws in it, as long as one understands what TrueCrypt's "threat model" is. Obviously TrueCrypt won't save anyone from the stupidity of leaving a computer with mounted encrypted volumes physically avaliable to everyone.

Re: TrueCrypticles!

[Kjella]

So some people actually thought disk encryption is safe even if an attacker has access to the system? How so? I mean.... if you leave your front door unlocked it is apparently such that anyone else can enter without a key. I guess tat's an obvious fact that most people would agree so why then is not apparent that an unlocked encrypted disk is accessible to anyone that is logged into the system? Seriously that eludes me.

Not access to the system, access to the front door. They can't break down the door, but they can tamper with it so the next time you unlock it they copy the key or slip in with you. Which means the door isn't sufficient, but the remaining threats aren't the fault of the door. It does its job of staying locked until someone presents the right key.

Re:Two things: update to 1970 and running unmounte

[chmod+a+x+mojo]

I know this is /. , but god damn, read the fucking summary at least.

Oh, and your analogy is flawed as well:

Until the mid 1980s, computers were used via terminals. The company would have one computer used by dozens of people. Obviously, one person shouldn't be able to mess with a different person's files, processes, etc. Since these computers were used over a network, they ran a network operating system such as Unix...... Consider also my use case, the model that probably should be used by anyone who actually cares about the security of certain files. I don't decrypt and mount my most confidential information every time I want to read Slashdot or XKCD. I mount my encrypted volumes only when I need to access those confidential files. So 99% of the time, my computer is -running- and those files are completely -inaccessible- . A Flash exploit which provides access to my machine shouldn't mean they have access to my encrypted file system, which I haven't opened since July.

First: these "exploits" being mentioned require someone have access to the system already (in other words you are boned from the beginning). In your analogy this would be someone looking over your shoulder when you log into your terminal session and copying down your username and password, then later logging in to see / copy your files.

Secondly: if you would bother to take the time to read TFS you would realize that the entire second half of what you posted is exactly how truecrypt volumes are working right now. As of right now there are no known vulnerabilities or exploits to read (or write) usable data from an UNMOUNTED truecrypt volume.