TrueCrypt Website Says To Switch To BitLocker 566
Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. ... You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there's been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases. A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a 'big announcement' soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.
Re:Fishy (Score:4, Insightful)
Yes. You are right. This doesn't seem "right" at all. The very definition of fishy.
Bummer (Score:5, Insightful)
The best aspect of Truecrypt was the cross-platform compatibility. Being able to open an encrypted drive on any platform was the killer feature.
Re:So, what now? (Score:4, Insightful)
It's not as if 7.1a is suddenly unexecutable...
Re:Fishy (Score:5, Insightful)
The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.
It seems to imply that the following thought process: The only purpose of TrueCrypt was in order to support Windows XP, which is no longer supported, so it's not useful for that purpose anymore. Since new operating systems provide their own encryption mechanisms, there is no value in the project, so we're shutting things down.
However, the fact that Windows XP has lost official support does not mean that no one is using Windows XP anymore. Further, one of the valuable aspects of TrueCrypt was that it was open source (meaning the encryption could be independently verified) and cross-platform (meaning a disk encrypted on Mac could be accessed on Windows and vice versa). There's still a lot of potential uses for such a project.
Aside from that, what would possibly be the harm in continuing to provide the source code? If the intention were to deny people binaries as a method of providing a stern warning to potential users, surely they could still provide the source and say, "... but if you know what you're doing well enough to make use of the source code, go ahead and use at your own risk."
Something's wrong here, unless the people maintaining the project are just kind of retarded.
What's in my TrueCrypt volume? (Score:5, Insightful)
The only things in my TrueCrypt volume are password lists, tax info, etc.
And those are encrypted separately before being put in the Truecrypt volume.
That way if my machine were to be hijacked while I have the volume mounted, I wouldn't lose all the data to nefarious purposes.
And if the device is stolen, there's two layers of security to get through. (Which around here would just be the thieves deleting everything and selling it for Oxy)
Re:Fishy (Score:5, Insightful)
it appears it might be compromised.
From https://news.ycombinator.com/i... [ycombinator.com]
Odd, 6 hours ago someone updated the TruCrypt-key.asc files, then 3 hours later posted all the new binaries.
Also odd is whoever posted the new binaries completely yanked all the previous ones, leaving only the new and questionable binary available for download.
Trust (Score:2, Insightful)
Truecrypt was the hardest thing for the NSA (Score:5, Insightful)
Re:Fishy (Score:5, Insightful)
The only purpose of TrueCrypt was in order to support Windows XP, which is no longer supported, so it's not useful for that purpose anymore.
I thought the purpose was to facilitate moving encrypted volumes between different operating systems? Why wouldn't that be useful on Windows 8? How do I mount a Bitlocker volume in Linux?
Re:Fishy (Score:5, Insightful)
If you're gonna post compromised binaries of TrueCrypt, you generally wouldn't stick them on a page with "WARNING: Using TrueCrypt is not secure" in large, bright red text. You'd also expect some kind of statement from the good folks that have been running TrueCrypt for the past decade.
I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow. I would stay far, far away from that latest binary, if I had to guess it contains whatever loophole they were ordered to put in place, hence all the big and bright warnings.
Re:Fishy (Score:5, Insightful)
Yep, I'm guessing National Security Letter. The only defence against being forced to hand over signing keys or release versions with flaws and backdoors is to release a final version yourself to discredit any future releases.
The web site looks hastily knocked up, which supports this theory. What I can't quite get my head around is the suggestion to use BitLocker though. I know MS resisted an NSL recently, but that doesn't meant we can trust BitLocker.
Alternatively, maybe the site is by the person behind the NSL, trying to drive people to BitLocker which is already compromised. Since TrueCrypt is being audited maybe they figure they can't insert back doors now.
Either way, this is and extremely worrying development in the crypto wars.
distinction without a difference (Score:5, Insightful)
So, either they got attacked by someone who was able to both deface the website and *sign code with their GPG key*, or the announcement is genuine.
I think the obvious response is precisely identical in either case...
Re:Fishy (Score:4, Insightful)
Sabu doesn't have the skill to write TrueCrypt. No offence to the guy, but it's just not the sort of thing he does. He was a glorified script kiddie, his main value being community standing and some admin tricks he learned to defeat DDOS attacks and dox the people behind them.
Re:Fishy (Score:3, Insightful)
All sorts of people who like the idea of encryption enough to check a few boxes and type their password, but not enough to make their system hard to support or use, and who don't consider their data valuable enough to be worth much extra work -- i.e. people choosing between doing nothing to protect their data and doing something. Common applications include transparent encryption on all corporate desktops/laptops.
Whether you trust MS or not, BL provides reasonable protection against the most common threat -- theft/loss to someone primarily interested in the resale value of the hardware. Most people aren't worried about the NSA getting their data, and those that are aren't relying on boot-time-unlocked full-disk encryption from any provider, as the model itself is insecure against serious attackers.
Re:Fishy (Score:5, Insightful)
Um, anyone using Windows should trust Microsoft enough to use their disk encryption. Or they shouldn't be using Windows at all.
Re: Fishy (Score:3, Insightful)
Your last point is exactly why I want truecrypt to survive. Also i love the TC hidden volumes implementation.
Re: Fishy (Score:5, Insightful)
As a former softie, all I can say is that i would trust bitlocker over pretty much any solution on the market and here are the reasons why:
1. Microsoft would not knowingly backdoor bitlocker. The NSA pressured the team leads, but management was adamantly opposed and declined to acquiesce.
That was then. Nowadays we have (unconstitutional) things like a National Security Letter [wikipedia.org] where they can force you to put in a backdoor and prohibit you from telling anybody about it under penalty of imprisonment. If you are a little guy like Lavabit you can just go out of business rather than comply but if you are Microsoft you put the backdoor in, telling only the actual people that need to know and informing them they are going to federal PMITA prison if they tell anyone. Unless you were the guy who put the code in you wouldn't know anything about it.
2. Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling. Crippling not with the OSS crowd, but enterprise customers. The only loser would be Microsoft and they would not recover.
With only binaries to analyze it is certainly possible that a NSA backdoor could go undetected in bitlocker. Particularly if the backdoor was in the form of an intentional error in an algorithm or a purposefully weak cipher (hello RSA!).
3. There simply not enough people involved in the Truecrypt project at the moment to make it a truly secure solution. This isn't the Linux Kernel. For FDE, I wouldn't trust an FOSS until more audits and testing has been done. The reason is not because of technicalities, but because of legal liability reasons. For an FDE solution I either would want a private company to back the product or I would want a strong and active community truly backing the continuing development of the FOSS.
That said, I'm really hoping the audits come back positive and that development continues.
I hope that development continues as well. More developers would be nice but on a mature project usually there is only low-glory bugfixing going on so a) less developers want to participate because there is less glory and bugfixes are boring and b) there doesn't need to be a lot of developers as there is less workload. Obviously an independant audit would be ideal but that generally means money and somebody has to pay.
Re:I'll ask... (Score:5, Insightful)
Nice try, NSA. You're not gonna fool us that easily.
Re:Fishy (Score:2, Insightful)
If it were a NSL that forced TrueCrypt to close up shop, there will be blowback, and not the good kind. This is reminding me of the crypto wars of the early to mid 1990s, maybe even with some Operation Sun Devil thrown in.
What happened with the Clipper Chip fiasco was that crypto went from just something on the edges that geeks used... to something mainstream (the Streisand effect before it was called it.) Crypto development started moving offshore, where ITAR became pointless [1]. Luckily common sense came into play and ITAR was replaced by EAR, and US companies could use crypto with actual security.
How does this pertain to TrueCrypt? There are a lot of countries that don't like the US now, and having a TrueCrypt fork [2] that would be developed, maintained, and funded by a government for their propaganda department ("hey, look what we are doing to foil the evil US, we have actual security software.") Now, TrueCrypt which could have been monitored is now a lot harder to police and watch with the backers going from an anonymous organization to a well-heeled nation.
Encryption isn't new. One could grab code from a 1990s version of PGP, reference AES libraries and make something fairly easy. It would take time to test, but with all the anti-US press, people would pop out of the woodwork.
I do worry though. If NSLs were used to shut down TrueCrypt (or force a backdoor), then the blowback can be enormous, and a nation hostile to the US could use this enormously for their propaganda departments [3]
[1]: If people broke the law and used an encrypted mechanism, LEOs either had to tip their hand and break the encryption (which would mean people would stop using that mechanism), or just deal with it, as once the files were out of the US, they were legal. It was the bits leaving the US that was considered on the sale of exporting arms.
[2]: The fork in theory could just copy the TC code and slap whatever license the fork-ees felt like. It is doubtful that anyone would come and enforce the copyrights at this stage.
[3]: Russia's is doing so well, Putin has been damn proud of it. So far, their work has turned a solid country into a mass of people hating themselves and the government, which is a military objective success that could NEVER have been done by a previous Russian leader without a lot of nukes. Same with Snowden's handler... the Russian who got him to spill the beans accomplished an objective that could not have even been thinkable before the 2008 economic crash.
Re:What's in my TrueCrypt volume? (Score:4, Insightful)
Tax returns contain the following:
Name, address, Social Security number, income, employer info, spouse and dependent names and Social Security numbers, bank account number and routing number (if using direct deposit for your refund). Surely you can see why you wouldn't want that information falling into the hands of whoever stole your laptop, right? A tax return is basically the golden snitch of identity theft.
Re:Fishy (Score:3, Insightful)
Re:Fishy (Score:5, Insightful)
Because the short pause it signifies, used verbally, implies "I'm just stating the bloody obvious, but..."
Re: Fishy (Score:5, Insightful)
Automatically unlock the drive to boot is a false sense of security, if the computer can boot autonomously then it has the key and therefore so does anyone who steals the whole machine (as opposed to stealing just the drive)... You're no longer relying on the strength of the encryption, but rather the strength of the obfuscation used to hide the key.
Re:The reason is... (Score:4, Insightful)
Yes that would be a sensible excuse except, programs which are abandoned typically do not cause:
- the website to be defaced and debranded.
- a new version of the software to be released with gutted functionality.
- old versions to be removed.
- recommend commercial alternatives to open source programs.
- pretend that the announcement happened due to loss of support for an OS still used by 20% of all machines.
- not get in contact with the outside world.
Someone went to great lengths to make this look as nefarious as possible. This isn't the typical project shutting down. Actually my first thought was hacked, and my second through was NSA'd even though I swore not to follow the typical Slashdot NSA paranoia.
Re:Fishy (Score:4, Insightful)
So what? The author of TrueCrypt is not known and does want to remain anonymous. So suppose I create a fork and distribute it under GPLv3, who is going to complain? A lawyer has to represent someone who can prove he has the rights to the code, he won't be able to do that while representing someone who wants to remain anonymous.