TrueCrypt Website Says To Switch To BitLocker 566
Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. ... You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there's been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases. A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a 'big announcement' soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.
Fishy (Score:5, Interesting)
A FOSS project shutters itself and, rather than linking to a fork or posting tarballs of a few versions' worth of source, recommends commercial alternatives? If this isn't a hacked site then I'm thinking Lavabit - someone pressured someone else and in order to spill without spilling, they made the most absurd possible kind of announcement that they were closing.
I wonder... (Score:5, Interesting)
If the dev's decided to go full Lavabit mode after getting a NSL for the keys. So instead of letting people know that specifically they did this.
Also in the new version they removed all of the code to encrypt data, only the decryption remains.
Re:So, what now? (Score:5, Interesting)
That works fine for now, but it's a terrible idea to just keep using software that has known flaws (which will continue to accumulate) but no longer gets patches. At some point, while 7.1a will still be executable, it will no longer be safe in any way.
I took Archeron's question to mean "So, what should we start migrating to now?" That's a very good question, sadly...
Re:Fishy (Score:4, Interesting)
Re:Fishy (Score:5, Interesting)
Re:Foul Play (Score:2, Interesting)
The Register has no idea what it's talking about.
This is pure speculation.
Yes, they might have been compromised. But very early analysis shows they aren't blatantly backdoored, but that's all we know and they have no business claiming the changes are "eyebrow-raising" and hinting that it is malware. The changes are mostly removing the encryption/volume creation part of TrueCrypt.
Wait and see. They probably just want to "make the buzz".
Re:Fishy (Score:5, Interesting)
Except most Windows 7 editions doesn't support Bitlocker - only Enterprise and Ultimate. [microsoft.com]
I'm wondering who the fuck trusts MS enough to use Bitlocker. I don't.
Re:Fishy (Score:5, Interesting)
TC was Sabu's pet project. Since he was caught and working for the Feds, he has provided the very access everybody is afraid of them now having.
Sabu was just released from the service of the Feds a few days ago. Enough time to rewrite the binaries, change the passwords, and disable the whole lot since it's all been compromised for years. Gets rid of a dangerous product, and pisses off the Feds without violating the terms of anything since TC is still available for download, just in a crippled form.
Here's something interesting... (Score:5, Interesting)
truecrypt.org
>This URL has been excluded from the Wayback Machine.
SourceForge problem? (Score:5, Interesting)
Hmmm. SourceForge forced a password reset last week citing "changes to how we're storing user passwords." Coincidence?
Re:Fishy (Score:5, Interesting)
Enough time to rewrite the binaries, change the passwords, and disable the whole lot since it's all been compromised for years. Gets rid of a dangerous product, and pisses off the Feds without violating the terms of anything since TC is still available for download, just in a crippled form.
Well, the TrueCrypt audit project [opencryptoaudit.org] did manage to exactly recreate the binaries from the source file and so far haven't seen anything fishy in the source code other than some slightly weak encryption options making brute forcing of weak to medium strength passwords realistic.
Re:Here's something interesting... (Score:4, Interesting)
truecrypt.org
>This URL has been excluded from the Wayback Machine.
and it's vanished from google cache as well...
Re: Fishy (Score:4, Interesting)
As a former softie, all I can say is that i would trust bitlocker over pretty much any solution on the market and here are the reasons why:
1. Microsoft would not knowingly backdoor bitlocker. The NSA pressured the team leads, but management was adamantly opposed and declined to acquiesce.
2. Suppose bitlocker was knowingly backdoored, the amount of reputational harm that Microsoft would endure would literally be crippling. Crippling not with the OSS crowd, but enterprise customers. The only loser would be Microsoft and they would not recover.
3. There simply not enough people involved in the Truecrypt project at the moment to make it a truly secure solution. This isn't the Linux Kernel. For FDE, I wouldn't trust an FOSS until more audits and testing has been done. The reason is not because of technicalities, but because of legal liability reasons. For an FDE solution I either would want a private company to back the product or I would want a strong and active community truly backing the continuing development of the FOSS.
That said, I'm really hoping the audits come back positive and that development continues.
Re: Fishy (Score:5, Interesting)
I have been slowly moving from TrueCrypt to Bitlocker just because I've had issues with permissions and Windows 8/8.1.
It may not be as secure as TC, but it is a lot more recoverable, and to me, my main reason for using FDE is ensuring that a stolen HDD winds up "just" a hardware theft, and not something that can be used for extortion (yes... when I was in college, I was asked to help someone who had some private things stored on his laptop... and when the thieves stole it, they demanded $3000 or else they would post all the nudie pictures of his GF that the victim took to the Internet.)
The recoverability issue is nice. I can enable BitLocker on a drive or image. Then, add a recovery key, and a certificate. Then, the image can be copied/used on a cloud provider, and due to no easy to guess password being used, brute force is off the table. To boot, one can have the computer automatically unlock the drive, so it is basically a set and forget mechanism (with good and bad points.) The BDE keys for recovery wind up stashed in an old smartphone that shed its Wi-Fi, BT, and 3G antenna. Less attack surface for a remote intruder.
For file archives, tossing them into an expandable disk image and flipping on BitLocker may not be perfect, but it seems to do the job to keep people out.
As for Linux and OS X, I'd say Apple's encrypted Sparse Images are useful (as only small 8 MB "bands" change.) LUKS is also decent on Linux.
The nice thing about TC was the fact that it was one program that worked on three platforms, so you could stash your files in a TC container (assuming FAT32 for a filesystem) on your Mac, then access it on your Windows machine.
Re:Fishy (Score:2, Interesting)
Um. Did anyone bother to go to the second page, for those who don't use windows?
http://truecrypt.sourceforge.net/OtherPlatforms.html ""If you have files encrypted by TrueCrypt on Linux: Use any integrated support for encryption. Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation."
I think this is a case of pwnership rather than national security letter. An NSL to truecrypt would only make sense if there were, in fact, a universal backdoor built in and the author was both identifiable and subject to US jurisdiction.
The 7.1a code audit ran its first pass and found nothing obviously wrong. It's possible the tool is 'doored, but given the nature of public key cryptography it seems unlikely that it could be in the same way that a server running SSL is compromised when its key is extracted.
Re:Truecrypt was the hardest thing for the NSA (Score:2, Interesting)
Please provide proof for any of the following:
1. There exists a method to detect a hidden volume within an unmounted TC container file.
2. There exists a method to detect a hidden volume in a TC container file when the outer volume is mounted.
Otherwise, stop wasting our time.
Re:Fishy (Score:4, Interesting)
I don't think Sabu is capable of this kind of altruism, let alone this type of project.
Re:I wonder... (Score:4, Interesting)
Even more concerning is that both their code signing keys were used. If an Authenticode key got compromised, that is one thing. However, both their gpg and Authenticode keys were used to sign that last release, so it either was a very sophisticated intruder, or the TC Foundation dropped their cards on the table and stopped playing ball for some reason.
Re:I wonder... (Score:5, Interesting)
Also in the new version they removed all of the code to encrypt data, only the decryption remains.
They also changed all references from "U.S." to "United States" [github.com]
Re:my 2p conspiracy theory (Score:5, Interesting)
Alas, one or more of the TrueCrypt devs (syncon?) have been located and are acting under duress, as a 'canary' previously agreed upon has been published: .rc's language from "English (United States)" to "English (U.S.)" as it was in VC6;
1. Compiling with VC2010, and then not manually changing the
2. Changing the published release date from "on " to "in ";
3. Format/InPlace.c #12, remove reference in comment to "(likely an MS bug)" - changing this parenthetical should not be counted as canary, but removing it should
TC's build process is surprisingly arcane (includes old software due to bootloader code size, etc), and while a lot of it is accumulated dust, some of the dust is deliberately placed.
I do not know precisely what this means, as I have no contact with the developers anymore: but this is what was agreed upon.
They should no longer be trusted, their binaries should not be executed, their site should be considered compromised, and their key should be treated as revoked. It may be that they have been approached by an aggressive intelligence agency or NSLed, but I don't know for sure.
While the source of 7.2 does not appear to my eyes to be backdoored, other than obviously not supporting encryption anymore, I have not analysed the binary and distrust it. It shouldn't be distributed or executed.
Re:Fishy (Score:5, Interesting)
I'll join the chorus of people speculating about them getting a court order they couldn't bring themselves to follow.
I think that's exactly wrong -- I think he DID follow the court order and actually gave up the keys.
:-) the trick: in order to keep them from actually using their new keys to create TC-NextGen -- with New! and Improved! Holes for Your Convenience! -- he trashed the brand. Now, *NO ONE* will trust new versions of TC.
And therein lies
"I gave you the keys just like the order said. But you never said that I couldn't make any new version worthless."
This is an analog to a groups' public secretary who in every meeting says they haven't received an NSL, and then in one fine meeting doesn't say that.
Lets see who now up-and-disappears on some weird charge.
Re: Fishy (Score:4, Interesting)
Correct. But there is a downside. In order to use BitLocker without one, you will require using a USB drive for unlocking the system. A big security risk with using that method in a company environment would be how many simply leave the key in the computer. That would be like leaving the key to your house in the keyhole on the outside of your house. If you have to go that route, you can also add a password with the USB drive to unlock.
Source: Experience
That is true for Windows 7, but Windows 8 does not need an USB key. I have tested this personally.
Nicely done, Truecrypt team! (Score:5, Interesting)
From the "new" website, in red letters: ...TrueCrypt is not secure as...
Now, with added emphasis: ...TrueCrypt is Not Secure As...
NSL for sure. Nicely sidestepped.
(Captcha: "collects" Really.)