Auditors Release Verified Repositories of TrueCrypt

Trailrunner7 writes: As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software and ended development.

The message that the TrueCrypt posted about the security of the software also was included in the release of version 7.2a. The OCAP team decided to focus on version 7.1a and created the verified repository by comparing the SHA2 hashes with files found in other TrueCrypt repositories. So the files are the same as the ones that were distributed as 7.1a. "These files were obtained last November in preparation for our audit, and match the hash reported by iSec in their official report from phase I of the audit," said Kenn White, part of the team involved in the TrueCrypt audit.

Re:

[Anonymous Coward]

What are the hashes for your copy?

Subscribe

[tepples]

What are the hashes for your copy?

In order for a post of the hashes to be of any use, both the poster and anybody reading the post would have to pay Dice for a subscription to Slashdot. This is because Slashdot redirects all non-subscribers' HTTPS pageviews to HTTP. If the poster does not subscribe, a man in the middle could modify the hash on its way from the poster's computer to Slashdot's server. If the reader does not subscribe, a man in the middle could modify the hash on its way from the poster's computer to the reader's computer.

Re:

[Anonymous Coward]

Oh, I get it. A MitM could see whenever someone posts the hash e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2 and convert it to e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2.

Re:

[bruce_the_loon]

Hey, how did you get hold of the IPv6 address for my bathroom^H^H^H^H^H^H^H^Hsecurity camera system?

Signed, the janitor at St Trinian's School.

Re:

[alostpacket]

But the /. moderation system is infallible

Qatar ball

[tepples]

That's fine so long as home and the library don't use the same ISP. Cable monopolies tend to do this, such as if home uses Xfinity and the library uses Comcast Business. In extreme cases, an entire country's web traffic passes through the same proxy, as when Wikipedia temporarily blocked all editing from Qatar [slashdot.org].

Oh, and a correction to an error that I failed to spot in preview: "from the poster's computer to the reader's computer" at the end of #47205895 was supposed to be "from Dice to the reader's computer".

Re:

[jrumney]

If the poster checked from a second machine, they could update their post with a confirmation that it was indeed right.

I think you should update your post to clarify that Slashdot does not support updating of posts once they are submitted, least anyone get confused and spend time looking for that option.

Updates without editing

[tepples]

Slashdot does not support updating of posts once they are submitted

Of course it does. True, Slashdot is WORM in the sense that it doesn't allow users to edit submitted comments. But if you reply to yourself with the correction, the correction will be displayed below your original comment. See, for example, my post "Qatar ball" above.

Re:

[sillybilly]

That's gay

Re:

[sillybilly]

You're not supposed to enjoy stimulation to your prostate. Unless it's done by a female during a blowjob, but she might end up with smelly fingers. Even that can get you killed though, like in Russia, or muslim places like Africa, you get killed as soon as there are signs of gayness, they are very careful to keep the genepool clean of this deviant gene, which creates perversion and decay in society without any life-procreating effects, if anything, it goes against creating new life, just like contraceptives

Re:

[sillybilly]

Oh and Socrates did have a wife, called Xanthippe, possibly 40 years younger than him.

Re:

[sillybilly]

Encryption and information security related material - a somewhat humoros but highly homosexual and taboo spin on man in the middle attack, captcha:decorum, ssl certificate warning ignored, Alan Turing breaking the nazi Enigma code had a darker side to him, like Michael Jackson, or Richard Gere, or some Catholic bishops, or Socrates written down by Plato - I'm not sure he was actually messing with children, just young males, so to speak, but stuff like that is all over greek pottery, and it's called "greek

Re:

[kaatochacha]

I'm not sure what's worse: that I read through this thing, or the run-on sentences were the most notable aspect to me.

Re:

[cjb658]

I have v7.1a for Windows, downloaded 21 Oct 2013. md5 is 7a23ac83a0856c352025a6f7c9cc1526.

Re:

[WaywardGeek]

Source package (not Linux) sha256sum: e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc

That's what I just signed in the first ever signed git commit of the CipherShed fork of TrueCrypt [ciphershed.org]. It's been a crazy week over there!

Re:

[Runaway1956]

I would be suspicious of 7.1 just as much as 7.2. If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised? Discussion below shows that the big difference between the two is, 7.2 won't create new encrypted volumes. The message seems to say "We've been compromised - get your stuff out of the existing volumes, because they are NOT PROTECTED!" Or, "no longer protected".

If NSA demanded keys and/or back doors, and if the NSA actually

Re:7.1a for x64 linux

[lgw]

If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised

The only kind of guarantee there is: an open, publically funded audit of the code. That's the point of this exercise, even before people realized that blindly trusting the TrueCrypt code was a mistake, and that an audit by non-government researchers was needed.

Re:

[Varka]

If the developers left this "message" that 7.2 might be compromised, what kind of guarantee is there that 7.1 isn't also compromised

The only kind of guarantee there is: an open, publically funded audit of the code. That's the point of this exercise, even before people realized that blindly trusting the TrueCrypt code was a mistake, and that an audit by non-government researchers was needed.

You're assuming the binary is actually compiled from the source being audited. Once the source audit is complete, AND a recompiled version FROM THAT SOURCE is available, then I might consider using TC again...

Re:7.1a for x64 linux

[lgw]

That was actually the first step of the audit - to ensure repeatable builds and ensure the source matched the object (well, the Windows version - the Linux version was built and verified by many people over the years, but the Windows build took some non-default make setting and then it matched, so confirmation of that was ~1 year ago).

Re:7.1a for x64 linux

[WaywardGeek]

I believe I read about this guy [concordia.ca] on slashdot a year-ish ago. He verified the Windows binary comes from the official source. I replicated most of his steps, until I became a believer. It is the actual source used to compile the 7.1a binary.

Now, if you're afraid of back-doors, be afraid of what is already in the official source, all 110K+ lines of it.

Re:

[hoggoth]

And you're assuming that your compiler isn't inserting extra code that wasn't in the source code.

Re:

[Varka]

The level of trust in the current binary builds, in my mind, approaches 0. Once the source code audit is complete, we'll see where my level of trust is in whatever newly compiled versions might be available. Ideally I'd be able to take the source with verifiable md5sum/etc. and compile my own, but a number of comments seem to indicate that this is unlikely, so maybe it's just time to move on to something else.

Re:7.1a for x64 linux

[Z00L00K]

It depends on the level of security you expect. To make sure that your documents don't get into the open when someone steals your laptop it may be sufficient since most thieves just don't worry about the contents and just reformats it after a cursory glance on the contents. So everything that's not obviously visible or takes more than 5 minutes to access is probably safe.

If you are targeted by the authorities I would say that no wide-spread security system is safe. The authorities are even more likely to have backdoors into bitlocker than TrueCrypt, even though I suspect that they have TrueCrypt backdoors as well.

Re:

[L4t3r4lu5]

The authorities don't need backdoors or attacks on encrypted systems. They get a court order demanding the encryption key, and if you' don't provide it you go to jail, indefinitely, for contempt of court. If that doesn't swing in your jurisdiction, then the law probably already has something about providing keys being mandatory in some instances (In UK law it's an offence to not provide them when requested; 2 years in jail, or 5 years if it's regarding terrorism or CP).

Failing that, they already have the b

Re:

[Captain Hook]

Authorities can only do that if they don't mind revealing the investigation against someone. There are still alot of reasons why authorities would want to be able to read something encrypted without it being obvious that they are doing so.

Re:7.1a for x64 linux

[Kjella]

First of all, they said TrueCrypt has unfixed critical bugs not that it was compromised. It wouldn't really make a lot of sense either, if it was compromised back in 2012 and you wanted to be a whistleblower why wait well over 2 years to do it? It's not like NSA or whomever would let that sort of gag order expire. And if they're under any kind of pressure now, it would be to discredit the software they made years ago that doesn't contain any backdoors. Which brings us over to the next issue, they claim there's critical bugs but they won't tell anyone where they are so others can fix them nor fix them themselves. I mean they don't just want to shut down their project, they want tarnish the name, burn it to the ground and salt the earth after them and you really have to ask: Why?

I don't think and you probably also don't think that it's because XP support has ended and we should now all go use Bitlocker, so they're lying to us now. Why are they lying to us? I don't know, either they're pressured to it or working for commercial alternatives or threw a hand grenade to start conspiracy theories and get everyone reviewing the code or just went plain nuts I don't know. But there's no reason for any agency to kill off a version that has a backdoor and if there really was a government backdoor wouldn't the best way to be a whistleblower be to point it out? Why this ominous yet vague FUD? The answer that makes the most sense is that they're lying about everything. The developers don't know of any critical issues with 7.1a, but they're being pressured to or want to kill it.

That doesn't mean TrueCrypt is bug free, of course it may have bigger and smaller issues. But I think they're lying about knowingly withholding anything, that they're not working on the code and not maintaining it isn't the same as deliberately avoiding fixing issues. If they had said nothing at all and TrueCrypt had stayed at versjon 7.1a for another few years I'd still use it and despite what looks to me like a best effort they can't go back in time and sabotage their old release. So while I wouldn't trust anything they do from now on, the older code looks good. Why else would they go through so much effort to get rid of it? Somebody badly wants TrueCrypt 7.1a to disappear and be abandoned, the question is who and why.

Re:

[Runaway1956]

My question is academic. If they got a developer into a dungeon somewhere, and applied the five dollar monkey wrench interrogation method to extract a working back door - what assurance is there that this back door doesn't work on previous versions? FUD? I thought it a reasonable question. Does an exploit in version x.xxx work on version x.xxx - 1, or x.xxx - .001, or even x.xxx - 3? In some cases, I would imagine that the exploit might work all the way back to the project's startup and milestone .01,

Re:

[Kjella]

If they got a developer into a dungeon somewhere, and applied the five dollar monkey wrench interrogation method to extract a working back door - what assurance is there that this back door doesn't work on previous versions?

Sure, with a $5 monkey wrench you can make someone implement a backdoor, but if the developer never made one and doesn't know of any exploits to produce one then beating him to a pulp won't help him find one. Sure I can't guarantee that I haven't made any big oopsies in my code, but if I did I'm not aware of them and if I found one it'd be patched immediately. I'd never knowingly sit around with an unpatched way to backdoor the system, it can only "extract" things you actually know how to do.

Re:

[Runaway1956]

Fair enough. But, most developers know how to wreck their software. The guy holding the interrogation implement asks, "What is the weakest part of your encryption tool?" WHACK! "You don't need to think so long, you know the weakest part of your scheme, tell me!"

Given that answer, it would help to focus attention where WE would least want attention.

The best thing going right now, is that so many eyes ARE focused on the last "known good" version. Maybe if there is a weak link, someone will notice it. Of

Re:

[sillybilly]

The only cryptography you can truly trust is one you invent yourself, and don't tell anyone else about it, after you've learned all the top of the line methods and technologies and tricks available in the world. But don't trust these "expert proclaimed" unsolvable problems to really be unsolvable. Somebody somewhere might be passing off to you cryptography so you hide "secrets." Best thing is not to have secrets, or even if you do, they should not be something you absolutely can't have out in the public. Li

Re:

[rioki]

Only if you can handle the keying material properly. The problem with one time pad is that the keying material needs to be as much as the message to encrypt. Now if you want to transfer 1 GB of data you need 1GB of keying material. This material needs to be shared with the receiving end. Although a one time pad is mathematically proven safe, the burden is shifted from the problem to keep the message safe to keeping the keying material safe.

Re:

[sillybilly]

Thanks, but it gets you in the same trouble as drawing nonsense lines in the sand - you get caught with a set of random looking characters in a hostile country and you can prepare for some good torture sessions to extract the meaning of them. They are just random crap? Boloni! etc. So you better be creative and ready to invent something they wanna hear, to get your ass out of trouble, kinda like the American pilot captured in WW2 by the Japanese, who was interrogated about how many nukes the Americans have.

Re:

[fisted]

The nice thing about one time pads is that for any ciphertext there's a OTP which produces any (alibi-)cleartext you desire.

Re:

[sillybilly]

It's like jazz, spontaneous - it has no paragraphs. If I had more time or were not as lazy, I would have had paragraphed it for you, and made it shorter too, to the point of unfollowable mentally. Euler or some other mathematicians, like Gauss, used to get off on just presenting the end results, without detailing how they arrived to it, or giving some inhuman, unnatural flow of thoughts official and strict proof, but where is the fun in that?

Re: 7.1a for x64 linux

[gearond]

In my opinion, the NSA flies other law enforcement people, have decided that TrueCrypt is too much of a problem. So either through layers day off extort it up on TrueCrypt to end their business or they just directly did it. And so now that it's Joe will be stuck with Windows alternative. And we know how much we can trust Microsoft. So I repeat True Grit probably is good, but the authorities don't want us to use it

Re:7.1a for x64 linux

[lister king of smeg]

Luckily I have a copy of 7.1a for x64 linux. Because this is a great opportunity to release a trojan horse version of Truecrypt and many people would be affected

I wonder was its source in any of repositories for the larger Linux distros? Perhaps Debian, Gentoo,or Arch would have a cryptographically signed copy of it if so that would be a simple matter of grabbing the source with a apt-get source command.

Re:

[Pow]

Gentoo doesn't keep the source in the repository, but it has the hashes.
from /usr/portage/app-crypt/truecrypt/Manifest:

DIST truecrypt-7.1a.tar.gz 1949303 SHA256 e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc SHA512 b5e766023168015cb91bfd85c9e2621055dd98408215e02704775861b5070c5a 0234a00c64c1bf7faa34e6d0b51ac71cd36169dd7a6f84d7a34ad0cfa304796a WHIRLPOOL 5e7f4360746a30639aea96eaf4deac268289c111c0efa96f50487527f0406499 2c26ad4c8ae0fd565d80e77f0ce8add82b03930d877fe5adedc8a733b482fe38

(the filte

Re:

[WaywardGeek]

DIST truecrypt-7.1a.tar.gz 1949303 SHA256 e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc

Excellent. That's what I just got for the source we're using to build the CipherShed fork of TrueCrypt.

Re:7.1a for x64 linux

[nmb3000]

Luckily I have a copy of 7.1a for x64 linux

I noticed something the other day when looking for a copy of the install on my own system. It turns out that when you install TrueCrypt for Windows, it puts a copy of the installer in the destination directory! If you're on Windows, take a look in your %ProgramFiles%\TrueCrypt directory. You will probably find a TrueCrypt Setup.exe file (at work so not sure of the exact filename). This can be used to install/repair/reinstall TrueCrypt on any computer.

There have been some good attempts [grc.com] to create a trustworthy TrueCrypt archive, but nothing beats your original installation source, which you can use to verify against various signatures found online.

Re:

[Vastad]

Oh that's fantastic! I didn't even know a setup.exe was stored there. Thanks for the tip!

The news headline a year from now...

[StandardCell]

SHA2 Preimage Attack Discovered

What's the difference between the US and China?

[bungo]

From my perspective, it appears that both China and the US are willing to bend to their control any IT organization that they can.

I'm happy that a verified source have been made, but sad to think that it has now come to this - the US, China, Russia, ..... so many countries that it is no longer safe to host security projects.

If only I could get a CISCO router build in China, packages in the US and sold through a reseller in Russia.... it could be marketed are the ultimate freedom router*.

(* Note: freedom is not for the end user)

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Differences between 7.1a and 7.2a

[droptone]

Yep [github.com].

Re:Differences between 7.1a and 7.2a

[WaywardGeek]

7.2 was stripped of encryption functions. Even if it was without bugs, what good is it? Not to mention the weird way they walked away from their software.

It really was weird. Here's my new theory:

These guys released their best version ever, 7.1a, in Febuary 2012. They had a party, said goodbye, and moved on with their lives. Everyone assumed that since it's open source, some new guys would come along to take over the project. Instead, for two years, there were no security updates, and no credible fork. TrueCrypt was languishing. One of the developers decided to force the world to take action. He pulled that amazing stunt, complete with recommending everyone use Microsoft BitLocker. Now he's kicking back with a beer and watching the world go nuts. It's like kicking an ant hill.

Did it work? You bet! A bunch of geeks like me said, "I want to help!" A couple of Swiss Pirate Party dudes said, "We'll lead the effort", and before the weekend was over, they had thousands of offers for help. True to the Pirate Party spirit, they even pirated the TrueCrypt name: truecrypt.ch. Also true to the Pirate Party spirit, they don't really know how to organize a team of geeks to work together in a common direction. So, I said "Follow me!" on the forum, and signed up geeks as fast as I could at the site that became CipherShed.org. Now they're self-organizing like some sort of slime mold, creating order out of chaos. It's really fascinating to watch! I hope the original authors are enjoying the drama :-) At this point, I think the new team is going to do amazing things.

Re:Differences between 7.1a and 7.2a

[Anonymous Coward]

The most obvious difference is that 7.2a will only decrypt files previously encrypted with earlier versions of TrueCrypt. 7.2a is crippled in that it cannot create new encrypted folders, files or whole disks. It was apparently engineered to be broken and serve only as a tool to recover previously encrypted volumes.

Re:

[StandardCell]

That was part of my little joke [slashdot.org] but of course that's all cynicism on my part at this point.

The only truly reliable idiot-proof encryption method is a one-time pad where you commit the key to memory or parts of it among more than one person. Not that practical compared to a mountable volume or full-disk encryption like the old TrueCrypt, but everything has a price.

Truecrypt authors-WARNING: TrueCrypt is not secure

[raymorris]

> Doesn't get much more secure than that.

The authors of Truecrypt said "WARNING: TrueCrypt is not secure".

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot, she's probably telling the truth when she says she's crazy. I think the same principle may apply here. If the Truecrypt project page says "Truecrypt is not secure", believe them - it probably is not secure.

Other options seem to be more secure. Personally, I use dm-crypt (cryptsetup) with 256 bit ESSIV AES CBC, plus a little magic I've thrown in.

Cross-platform

[tepples]

Personally, I use dm-crypt (cryptsetup) with 256 bit ESSIV AES CBC, plus a little magic I've thrown in.

Might this magic happen to let you write files to an encrypted volume on one operating system and read it on another?

With most NAS drives, yeah

[raymorris]

Many consumer grade (and most enterprise grade) NAS devices run Linux or BSD. They are usable from a home desktop OS such as Windows, so yes, even Windows can write files to properly encrypted storage.

Smartphone app to replace flash drive

[tepples]

But to make it competitive with a TrueCrypt volume on a USB flash drive, you'd have to shrink the NAS down to pocket size and get it onto the WLAN somehow. Is there a smartphone app for that yet?

Gumstix

[raymorris]

> volume on a USB flash drive, you'd have to shrink the NAS down to pocket size

See Gumstix and many similar options.

Re:

[David Jao]

If you're seriously interested in disk encryption, it's pretty clear that there is no viable platform other than Linux, and maybe BSD. Any other platform will be riddled with NSA backdoors, and you'll have no way to check. So I don't understand why cross-platform compatibility is even desirable, much less necessary.

Re:

[0111 1110]

If you are implying that LUKS + dm-crypt is more secure in practice I might mention that hidden containers have not been implemented AFAIK.

Re:

[mirix]

Pfft, there is only one operating system. ;-)

I am a big fan of dm-crypt.

Re:

[CaptnZilog]

Pfft, there is only one operating system. ;-)

I am a big fan of dm-crypt.

--
Sent from my PDP-11

RSX-11? :-D

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[cyn1c77]

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot, she's probably telling the truth when she says she's crazy. I think the same principle may apply here.

Suddenly I am less interested in my privacy and more interested in your anecdotal story!

Re:

[Jawnn]

I learned a long time ago that if you go on a date with a woman and she says "I'm crazy", BELIEVE HER. She IS crazy. Even if she's hot...

You say that as if it were a bad thing...

Re:Truecrypt authors-WARNING: TrueCrypt is not sec

[rogoshen1]

i think you're confusing 'spontaneous' (which is fun) with 'crazy' which is bunny-burning, jealous lunacy.

Re:

[Jawnn]

QFT. Personally, I can add an example of "crazy" which included her living in a fantasy construct, pathologically lying, stealing thousands of dollars from me, faking a pregnancy and abortion (to get more cash from me), eventually getting institutionalized briefly after we broke up, and drunk texting me annually on her mother's death anniversary with passive-aggressive suicide notes (don't respond to those). I eventually changed my phone number I had for 10 years in order to escape.

Listen to the man.

There's a difference between "dating" and "letting the crazy person affect you to the point of theft, personal harm, etc.". Maybe I just have more experience with them and know when to pull out, so to speak. Not that that's a particularly cool badge to have earned, but I have been able to see where things were heading and jumped off the train. Still it was usually worth the ride.

Re:

[Z00L00K]

Have you ever seen any computer system that is completely secure? There's always a hole or backdoor in it, and I'm just waiting for a major one to show up in bitlocker.

How can we trust them to say it's not secure if we can't know in what way it isn't secure?

Re:

[Mistakill]

The current train of thought, which may never be verified, is that the authors got a National Security Letter from the NSA (like Lavabit)... If so, pointing people away from it to something like BitLocker may be a way for the NSA to gain easier access to encrypted data

Re:

[davydagger]

>256 bit ESSIV AES CBC

cool story bro, CBC is broken. Truecrypt uses XTS, and TLS added GCM.

Truecrypt also includes the options for serpent and twofish, both AES finalists with higher margins of absolute security than rinjidael.

Re:

[Anonymous Coward]

Not him, but as I said above on another reply, TRESOR uses CBC. I don't know about CBC being *broken* (citation, please? I'm not an expert), but I would imagine that protection from cold boot attacks is worth the tradeoff.

https://en.wikipedia.org/wiki/TRESOR [wikipedia.org]

TRESOR (recursive acronym for "TRESOR Runs Encryption Securely Outside RAM") is a Linux kernel patch which provides CPU-only based encryption to defend against cold boot attacks on computer systems by performing encryption outside usual random-access memory (RAM).

EDIT: holy crap, captcha is "decrypt"

Re:

[swillden]

cool story bro, CBC is broken. Truecrypt uses XTS, and TLS added GCM.

CBC is not broken. It doesn't provide the authentication properties an AEAD mode like GCM does, and it's more subject to ciphertext tampering attacks than XTS, but it's a perfectly good mode when applied with understanding of its strengths and weaknesses -- which is also true of GCM (which is terribly insecure if tags are truncated too much; far worse than CBC) and XTS (which isn't authenticated and therefore still subject to ciphertext tampering). And if you want CBC to have authentication and tamper-resis

You thinking of SSL? CBC is as "broken" as XTS is

[raymorris]

Are you thinking of SSL (not TLS) and how it used a predictable IV in CBC mode? That's an SSL issue, not a CBC issue.

CBC is "broken" to the extent that it isn't tamper-evident, so if a bad guy has write access to your encrypted storage you might not know it (unless you hash the file, just like any other storage). XTS is the same!

 

Re:

[weedenbc]

They said it was not secure because it "may contain unfixed security issues". That statement was 100% true for every earlier version of TrueCrypt and every single piece of software ever created. Including dm-crypt, your recommendation.

Match

[Anonymous Coward]

Only anecdotal, but I have a copy of "TrueCrypt Setup 7.1a.exe" that I downloaded from truecrypt.org on May 25, 2012, with a SHA-1 sum of 7689d038c76bd1df695d295c026961e50e4a62ea, which matches the same file in this repository.

Matches mine, but I also have 64-bit Linux & M

[antdude]

Here's mine:

2667681 Apr 9 2013 truecrypt-7.1a-linux-x64.tar.gz
9526318 Jan 20 2013 TrueCrypt 7.1a Mac OS X.dmg
3466248 Jan 20 2013 TrueCrypt Setup 7.1a.exe

$ sha1sum *
086cf24fad36c2c99a6ac32774833c74091acc4d truecrypt-7.1a-linux-x64.tar.gz
16e6d7675d63fba9bb75a9983397e3fb610459a1 TrueCrypt 7.1a Mac OS X.dmg
7689d038c76bd1df695d295c026961e50e4a62ea TrueCrypt Setup 7.1a.exe

My SHA-256

[Futurepower(R)]

SHA-256:
e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2
TrueCrypt Setup 7.1a.exe
Downloaded 02/10/2012 04:19 AM.

Same answer from the CNet.com, FileHippo, and Steve Gibson versions. MD5's also match. Using sha256deep64.exe and md5deep64.exe.

Re:

[RoknrolZombie]

Whether you know it or not, the answer is "yes"

Re:

[crazyvas]

Sorry, meant to login FWIW before posting that:
Thank you. Mine:

sha1sum *
16e6d7675d63fba9bb75a9983397e3fb610459a1 *TrueCrypt 7.1a Mac OS X.dmg
7689d038c76bd1df695d295c026961e50e4a62ea *TrueCrypt Setup 7.1a.exe
1d503ddb5f619ca868ea42bd7435f0dff5975997 *TrueCrypt_v7.1a.zip
c2a8c78a23f97ffb17bf47448c9f2daa3c8f80cd *truecrypt-7.1a-linux-console-x64.tar.gz
a53a7a609a25d9a1e33f720ce5c0265ddd4e8b25 *truecrypt-7.1a-linux-console-x86.tar.gz
086cf24fad36c2c99a6ac32774833c74091acc4d *truecrypt-7.1a-linux-x64.tar.g

TrueCripled to be released late 2014

[BoRegardless]

But this time it will be compromised and costly commercial SW.

Re:

[DiamondGeezer]

How will we tell?

Sublime irony

[pla]

I find it truly delightful that the NSA has accidentally accomplished one small aspect of their cover-story mission through their bad PR of late...

By making us paranoid of the documented snooping of our own government, the NSA has managed to do what the likes of Bruce Stirling and Phil Zimmerman failed to accomplish for decades - Get us to finally start encrypting everything possible, from end-to-end. This code audit of TrueCrypt counts as only one tiny part of that whole, but attitudes have changed for

Re:

[BoRegardless]

Did TrueCrypt go down because the NSA pulled their programmers off the team?

Re:

[rwa2]

I don't know why I don't see more of this... is it not obvious that TrueCrypt is most likely made by whitehats at the NSA? And that the blackhats at the NSA probably finally strongarmed them into abandoning their hobby project?

This seems consistent with the TrueCrypt End-of-Life announcement.

Re:

[ledow]

You obviously know nothing about cryptography, nor the methods used to break them.

Rolling your own crypto is the WORST thing you can do. And automated analysis of "encryptions" like that are not only more feasible than breaking AES, but they stick out like a sore thumb when you do any analysis... that's the point - encryption is hard, and one of the hardest bits of encryption is stopping ANY sign or pattern of the original data showing through.

Even cryptographers wouldn't try this. Use something that's be

Re:

[Electricity Likes Me]

Uh, because RSA was falling at a rather predictable if accelerating pace, and it was obvious "just use longer keys" wasn't really going to scale?

This wasn't a surprise. RSA is computationally expensive for the level of security provided, and the computing power to break shorter keys was becoming more and more available.

Re: Sublime irony

[Steve B]

"secret 3G/4G reception inside of the CPU"

Ruh roh! I'd better put my CPU in the middle of a metal box or something....

Re:

[pnutjam]

Refusal to use is luddite territory. Even if it's not secure, there are many non-secure things a computer is useful for.

Re:

[GuB-42]

Some automated attacks can defeat security through obscurity.
For a very simple example, read "The Gold-Bug" by Edgar Allan Poe. In this book, the protagonist explains how he managed to defeat a simple substitution cypher. This method uses frequency analysis and can be easily automated, it also work no matter how cleverly you generate your substitution table.
Of course, your cypher will probably be a bit more complex than that, but if all what it takes to break a substitution cypher is to read a short story f

Should I put it out for bid on eBay?

[csdarknightcs]

I have TrueCrypt 7.0.0.0 timestamped July 19, 2010 at 1:23:31PM

Re:

[Trax3001BBS]

I have TrueCrypt 7.0.0.0 timestamped July 19, 2010 at 1:23:31PM

The latest I have is TrueCrypt Setup 7.1aWindows-2000-Win7.exe
with a time stamp of Tuesday, November 19, 2013, 3:10:47 PM Modified Sunday, July 07, 2013, 5:05:54 PM another one modified: Monday, May 21, 2012, 12:43:08 AM

I also have a version of Linux truecrypt-7.1a-linux-console-x64.tar and x86 Modified and created Wednesday, November 27, 2013, 3:10:40 AM
I had plans on going to Linux at the time.

I don't expect money for anything I have, if anybody wants (them) I'll upload em someplace until I get a nasty gr

suckers

[Anonymous Coward]

thankfully I use windows and bitlocker and don't have to worry about any of this.

The OCAP Team

[kat_skan]

So who exactly is "the OCAP team?" I admit not following crypto research very closely so the only name I recognize on their site [opencryptoaudit.org] is Bruce Schneier, and though there's a few comments mentioning them on his blog he hasn't as far as I can tell said anything about being involved.

Who audits...

[Rinikusu]

the auditors?
.
.
.
.
.

Re:

[amigabill]

I'm sure that the NSA would be happy to appoint someone to check the work of the NSA appointed auditors doing the current investigation. :)

And was promptly backdoored

[Gothmolly]

SUUURE, this new verified installer is legit.
Love, the NSA (who wrote the thing in the first place) ..tries to download it...
"Using GitHub on Windows has never been this easy."

Sad Internet user has a sad.

Sorry to say...

[duke_cheetah2003]

But I have come to the conclusion the devs just got sick of giving us free stuff, especially when these auditors came along and got PAID to review code the TrueCrypt devs have been toiling on without pay for years.

All your NSA conspiracy theories are fun to read, but really.. I'm pretty convinced there's nothing wrong with 7.1a that will come to reveal it's fundamentally flawed and insecure.

I think I'd be giving you all the finger too if I worked 10 years without pay and some hooha's came along and got paid

Re:

[duke_cheetah2003]

Speak for yourself. I recognized the value of the service they were offering, and I paid.

And you are probably very much in the minority.

This is such a weird story.

[Crookdotter]

Does anyone know who the devs are? Why such a strange webpage and release? Are they trying to hint that the NSA has forced a backdoor upon them with the latest release and they've just nuked it? I use truecrypt and I want to know what the hell happened.

2013 releases make me nervous

[0111 1110]

To me the most likely and simplest explanation of the strange canary-like behavior is to assume a warrant canary is indeed what we are seeing. Which probably means that 7.1a has not been compromised, but that a compromised version of 7.1a will eventually be introduced into the wild. Hence the need for a trusted repo for windows.

Nevertheless are the changes between 7.0 and 7.1 so significant that it is worth the additional risk of a more recent release? I'm thinking of using my 7.0 download from 2011 instead

Re:

[ledow]

That's what the audit mentioned in the summary - and several dozen previous articles - will show (and has already intimated, in brief, that there's nothing obviously wrong with it but it can take years of analysis to have confidence that something this large is clean).

Keep up.

Re:

[Z00L00K]

All softwares have bugs, the question is just if the bugs are serious or if they are benign.

The hardest bugs to find are those that are due to bad overall design. Each part may be perfect, but they are joined in a way that is unsafe.