TrueCrypt must not die(truecrypt.ch) |
TrueCrypt must not die(truecrypt.ch) |
Edit: That tweet was deleted for some reason, but the rest of the thread is still there: https://twitter.com/stevebarnhart/status/472192457145597952
http://krebsonsecurity.com/2014/05/true-goodbye-using-truecr...
Head-desk-head-desk.
Gene: It's brilliant! There's no such thing as time!
http://topsy.com/trackback?url=http%3A%2F%2Ftwitter.com%2Fst...
and for the user:
http://topsy.com/s?q=from%3Astevebarnhart&window=w&type=twee...
At least from here it looks like they took the posts down as well.
https://twitter.com/stevebarnhart/status/472195239005147136
And why not just writing that you no longer feel motivated to continue the further development of your software? It is very common after all …
They didn't necessarily do it because they wanted to "stop teh NSA." A lot of people who wanted to "stop teh NSA" started using TrueCrypt, and so they assumed that their goals lined up with TrueCrypt's. But maybe they didn't.
Maybe the developer using TrueCrypt was perfectly happy with "defend against anyone short of the NSA, especially since the NSA would need to expose their ability to break into this in order to do anything bad to me." There are millions of people who legitimately share that threat model.
We can parse out each comment in the source code like lawyers fighting about a comma before SCOTUS or biblical scholars debating on the definition of a word in Hebrew. We will never know. But there is a really big possibility that the developer(s) consider BitLocker acceptable, even if it's closed-source by Microsoft.
EDIT replaced an instance of "BitLocker" with "TrueCrypt" in second paragraph, whooops!
You can rest assured.
[1] http://www.linkedin.com/pub/joseph-doekbrijder/2b/384/43a
Then again, with anonymous developers and unknown jurisdiction, it may be moot.
The original dev's made it clear they don't want people to continue with the TrueCrypt name. If they were really interested in continuing the project for the sake of security they would have chosen a different name.
Apologies if I missed anything, I don't follow this truecrypt stuff too closely.
Hopefully that may still happen.
This means that if you have a large set of random-looking data, they can already lock you up. Hidden containers (encryption hidden within encryption), as possible with Truecrypt, do not help either. They will just assume the hidden container is there and unless you hand over the key, you will stay locked up. Don't have a hidden container? Though luck. Anybody could claim that.
It assumes there are only two possibilities, either you live in a "free country" where you can refuse to hand over the key, or you live in a totalitarian state where the police will decide to beat you if they suspect you have crypto software, and will keep doing so no matter what you say.
There is a lot of middle ground there. For example in the UK, I believe you are legally required to provide the decryption password. But I don't think the police there would be likely to beat you if they think you may have a hidden container. They could argue that they believe you do, and you would respond with "prove it!", and I doubt it would go any further (unless they had some evidence that you specifically were using hidden containers).
There is value in hidden containers in some circumstances. It's disappointing to see the cryptsetup maintainers take this position.
Place your energy in the alternatives. I wish you could downvote things on HN, if only because this is downright dangerous and needs to be read by as few people as possible.
Why not?
So what options remain for the person that starts the "next Truecrypt"? The only true safe haven I can think of is employment at a public university. In many countries here in Europe the security researchers working at universities can operate under what is called "academic freedom".
I wonder how that will be destroyed.
https://github.com/warewolf/truecrypt/blob/33c0b8457051796fa...
I belive any TrueCrypt fork should require contributions to be dual licensed under TrueCrypt's original license and BSD. In time, the project can shed original files and re-implement them under BSD or any other GPL compatible license.
http://www.infoworld.com/d/open-source-software/truecrypt-or...
[1] https://github.com/warewolf/truecrypt/compare/master...7.2#d...
...but that actually doesn't seem all that insurmountable. Hm...
I see no issue picking up the codebase and running with it.
I really really doubt this is a claim the folks doing the audit would make.
They already found a few flaws. Nothing major though: https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_A...
Audits aren't perfect.
It's just a landing page that a couple of guys put up while they try to figure out what direction to take. Since there's an audit going on right now, when it's done they'll probably start fixing the problems and releasing new versions. Have a bit of patience.
The problem really came in Africa and the Middle East were overall IT literacy is low. People could often use a computer but were not familiar enough with it/scared to break something that they were afraid to really problem solve - esp human rights defenders in their late 40/50s in these places.
So for example, if taught A then B = C, TC was fine. The problem often came when A then B = Z, then TC became a problem. It's UI/UX and use of language (why call something "Mount"? Just use the word "Decrypt" for gods sake! - yes its not perfectly accurate but its easier for people to understand.) was pretty intimidating for many of the people who's lives really depend on it.
However, I personally find that interesting since I'd think in today's climate it's even more important and they were getting lots of exposure.
Maybe he was pissed.
Maybe he really didn't want to support it any more, and would feel really bad if people's stuff got compromised on his watch, so he wanted everyone to stop using his stuff as hard as possible.
Edit: I was wrong, dm-crypt is supposedly accessible on Windows and maybe accessible on OS X. Non-FDE methods have decent spread. https://wiki.archlinux.org/index.php/Encryption#compatibilit...
This smells of hyperbole. Why do you consider TC to be _dangerous_ software? Lack of maintenance? Speculative possibilities regarding recent events?
If the rumors are true that the TrueCrypt devs are throwing in the towel, that discounts a couple of dangerous scenarios I can think of leaving only lax maintenance.
Problems come up when nobody reads the code. Right now, there's an awful lot of people reading this code (Given the strange warning's posted on the TC site).
Could you please elaborate on this one?
Without anything else to go on, it seems the most responsible assumption (for now) is that the software is in some way dangerous.
This is true of every piece of software, always. No specific flaws have been mentioned by anyone. Here, the (supposed) developers flat-out told us they just lost interest. There hasn't been a release in years, and now -- if his identity were to become known -- a negative result on the audit (no vulnerabilities found) would not be interpreted as an endorsement from him that the software is secure.
When/if the vulnerability is found, he will not be required to say "I told you so" or "I'm sorry." The last ten years absence of evidence is not evidence of absence, that's just common sense.
And there is one vulnerability I think I've heard that's not surprising anyone -- TC keeps the keys in memory while the partition is mounted. Anyone with enough practice can supposedly freeze the chips, unplug them, put them into another machine, and boom grab your keys without disturbing the frozen bits. Presumably law enforcement and other APT entities will be getting better at this technique over time.
If you're worried about this and other threats, best to keep your partitions unmounted.
Initializing the variable with 0 removed that part.