Thread for TrueCrypt alternatives [FOSS preferred]

Discussion in 'privacy technology' started by Morthawt, May 29, 2014.

Thread Status:
Not open for further replies.
  1. BeardyFace

    BeardyFace Registered Member

    Joined:
    May 29, 2014
    Posts:
    80
    Everyone's situation differs, I personally wouldn't be under great pressure even if TrueCrypt were compromised, I don't take my laptop out much and a common theif might not be able to leverage any exploit found, by the time I need it, there may very well be a fork of the original TrueCrypt program that's compatible, and the hassle in "updating" to that might be reduced.

    It's always nice to know the alternatives though, DiskCryptor on my evaluation still seems shall we say "a little rough round the edges", for recommending to people for mainstream use, I'd like to see some sanity checks on the boot config for instance, preventing inadvertant rendering of the system unbootable by configuring differing boot and system partition passwords, as a for-instance. It works, but it's not nearly so polished and mature an app as TrueCrypt at this point.
     
  2. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    That's a whole other aspect as well that comes with a severe lack of real-world testing. Not only is the security untested, but even the functionality and stability of the program itself aren't really proven (at least not to a standard I would think a serious person would want for consequential data.)

    It's bad enough to have to worry if your data is secure from attackers...but to have to worry if it's secure from corruption or other inaccessibility due to a faulty program...I don't know, that's just seems more risky than to simply continue to use a proven product for which the only possible cause for concern is a warning that it seems like the community pretty much agrees is just a "this is no longer maintained" alert.

    Particularly when we're talking about critical data (which, if it doesn't matter, why are you bothering with encryption?) Sure you should always be keeping backups, but those aren't always going to be up-to-the-minute available, especially if we're dealing with system encryption. And then of course there's the issue of corruption of any backups along with the working data (which, for a stable program is unlikely, but the whole cause for concern is that you're dealing with an application with really low real-world testing.)

    At this point I would just be way more concerned about encrypting my system with a relatively obscure product, from a complete unknown developer who has little established credibility, over what is probably the most widely used encryption suite in the world, with over a decade of history and mountains of real-world testing both in terms of security and stability.
     
  3. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,362
    Location:
    Oz
    Exactly. We have no idea who sent those messages. It could be PeeWee Herman for all I know. And I think the whole thing looks very very suspicious. Here's a conspiracy theory for you. The NSA can't crack TC so they go after the developers to get them to encourage people to migrate away from it. But then again Steve Gibson suggests that the TC developers seemed to have lost interest because support for XP was discontinued. He seems to suggest that it is sort of an ego thing that they don't want anyone messing with their code after they're gone......or something to that effect.
     
  4. Morthawt

    Morthawt Registered Member

    Joined:
    Jul 10, 2008
    Posts:
    79
    Location:
    UK
    I don't buy that story, but ok if that is what the developers want to say. I strongly disbelieve they would "lose interest" while public interest was growing due to the code audit. I doubt they would lose interest just because microsoft stopped supporting XP, not only because that is strange by its self but the end date has been known for years. So it is not like one day microsoft decided "ya know what? Screw XP I'm done!" No. It was planned for and executed. I think it is highly likely the NSA had something to do with it.
     
  5. BeardyFace

    BeardyFace Registered Member

    Joined:
    May 29, 2014
    Posts:
    80
    My reading of Steve Gibson suggests the Trucrypt devs are using XP's demise as an excuse for throwing in the towel. My own feeling, from observation of the software's progress is they were already getting tired of maintaining it when they released 7.1a, I suspect (whatever they may have said in a fit of politeness when asked by the auditors), is that between the amount of work adding support for UEFI/GPT boot, people screaming for support for 4Knative block drive support, and suddenly feeling pressured to do a re-write to add nothing except readability and additional robustness to the code as well, despite it already being exemplary in comparison to most open source software, (I refuse do get into a religious debate if a requirement to attribute in a way that equates to advertising disqualifies it from being called open or not) the demands on them simply got too much.

    Quite apart from all of which, whatever the last straw might have been, could well be private and have nothing whatever to do with TruCrypt itself, audits, three letter agencies or anything I've seen speculated about yet, lets not forget we're talikng of human beings with private lives which they have every right not to talk about. Nevertheless private events in those lives can have profound effects on if someone has time to devote to such a project, little private events such as births, marriages, divorces, berevements, changes in employment, or simply bouts of depression. Any and all of which seem more likely to me than tinfoil hat theories involving three letter agencies, mysterious and higly skilled hackers with unexplained access to the site and signing keys.
     
  6. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    @Randcal

    There is clearly not consensus or some sort of a "pretty much" agreement that the TC warnings and recommendations simply constitute "a 'this is no longer maintained' alert." Do a simple news search via Google for TrueCrypt and you'll find various different speculations among both journalists and comment posters as to the reasons for the warnings and recommendations. As seen in the current thread, various diligent and well informed individuals still have valid questions as to the source of the TC postings. The simple fact is that we don't have all of the facts yet (indeed, we may never have sufficient facts to support a well founded consensus). We also don't have a full review of the TC code at this point, although there are lots of diligent, well informed, and technically competent individuals who have donated time, effort, and money to achieve same, and who consider the code review to be a necessity for an accurate assessment of the TC warnings and recommendations.

    Regards.

    __
     
  7. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    Ah so now journalists and comment posters are the authorities on what typical dev language is? Those two groups are probably the last people who know what they're talking about.

    The only time you'll find them get something right is when they are tech people who happen to be commenting or authoring an article. Like in this Ars article where they actually quote an apt commenter who basically echoes what I'm saying:

    http://arstechnica.com/security/201...dvisory-backdoor-hack-hoax-none-of-the-above/

    Well heck brother, if you're questioning the validity of the notion that the TC postings actually came from the TC devs, then why are we even debating? All that does is further support my point.

    Your entire reasoning up to this point has been: "The TC devs told me it isn't secure. The TC devs told me to switch. So I'm gonna listen to the TC devs and do what the TC devs tell me to do."

    I'm honestly not even sure what you're talking about now.

    Regards
     
  8. BeardyFace

    BeardyFace Registered Member

    Joined:
    May 29, 2014
    Posts:
    80
    I'm one of the ones waiting for the code review to complete before making any decisions.
    I agree there seems to be no solid consensus.
    Mostly I think that that's because many of the theorists are forgetting, when evaluating competing theories, Occam's razor applies.
     
  9. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    Okay, I'll bite. What does Occam's razor tell us about Diskcryptor (and BitLocker, for that matter) being more secure than TrueCrypt?
     
  10. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,327
    Location:
    Here, There and Everywhere
    I don't think so at all. In fact, in a situation like this, the answer could be so confusing as to not even make sense in the end. Nothing simple about it.
     
  11. blainefry

    blainefry Registered Member

    Joined:
    Jan 25, 2014
    Posts:
    165
    What's not making sense to me is this cherrypicking of what it all means and what you should do about it. It sounds like @S.B. pretty much voices the overall purpose of this thread when he focuses on the warning on the TC page. Ok, so it says it's "not secure as it may contain unfixed issues."

    I noticed you saying "choose to believe" a lot...

    So if you choose to believe that came from the actual TC developers, and you choose to believe that it's a legit message (i.e. not put out under some kind of coercion), then that's fine. Go ahead and believe that it's not secure to use TC right now.

    But you have to admit your actions aren't exactly adding up in a logic sense. You say you're switching because the TC devs told you to, but then you say you're switching to Diskcryptor and not BitLocker. You square this by pointing out that their language was so vague it can fit basically anything. So no matter what you choose, you're in the clear. For one thing, that's not exactly "advice" in my opinion. I find it incredibly unlikely that essentially anything that runs on your platform, no matter what it is, is better than TC.

    And lets not forget this was the same message for Linux, even more explicit. It literally says to use anything:

    Like it says here, In other words they’re saying “just search for something and use it.”

    But more importantly we can't ignore the implicit recommendation of BitLocker. You think Diskcryptor is so superior to TC and BitLocker. Why was everyone not given a how-to on switching to THAT product? It's free. It's open source. If it's better than BitLocker, and it's FOSS, and it's more like TC (which would make it more appealing to TC users), AND it's totally free of charge (whereas BitLocker requires specific (expensive) high-end versions of Windows), AND if fits their vague parameters of "encryption that fits your platform"...then WHY WASN'T THE MESSAGE TO MIGRATE TO DISKCRYPTOR?

    If it's the product you should be using, why wasn't it even mentioned?
     
    Last edited: May 31, 2014
  12. BeardyFace

    BeardyFace Registered Member

    Joined:
    May 29, 2014
    Posts:
    80
    Since at that point I'm referring to the theories about who changed the Trucrypt site and why, it doesn't say much about what alternative, merely suggests the simplest theory is probably correct.. Namely that it was probably the Developers, and the reason was probably mundane (most people's reasons for doing things are pretty mundane).. It's been reported widely that they were (paraphrasing) simply tired of maintaining it, I see no reason to disbeleive that.
    If they're tired of maintaining it, it follows, as night follows day, they don't want to be maintaining and updating the static page saying (paraphrase) "We quit", so any sensible person, which I think they probably are, will have put up a page that'll still be valid 1, 2 or 5 years from now...

    Why BitLocker? Again, simplicity, and longevity, Microsoft won't get fed up and vanish, robust support is available, ntldr is one developer, he might get fed up, and you certainly (looking at the pace of his forum) won't be getting a rapid turnaround on support requests, especially not if there's suddenly lots of them.
     
  13. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    @blainefry

    I cannot tell you what is right for you. I will gladly summarize for you why I chose as I did. But please, I'm not interested in arguing with you or in defending against an unreasonable distortion of what I write. In the final analysis, your data and your privacy are yours. The pragmatic day-to-day difficulties, and the risks, associated with the methods and software you choose for protecting those are something that you, and you alone, will live with. So it's your choice.

    I looked at, and seriously considered, BitLocker, for my Win7 Professional system. I would need to upgrade to Ultimate of Enterprise to use BL, but if one searches carefully, one can find a legal upgrade license for an essentially trivial cost. So that wasn't a problem. Where I had a problem with BL was in the TPM module or the alternative flash drive keyfile. My motherboard doesn't have a TPM module, but it does have an easily accessible socket to install same, and I can get the TPM module for under $20.00 US. But I find a pragmatic problem in use of the TPM module; namely, if something goes wrong with my motherboard or the TPM module, I can't simply remove my hard drive and recover the data from another computer, unless I have a 48 digit TPM override code. So that means I have to write down, or record that code somewhere recoverable. That somewhere also needs to be secure or what is the point for using a TPM to begin with?

    Same limitations with using a flash drive keyfile in lieu of the TPM module. But now I also have to keep up with the flash drive, and/or hope like the dickens, that it doesn't stop working, or get accidentally overwritten.

    So to me, the TPM or keyfile presents a big pain in the bottom.

    In addition to the TPM module or keyfile, I need a BL password; otherwise, all that is required to start my computer is a flash drive or TPM module. But a criminal or civil court could validly order me to produce such physical items, as opposed to issuing an order for me to tell my password, which amounts to an unconstitutional order for me to testify against myself (at least in the case of criminal charges). So I need a password.

    OK. Here's the straw that broke the camel's back for me. As I understand it, BL only gives me a password option (for Win7) of a password consisting solely of 20 or less numerical characters. Twenty qwerty keyboard characters is one thing. Twenty digits is another entirely, and significantly less secure. Moreover I can readily structure a memory helper for memory of 20+ qwerty keyboard characters; but remembering twenty digits is a different issue altogether. And I refuse to write down or store my password. Anywhere. Ever. That's just my personal choice.

    So those are the reasons I decided against BL.

    You can validly and reasonably choose differently.

    As to the TC warnings, please understand that I never said I believed them to be correct. What I tried to say was it doesn't seem prudent to me to simply ignore those warnings. There's a big difference. If I leave my home because of a storm warning, I do so with hope that the storm will not destroy my home. Nevertheless, even though there may be a good chance my home won't be damaged, or that I could have stayed in my home through the storm, it really doesn't seem prudent in my judgement, for me to stay if competent authorities warn me to leave. Again I hope the storm passes and no one gets hurt. I don't leave because I'm certain I won't be safe if I stayed. I leave to avoid an imprudent risk. At least in my mind, ignoring the warnings posted on the TC page would similarly be an imprudent risk.

    You should make your own choice as to what is or is not prudent for you.

    I've used DiskCryptor previously; and pretty extensively, with no issues. I've researched it and haven't found any evidence of anyone ever cracking the code or judging it to be unreliable. There are other reasons to believe it to be reliable that I won't go into since the bottom line is that no one can prove that it is reliable. But there is no actual warning issued by the DiskCrypt developer, or anything comparable, that use of this software is not secure. But those warnings do exist for TC.

    For me, the negatives that I don't consider prudent to ignore for TC, is the deciding factor for my choice.

    You should make your own choice as to what is, or is not, prudent for you.

    PS, I'm a long ways from being a great typist. Hope I haven't made major errors in this overly long response ("I would write shorter letters if I had more time." - Cicero).

    Regards.

    __
     
  14. BeardyFace

    BeardyFace Registered Member

    Joined:
    May 29, 2014
    Posts:
    80
    Bravo

    I've decided differently, and stuck with TruceCrypt for the time being, but my threat model is trivial, I'm confident TC DiskCryptor BitLocker or almost ANY randomly selected WDE solution will adequately protect my data against a common theif who walks off with my laptop.

    Each person should assess their own risk and act accordingly... in a low enough crime area, one might not decide to change ones lock simply because the serial was stamped on it, in a high crime one, one might fit new locks and a reinforced door!
     
  15. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    Depends on the court.

    But actually, if you read the analysis, you'll find Boucher and Fricosu rulings are allegedly not in conflict...
    This is why plausible deniability is important, even in the US. If you're actually worried about being legally compelled to grant access to your system, then it would seem you'd need hidden containers.

    How do you plan to get those?
     
    Last edited: May 31, 2014
  16. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
  17. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    @S.B.
    Without looking at the document, just based on what you said I'm not sure how that changes anything. Why the heck would you need immunity from your "actions in producing the unencrypted drive"? The incriminating evidence is on the drive (isn't that the whole reason you're worried about revealing it?)

    One would think you'd need immunity from any sort of prosecution pertaining to, or supported by, anything on the drive...not your "actions in producing" it.
     
  18. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    @Randcal,

    Without her action of producing the drive, the govt would have no information as to what is on the drive. Hence the govt would have to use as a matter of necessity, her actions in producing the drive, to use evidence found on the drive in a criminal prosecution against her. So yes, I can assure you that it changes everything.

    Edit - If you're really interested in understanding this, you can do some research on topics of "use immunity" and "fruit of the poison tree". That will at least get you pointed in the right direction. And do bother to read the actual case.

    __
     
    Last edited: May 31, 2014
  19. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    @S.B.
    Your assurances aren't worth much, as you're not understanding what transpired there. First of all, that PDF you linked isn't a ruling. It's an application to the court. A request.

    What matters is that ultimately the court granted that request and ordered that she is legally compelled to decrypt the drive so that the contents could be used against her in court. Bottom line.

    The only "immunity" she had was from her actions in decrypting the drive...not what was on it. (That is, the act itself of decrypting the drive might incriminate her in some way, so the government requested the court grant her immunity from that. They don't care about getting her some other charge, so long as they get access to the contents of the drive, which is what they'll use against her at trial.)

    The government argues:

    "Only when an 'act of production' explicitly or implicitly communicates facts or
    information otherwise protected by the Fifth Amendment privilege against testimonial
    self-incrimination – for example, if the existence and location of subpoenaed records are
    unknown to the Government, or where the mere act of production would authenticate
    the records – does the act of production fall within the scope and protection of the
    defendant’s Fifth Amendment privilege. "


    In other words, they can't force you to admit you're guilty. But if they know you have or can produce proof of your guilt, then the guilt is a "foregone conclusion", and the Fifth Amendment privilege cannot block the government’s application.

    I suggest you read the actual ruling [PDF. It will probably help you understand.

    The judge quotes Fisher v. United States:

    "the Fifth Amendment does not independently proscribe the compelled production of
    every sort of incriminating evidence. [...] the privilege protects a person only
    against being incriminated by his own compelled testimonial communications."


    Basically, “[a]lthough the contents of a document may not be privileged, the act of producing the document may be.”

    So the government requested immunity for her from prosecution against the act of production...not what was on the drive itself.

    He then brings up the Boucher ruling:

    The court noted that “[w]here the existence and location of the
    documents are known to the government, no constitutional rights are touched, because
    these matters are a foregone conclusion,” that is, they “add[] little or nothing to the sum
    total of the Government’s information.”


    And his conclusion:

    "it is more likely than not that the
    computer belonged to and was used by Ms. Fricosu. Accordingly, I find and conclude
    that the Fifth Amendment is not implicated by requiring production of the unencrypted
    contents of the Toshiba Satellite M305 laptop computer."


    So ultimately he granted the government's request and ordered her legally compelled to produce the decrypted contents of the drive so that the contents could be used against her in court. The only thing that he ruled couldn't be used against her was the act itself of decrypting the drive.

    So once again, bottom line:

    She was forced to reveal the contents of the drive, and had no protection whatsoever from whatever they chose to do to her based on what they found on the drive.

    So, I'm sorry to say, you're not as safe as you think you are. But I do thank you for challenging me on this because it got me to finally get around to reading this decision, which in turn has made me very aware of just how flimsy (and largely useless) the 5th Amendment is when it comes to this question of encrypted data.

    This only reinforces my point about plausible deniability even further.

    EDIT
    Pretty strong tone from someone who not only didn't understand the ruling, but didn't even realize he wasn't even reading a ruling.

    I wasn't going to go there, but since you opened the door, I would suggest you follow your own advice, but evidently it wouldn't do much good, as you don't seem to understand what you're reading.
     
    Last edited: May 31, 2014
  20. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    You have absolutely no idea what you are talking about. The PDF is absolutely a ruling by The United States District Court for The District Of Colorado. You are also completely wrong about what the "use immunity" meant as a practical matter. If you bothered to do any study of the subject of "use immunity", that would be clear to you.

    This is ridiculous. Believe whatever you want.

    __
     
  21. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    This one that you linked?

    http://www.wired.com/images_blogs/threatlevel/2012/01/fricosugov.pdf

    The one titled:

    "APPLICATION UNDER THE ALL WRITS ACT REQUIRING DEFENDANT FRICOSU
    TO ASSIST IN THE EXECUTION OF PREVIOUSLY ISSUED SEARCH WARRANTS"
    ?

    The one that ends:

    WHEREFORE, the United Statesof America respectfully requests that the Court
    issue an Order
    granting the Application Under the All Writs Act to require Ms. Fricosu to
    produce the unencrypted contents of the Subject Computer, and granting her act of
    production immunity in connection therewith.
    Dated this 6th day of May, 2011
    JOHN F. WALSH
    United States Attorney


    That is a ruling by the court?
    A ruling by a court ends with a respectful request signed by an attorney asking the court to issue an order (i.e. a ruling)??

    I think I should be telling you you can believe whatever you want.
     
  22. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    Yes. you are correct that the PDF is not a holding. You are incorrect however about the meaning and impact of the "use immunity" that the govt. granted the defendant. The govt won't be able to use the info on the drive to prosecute the defendant in a criminal prosecution unless they can prove they obtained the info on the drive independently from the defendant's action in producing the drive.

    I honestly have no interest in debating the law with you. US criminal law is not currently in a pleasant state. Neither TC nor DiskCryptor nor hidden volumes is going to change that, particularly if defendant talks about what is on the hidden drive in a wiretapped telephone call.

    You can be sure that you cannot be compelled to reveal your password to allow the govt to pursue a criminal case against you if you are a US citizen, and if the govt plans to use anything they learn from using your password in a criminal proceeding against you. That doesn't mean you are home free by a long shot.

    I really really am sick and tired of arguing with you. I said I cannot be compelled to reveal my password in a criminal case against me -- a password is protected whereas physical devices are not protected. I'll just leave it there.

    __
     
    Last edited: May 31, 2014
  23. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,362
    Location:
    Oz
    Could you just copy your data over to an encrypted external drive? Or encrypt your files and upload them to a file sharing service and download them into the new location?
     
  24. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    Yes you are correct that you were completely wrong when you said "The PDF is absolutely a ruling by The United States District Court for The District Of Colorado."

    You are also completely wrong when you claim that the contents of the drive cannot be used against her.
    Again, she was granted immunity from her "act of production". Again, read the actual ruling:

    "That the government SHALL BE precluded from using Ms. Fricosu’s act of
    production
    of the unencrypted contents
    of the computer’s hard drive against her in any
    prosecution."

    Not the contents themselves.

    Here's the EFF:

    "The government offered Fricosu some limited immunity, but did not give adequate guarantees that it won't use the information on the computer against her."

    Further:
    "the government offered Fricosu immunity for the act of production and forbids the government from using for the act of production against her. We think Fricosu not only has a valid privilege against self-incrimination, but that the immunity offered by the government isn't broad enough to invalidate it. Under Supreme Court precedent, the government can't use the act of production or any evidence it learns as a result of that act against Fricosu."

    See? The "act of production" is separate from "evidence it learns as a result of that act". This is why you're wrong, and why your entire argument false apart, because you claimed the exact opposite when you tried to conflate the two.

    EDIT to respond to edits:
    Yes I can see why.
     
    Last edited: May 31, 2014
  25. S.B.

    S.B. Registered Member

    Joined:
    Jan 20, 2003
    Posts:
    150
    You really have no idea what you are talking about. You have no idea what use immunity actually means. The actual ruling found on the EFF page you cited states in the last paragraph:

    "That the government SHALL BE precluded from using Ms. Fricosu’s act of production of the unencrypted contents of the computer’s hard drive against her in any prosecution."

    As I said before, that means the govt won't be able to use the info on the drive to prosecute the defendant in a criminal prosecution unless they can prove they obtained the info on the drive independently from the defendant's action in producing the drive.

    EFF was probably arguing in favor of "absolute immunity" (a stronger form of immunity precluding the govt from using the info even if they obtained the info independently from defendant's action in producing the drive) as opposed to "use immunity". But that doesn't undercut the actual "use immunity" granted the defendant.

    Enough.

    __
     
    Last edited: May 31, 2014
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.