TRUECRYPT SECURITY

Hi,

I note that many here use Truecrypt.

I expect you all know that there is a debate surrounding Truecrypt and its security since development has ceased.

I am just posting to see what you think of the debate.

For example, are you using TC to open volumes that you intend to re-encrypt in another programme, or are you not concerned.

I have seen two arguments:

Don't worry it's fine.
unencrypt your volumes and then chose another programme that will continue in its development.

What do you think?

 

I am waiting to see the results of the Audit. The second phase will be my deciding factor. Personally I don't think their is anything wrong with it. At this point, I compile mine from source to be safe.

I was lucky as I had downloaded the source code just a few days before they shutdown. I am skeptical about the other projects that are trying to take over from where TC crew left off. We will see who does the best job and then need an audit on that one after.

I do NOT think there is a weakness or backdoor in TC.
I ONLY trust TC when compiled from known good source code, at this point in time.
I normally use LUKS Containers and TOMB for encryption personally - This is because I use linux for 99% of my work.

TL; DR: I believe it is perfectly fine to use. Wait for the second phase of the audit to make a judgement call UNLESS you are using it for mission critical work, in which case switch to LUKS or something else.

 

This. I was especially leery of the one everyone was told they may as well just go ahead and use in it's absence. But then I saw that message for what it truly was... an indictment on the OS's made since XP, rendering which product you use (even theirs) completely moot.

This is the truly perplexing/pressing issue IMHO. And not being acknowledged by hardly anyone. I think because most people don't want to believe it, even though deep down a part of them does.

 

I read the goodbye from TrueCrypt developers as luciddream does. Security of encryption (anything, really) on Windows can't be assured. I only use Windows in VMs, and never tell it anything that needs to stay private. In particular, I never use Windows where there's a money trail to my true name, unless there's no reason to conceal my true name.

 

I use TC, as there's not many options which is compatible with both of Windows and Linux.
As to vulnerability or backdoor, I can't comment on until 2nd phase audit has done but probably some vuln will be found. The thing is how much those vuln are serious. Most of crypt attack except some side-channel are quite condition-sensitive.

But I rather quite warrying about the future. Crypt program must keep up with latest situation, but how much we can trust those folks, or competitor like Diskcryptor will make it Linux compatible (or possibly is it already?) and support file container?
I'm also waiting next version of Encfs, though.

We know even within short history of TC, they changed their cipher-block mode to XTS, but what if serious vuln is found in XTS?
We need reliable successor.

 

If TrueCrypt passes the latest audits, I will trust it. But never in Windows 7-8-9-etc.

If hidden volumes -- and better, hidden OS -- worked in Linux, that would be keen

 

Me too.

 

If anyone reading this is a linux DEV of substance, I will surely contribute to a hidden OS approach using Unix (you pick the flavor of any major distro). I am pretty sure there are some private "coding" solutions around, and I have been told its not really that tough to accomplish. My coding is not up to the task. I may be off base in my thinking but I would cheerfully pay 100 bucks for a quality product. Bet there are lots of others that would too.

I am just speaking about how I feel support could quickly come to pass if this took off. I am NOT suggesting linux become a paid OS, which is contrary to everything we sort of believe in. What I am saying is that folks would jump on a "wagon" to get this done because there is a strong need for it. NEED and not want by the way.

 

Cryptsetup devs poo-poo Hidden OS ideas, unfortunately. I think the only chance would be for Kali to do it. They already gave us a "destroyable" encryption key option.

I use TC still, I trust it. All Hidden OS, launched from a MicroSD bootloader. Windows can't communicate, Linux VM can.

I think that TC goodbye message was because:

They were indeed tired of maintaining it...or too busy.

And they knew after the audit, that even though nothing major may be found, they'd still be inundated with a zillion requests to fix every little problem.

 

PD,

I still use TC for my linux created/encrypted media volumes. I do NOT use it for hidden OS anymore because I no longer trust WINDOWS. I would still be using TC system disk encryption on Linux if they had coded a linux OS product (system disk decoy + hidden). This is NOT a TC issue its a windows issue where security is concerned. BTW - even though my volumes are created on linux (including hidden volumes) they work fine on a windows system too.

Do you have any links from the Cryptsetup devs regarding their philosophy on hidden OS? I am really looking to hear their interpretation regarding FEASIBILITY on the subject. I have memories of it being: "very feasible but we have no interest" rather than it can't be done without a major re-do of things. We just need to get a few Devs that are privacy activists to get on board with the notion. I really think its not that tough of a project. Again, it is beyond me at this point. I can "black box" the concept pretty well but my coding just isn't there.

I was a LTRM over on the TC forums with thousands of how to posts; hidden OS, bootloader media, compiles, forks, etc... I know the product and its solid, with the limits being the operating system that drives it.

 

That's how I see it as well. The way in which the website was changed makes me believe that they were identified and found. Given that possibility, I'd be hesitant to trust the audit (if it's ever completed). If someone got to the developers, what prevents them from doing the same with the auditors? "Report what we tell you to or spend the rest of your life as a terrorism supporter in Guantanamo."

 

Right now in Win7x64 I run Thunderbird in it's own TC 7.1a container, 750MB named thunderbird.tc. It's encrypted with Serpent and RIPEMD-160 with a 13 character password, complex but something I will remember.

Also in Win7x64 I use Serpent to create a self-extracting archive of personal data files. I then use AES to create a self-extracting archive of that file. Both exe files have complex passwords of 32 character lengths.

In that all those are of "anything, really" encryption, how is it the security of these is "moot" and "can't be assured" because they weren't created under XP or Linux?

If somehow someone were to acquire the tc and exe files, would they bust wide open with, considering the gist of this thread's commentary, little effort?

If I were to create those files on an XP or Linux system (which is within the scope of my skill set and systems at hand), would the use of those files on another Win OS system render their security to the "can't be assured" state?

Thanks!

Well, that's a concern to be sure. I await the results of the audit nonetheless.

However, in the frenzy to replace TC, the developers of products, open source or commercial, anywhere on the planet have already received a night time visit from a covert spec-ops team (multinational, of course) delivering a similar message and "special" instructions. As did the developers of everything else ever done except the TrueCrypt teams.

 

Which Truecrypt version do you guys use or consider safe?

 

I don't trust Windows either, but I fail to see how the second partition can be exploited at all from the outside. I don't even have the TC Bottloader on disk. The decoy is unencrypted, I don't "follow the rules" After the Hidden OS boots, it is completely cut off from the network except for getting an IP from the router so the Linux VM can work - it can't report anything to anyone, even if it was malicious.

As far as the cryptsetup devs - they have a FAQ page, and IIRC, on it, they talk about how hidden stuff is useless, in their opinion.

See section 5.18 What about Plausible Deniability? here: -https://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#5._Security_Aspects-

 

7.1a Steve Gibson has a copy:

(can't un-hotlink the addy, just search GRC TrueCrypt)

 

While I won't argue with folks using 7.1a, I have hundreds of hours doing 6.3a code and I swear by it. My rationale is that back in 2009 before TC really got 3 letter attention, the pressure to "acquire"/mandate a backdoor wasn't there yet. Sort of like why I used PGP 6.5.8 for many years because it was the last pre-911 release.

In order for you to make that assumption you simply MUST trust the windows hidden OS that hosts the linux VM. btw - I ran that exact configuration for several years and could set that up blindfolded. Its as solid as it gets, and I applaud your knowledge and understanding. You are not a TC beginner by any means. Still, it relies upon the windows hidden system disk and you really can't escape that reality. You are mitigating the risks well, which I did too.

 

Well, while any of that encrypted stuff is decrypted, Windows could write stuff from memory to the disk, and leave it there. It could even encrypt it with XYZ's public key, and covertly retrieve it for them, gradually in the background

 

@FOXP2
It doesn't matter how good the encryption software or the algorithm being used is if the operating system it's running on isn't secure. When the developers recommended Bitlocker, then tied the end of TC development with the end of support for XP, many of us took that as a message that the post XP operating systems can't be trusted. The message that they left makes no real sense in any other context.

 

I obtained my TC programme from Steve Gibson's site, and where the Hash files are kept on Taylor Hornby's site. I believe that these sites offer a tested TC. I use Kubuntu and hence don't have Windows weaknesses.

I am concerned about future developments of TC, sooner or later it will become vulnerable if not maintained.

Best wishes

 

Could. Could. Pure conjecture.

Many of us didn't. Sense is supposed; context is selective.

Thanks anyway.

 

Yes, of course, it's conjecture.

But I prefer a precautionary approach to risk management

 

By itself, I wouldn't consider it sufficient reason either. Problem here is that it's one of many. On post XP systems, it's no longer possible to close all of the listening ports. It's not possible to disable all of the activity logging. It forces you onto a file system that hides data in alternate data streams. The user doesn't have the same level of control over the OS at a service level. All of these changes happened after the NSA supposedly helped MS with securing the operating system. IMO, these changes and others haven't made a more secure OS. They've made the OS openly hostile to user privacy.

 

I have seen several articles posted here about judges ordering people to hand over the passwords for truecrypt because LE can't crack it. The last one was some woman who was accused of financial fraud. I seriously doubt that they were all using XP. In fact, I bet most of them were using Windows 7. And so far I know of not one single example of anyone who has been able to decrypt a laptop encrypted with TC.

 

I'm not all that interested in a drop-in replacement for TC, unless the audit exposes something unworkable.

What I'd like to see is something which deals with the issues of TC containers, for example, some form of container MAC so that when you've opened the container, it doesn't open the virtual disk for any old application to access it, IOW, a form of disk firewalling. Currently, once you've opened a container, the whole thing is open to any running malware (and unless you're careful, any running account!).

I'd also like, at least as an option, the ability to have some checksum/integrity on container or file properties, so that any attempt at tampering is evident.

 

What caspian said:

What you'd like to see would most likely be presented in a turnkey industrial solution that's not, well... free.

Attempts at tampering? That would occur if
1) one left a system unlocked and unattended long enough for someone to, um, tamper,
2) one's system is located where someone could sit at it unnoticed long enough to crack it,
3) something stealthy got in through the NIC or WiFi radio,
4) the last time you were smashed, you blurted out your password to your drinking pals.
Of course, three could never happen to any Wilders member.

What I'm gathering in this thread is akin to urban legend and judgmentally from within an historical vacuum. The weaknesses in "security of encryption (anything, really) on Windows" are local while the "anything, really" encryption processes or TC are in use. Active or residual data residing on media or in memory? Really? That's been a discussion for ages for the discipline of intrusion prevention, physical and network. I don't see how WinXP (and Linux for that matter) is suddenly no longer subject to it.

Again, like most everyone else, I await the 2nd report on TC.

As for the data in files I discussed in #12 above, I submit they are as close to an ideal quality of security as one can expect from the mainstream and free tools available to savvy users for any Windows2K and later. If some entity has the near-unlimited resources to offload those files from my system and expose the data or if LE demands my passwords, what the heck am I going to do about that? (That question is rhetorical.) Some crack head steals my desktop or laptop? See the first sentence in this paragraph.

And, yes, everything on Linux is superior and foolproof; no argument there. Oh wait... Apple.

For me, end of discussion. Cheers.