Here are the God-mode holes that gave TrueCrypt audit the slip Google Project Zero hacker James Forshaw has found a pair of privilege-elevation holes in the once-popular TrueCrypt encryption package. The bugs have been patched in spinoff app Veracrypt, so if you want to stay secure, you may want to shift over to that package. The flaws are not the fabled backdoors feared lurking in the …
The assumption was that if TrueCrypt was compromised, then it would be somewhere in the encryption algorithm, but we don't give the intelligence agencies enough credit. Who needs a backdoor to the encryption if you have compromised the system, to among other things, obtain the password via a key logger?
No I'm not suggesting that this was deliberate, although I'm absolutely ready to believe that TrueCrypt has been compromised in some form. This does however remind us that there is more than one way to crack a nut, and that spooks would prefer a less obvious yet incredibly simple approach of pick-pocketing the key while their targets are focused on improving the lock.
>>spooks would prefer a less obvious yet incredibly simple approach of pick-pocketing the key while their targets are focused on improving the lock.
Yes. One thing that makes me wary of VeraCrypt is (from their site):
"TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661."
That does not fill me with the confidence of knowing that VeraCrypt is even vaguely aware of
>>less obvious yet incredibly simple approach(es).
>So if this isn't a backdoor, what the heck is it defined as? Enlighten me.
A backdoor would be that the password "ImFromTheNSA" would decrypt truecrypt volumes, or that part of the algorithm is deliberately weakened so that encrypted drives can be cracked.
This is a (possible) way of injecting a virus into Truecrypt, if they wanted to key log you the weakness doesn't have to be in truecrypt it can be in anything in Windows - or they can just ask the nice people in Redmond for a general keylogger to be built into a windows update.
Yeah, Although unfortunately this probably falls under the 'conspiracy theory' banner simply because there's no way of proving it either way, I'm tempted to agree with you!
Without other supporting evidence, there's no way of telling the difference between a genuine vulnerability and a cleverly placed backdoor.
Mmmm, drive letters… let's party like it's 1973.
I got bored one day, had a Windows 2000 installation on a 40GB HDD that had been updated from NT4, so consequently, had lots of 2GB FAT partitions. So most drive letters in use by partitions. I mapped some network drives and so had everything A-Z used up.
Then I plugged a USB card reader in. Poor Windows did not know what to do!
You mean you stopped at Z??
C:\Users\NK>subst [: c:\temp
C:\Users\NK>[:
[:\>dir
Volume in drive [ is Windows
Volume Serial Number is 2CE3-394D
Directory of [:\
25/09/15 15:38 <DIR> .
25/09/15 15:38 <DIR> ..
06/08/15 03:48 <DIR> DCIM
09/09/15 07:53 25,385 draytools-master.zip
21/08/15 15:01 77,824 212 - Expenses Reimbursement Policy (UK).doc
08/09/15 17:03 1,217,081 Fast Serial Debugger Drivers.zip
** SNIP **
15 File(s) 13,082,375 bytes
4 Dir(s) 60,633,071,616 bytes free
[:\>
after its mysterious authors claimed the disk-encryption utility had unresolved security issues.
While I've seen this said before, what they actually left behind looks more like a generic warning that the software may have flaws and that, as it's no longer being actively developed, these will not be patched.
Or, in other words, they too were of the opinion that just 'cos you didn't find any bugs in your last audit does not mean that there are none......(!)
At the risk of being down-voted, then I would imagine Most users of drive encryption software on windows have little to hide from GCHQ, and are simply using it to enhance the privacy of their personal information from casual eaves droppers such as PC repair men or after casual theft of a laptop / leaving it on a train. To use an analogy, not using encryption is a bit like sending personal information on a post card. It's not that a paper envelope is an impenetrable barrier to a determined snooper, but it stops casual loss of personal data. Therefore I suggest that most users of Truecrypt on windows do care about security (otherwise they wouldn't use it), but don't require government proof security. Horses for courses as they say.
Absolutely. I use encrypted /home in Ubuntu, bog-standard, plus BIOS boot password to stop the casual thief or his / her fence from having access to my stuff. Also disable single user mode.
Is it going to stop a determined, knowledgeable person from recovering? Of course not.
Is it going to stop an opportunist tea-leaf from accessing my stuff? I tempt fate, but I think there's a pretty good chance, and there's a lot more of them than knowledgeable people out there.
I create content (screenwriter) and could definitely still sleep if it got pinched and I knew they couldn't read /home*, and even if they got past the BIOS password they'd probably reformat the SSD anyway when they put pirated Windows on it to move it on.
That's the raison d'etre for most using it - it's basic roadblocks in the way of petty criminals, not to hide anything from powers that be or encrypt as some sort of dry technical 'ner-ner mine's more complex than yours' exercise. Just reasonable mitigation steps, for reasonable security against bag-snatchers and hotel lurkers. That's all.
* yes yes, I know about swap and other places, etc - but I don't care. Reasonable steps, etc, which is more than most make.
Indeed I always say to my customers that wring their hands over encryption -
"Look do you have any data that a man in a tactileneck and night-vision goggles will slide silently down on a wire from a skylight to get his hands on?"
So far the answer has always been "Erm no!"
As mentioned encryption for most is just to stop the opportunist having a gander and avoiding legal/media embarrassment.
I beg to differ on the ease-to-install bit. The default install (at least on the laptop I'm using) just used TPM, or a recovery key. No password required at bootup. Sure, the drive is encrypted, so if someone rips it out of the laptop it's useless(*), but if someone has access to the whole laptop, there's no protection at all.
Had to spend quite a bit of time researching and finding the right Group Policies to edit (I don't use/admin Windows all that much) until I got an option in the control panel allowing me to specify a bootup password.
Completely fail to understand what the point of the default install was.
"Anyone using Truecrypt on windows obviously doesn't care about security that much anyway"
I think you'll find they really do care; you have to get past TrueCrypt to get to Windows, so the security or otherwise of Windows isn't as relevant as the security of TrueCrypt.
A bit like putting a petty-cash tin in a safe.
As other's have mentioned, the point of hard disk encryption is to ensure that if the disk goes missing, either through accidental loss or targeted theft, the information on the disk is still relatively secure.
"Anyone using Truecrypt on windows obviously doesn't care about security that much anyway."
Yep, hence why enterprises tend to use BitLocker configured to best practices with a TPM and Secure Boot. No one that cared about security would want to use a product without commercial support.
No one that cared about security would want to use a product without commercial support.
Few would want to support a large user base in a company for a software product without commercial support because it is a nightmare if it suddenly breaks or something. But that doesn't say anything at all about its security, just its usability.
But perhaps if someone really cares about security above all else, they would not consider using a closed source product, for exactly the same reasons for not using a secret proprietary encryption algorithm.
This surprises me actually I thought for the most part since it was abandoned people would have stopped using it?
Although personally as I'm one of those hipster Linux users I've been using LUKS now for a long time. Personally I find it more convenient than truecrypt ever was. For example, on your mission critical laptop that holds every single credit card number, home address, siblings, wives and children personal and medical details that belong to your customers[1] you'll be better off just encrypting the whole drive with LUKS instead of making a Truecrypt container.
[1] If you do this, you probably work for the NHS and are always losing these details.
"Shouldn't you be using a Mac?"
No no no, I don't have a push bike! I'm not hipster enough for a Mac. :-P
As a side note, I have tried ol' macs farm, but in all honesty it just wasn't for me, I could see it had a few good merits where some users would like it.. but just wasn't my bottle of rum.
"you'll be better off just encrypting the whole drive with LUKS instead of making a Truecrypt container"
But you can use TrueCrypt for full disk (including system disk) encryption; works a treat, you can even use a single password to unlock all drives on the machine in one go (requires password caching in TrueCrypt, so is slightly less safe).
That's the main reason I stopped using Truecrypt for full disk encryption in that it can no longer support modern PC hardware in certain setups. I think that maybe had more to do with it being dropped by it's developer. Just not worth the hassle.
I still use it for containers though.
Hopefully whomever picks the code up makes the same assurances about integrity - the reason the originators stayed out of the public eye was that anonymity supposedly kept the TLA's from hunting them down and forcing a compromise into the code.... *cough* (thus the paranoia when they left the project). If you can lever it around and get elevated privileges in winders with the TrueCrypt client then well.......... Perhaps there original team saw an exploit in the wild that used those holes, and didn't know where to go with it, panicked and ran?
LUKs has the advantage in my case of keeping several volumes, different passwords, different requirements - and additionally - I am able to hand off unique passwords to (boss/coworker/wife/lawyer) so that in the event of [BUS->] (me) they have some hope of recovering my work, but I can contain who gets to see which bits. As I get it bitlocker can do the (alternate password) bit but can't do "volume" level encryption, it must do the entire disk.
I suppose the example in the physical world is a good one.
You can never really make it impossible for someone to steal something. You can only make it expensive, a lot of hassle, or take too much time.
Well, with the exception of destroying it. But then if that is done, neither can you keep it. :P
TrueCrypt has been audited, and pounded on by the three letter acronym agencies without success.
I bet VeraCrypt has holes in it though, probably put there by one of the three letter acronym companies.
Much more of the true story can be gotten from Steve Gibson in the SecurityNow podcast over at https://www.grc.com/securitynow.htm
TrueCrypt will be and always will be secure.
"The only commercial support worth having is for the case when the encryption key is lost/forgotten and they can use their backdoor to decrypt your data for you."
There isn't a backdoor in commercial / recommended settings installs of BitLocker, unless by choice you create a recovery key - in which case you normally store it in Active Directory.
The support certainly is worth having - we received excellent support in recovering encrypted data from a corrupted disk (we had the recovery key).
For home users though, there is a back door in that your recovery key is by default backed up to One Drive, so potentially other parties could access it. Simple to delete it if you are aware of this and care though...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
