back to article Here are the God-mode holes that gave TrueCrypt audit the slip

Google Project Zero hacker James Forshaw has found a pair of privilege-elevation holes in the once-popular TrueCrypt encryption package. The bugs have been patched in spinoff app Veracrypt, so if you want to stay secure, you may want to shift over to that package. The flaws are not the fabled backdoors feared lurking in the …

  1. Anonymous Coward
    Anonymous Coward

    Lateral thinking

    The assumption was that if TrueCrypt was compromised, then it would be somewhere in the encryption algorithm, but we don't give the intelligence agencies enough credit. Who needs a backdoor to the encryption if you have compromised the system, to among other things, obtain the password via a key logger?

    No I'm not suggesting that this was deliberate, although I'm absolutely ready to believe that TrueCrypt has been compromised in some form. This does however remind us that there is more than one way to crack a nut, and that spooks would prefer a less obvious yet incredibly simple approach of pick-pocketing the key while their targets are focused on improving the lock.

    1. Mike 125

      Re: Lateral thinking

      >>spooks would prefer a less obvious yet incredibly simple approach of pick-pocketing the key while their targets are focused on improving the lock.

      Yes. One thing that makes me wary of VeraCrypt is (from their site):

      "TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661."

      That does not fill me with the confidence of knowing that VeraCrypt is even vaguely aware of

      >>less obvious yet incredibly simple approach(es).

    2. NoneSuch

      WTH?

      "The flaws are not the fabled backdoors feared lurking in the TrueCrypt code, but can be exploited to compromise the machine, install spyware, record password keystrokes, and so on."

      So if this isn't a backdoor, what the heck is it defined as? Enlighten me.

      1. Lysenko

        Re: WTH?

        A slightly ajar, 12" square upstairs window.

      2. Yet Another Anonymous coward Silver badge

        Re: WTH?

        >So if this isn't a backdoor, what the heck is it defined as? Enlighten me.

        A backdoor would be that the password "ImFromTheNSA" would decrypt truecrypt volumes, or that part of the algorithm is deliberately weakened so that encrypted drives can be cracked.

        This is a (possible) way of injecting a virus into Truecrypt, if they wanted to key log you the weakness doesn't have to be in truecrypt it can be in anything in Windows - or they can just ask the nice people in Redmond for a general keylogger to be built into a windows update.

    3. JeffUK

      Re: Lateral thinking

      Yeah, Although unfortunately this probably falls under the 'conspiracy theory' banner simply because there's no way of proving it either way, I'm tempted to agree with you!

      Without other supporting evidence, there's no way of telling the difference between a genuine vulnerability and a cleverly placed backdoor.

  2. i1ya
    Linux

    Let me note that these vulnerabilities are Windows-only

    And from the links in article, it looks like Linux version isn't affected by them (phew...) That doesn't mean, of course, that Linux version is hole-free.

    1. gerdesj Silver badge
      Linux

      Re: Let me note that these vulnerabilities are Windows-only

      "It relates to abuse of drive letter handling"

      Can't recall seeing one of those drive letter things for some time now.

      1. Anonymous Coward
        Anonymous Coward

        Re: Let me note that these vulnerabilities are Windows-only

        Mmmm, drive letters… let's party like it's 1973.

        I got bored one day, had a Windows 2000 installation on a 40GB HDD that had been updated from NT4, so consequently, had lots of 2GB FAT partitions. So most drive letters in use by partitions. I mapped some network drives and so had everything A-Z used up.

        Then I plugged a USB card reader in. Poor Windows did not know what to do!

        1. Linker3000
          Boffin

          Re: Let me note that these vulnerabilities are Windows-only

          You mean you stopped at Z??

          C:\Users\NK>subst [: c:\temp

          C:\Users\NK>[:

          [:\>dir

          Volume in drive [ is Windows

          Volume Serial Number is 2CE3-394D

          Directory of [:\

          25/09/15 15:38 <DIR> .

          25/09/15 15:38 <DIR> ..

          06/08/15 03:48 <DIR> DCIM

          09/09/15 07:53 25,385 draytools-master.zip

          21/08/15 15:01 77,824 212 - Expenses Reimbursement Policy (UK).doc

          08/09/15 17:03 1,217,081 Fast Serial Debugger Drivers.zip

          ** SNIP **

          15 File(s) 13,082,375 bytes

          4 Dir(s) 60,633,071,616 bytes free

          [:\>

        2. Anonymous Coward
          Anonymous Coward

          Re: Let me note that these vulnerabilities are Windows-only

          I did this years ago too. Windows drive letters definitely go past just the alpha characters.

  3. TeeCee Gold badge
    Meh

    Really?

    after its mysterious authors claimed the disk-encryption utility had unresolved security issues.

    While I've seen this said before, what they actually left behind looks more like a generic warning that the software may have flaws and that, as it's no longer being actively developed, these will not be patched.

    Or, in other words, they too were of the opinion that just 'cos you didn't find any bugs in your last audit does not mean that there are none......(!)

  4. Joe K

    Pfft

    Anyone using Truecrypt on windows obviously doesn't care about security that much anyway.

    1. Owain 1

      Re: Pfft

      At the risk of being down-voted, then I would imagine Most users of drive encryption software on windows have little to hide from GCHQ, and are simply using it to enhance the privacy of their personal information from casual eaves droppers such as PC repair men or after casual theft of a laptop / leaving it on a train. To use an analogy, not using encryption is a bit like sending personal information on a post card. It's not that a paper envelope is an impenetrable barrier to a determined snooper, but it stops casual loss of personal data. Therefore I suggest that most users of Truecrypt on windows do care about security (otherwise they wouldn't use it), but don't require government proof security. Horses for courses as they say.

      1. Anonymous Coward
        Anonymous Coward

        Re: Pfft

        Absolutely. I use encrypted /home in Ubuntu, bog-standard, plus BIOS boot password to stop the casual thief or his / her fence from having access to my stuff. Also disable single user mode.

        Is it going to stop a determined, knowledgeable person from recovering? Of course not.

        Is it going to stop an opportunist tea-leaf from accessing my stuff? I tempt fate, but I think there's a pretty good chance, and there's a lot more of them than knowledgeable people out there.

        I create content (screenwriter) and could definitely still sleep if it got pinched and I knew they couldn't read /home*, and even if they got past the BIOS password they'd probably reformat the SSD anyway when they put pirated Windows on it to move it on.

        That's the raison d'etre for most using it - it's basic roadblocks in the way of petty criminals, not to hide anything from powers that be or encrypt as some sort of dry technical 'ner-ner mine's more complex than yours' exercise. Just reasonable mitigation steps, for reasonable security against bag-snatchers and hotel lurkers. That's all.

        * yes yes, I know about swap and other places, etc - but I don't care. Reasonable steps, etc, which is more than most make.

      2. jason 7 Silver badge

        Re: Pfft

        Indeed I always say to my customers that wring their hands over encryption -

        "Look do you have any data that a man in a tactileneck and night-vision goggles will slide silently down on a wire from a skylight to get his hands on?"

        So far the answer has always been "Erm no!"

        As mentioned encryption for most is just to stop the opportunist having a gander and avoiding legal/media embarrassment.

      3. Sil

        Re: Pfft

        For this purpose, BitLocker isn't too shabby either and quite easy to set-up / use.

        1. Tom 35 Silver badge

          Re: Pfft

          Except for all the people using the Windows-home version. Then BitLocker is out.

        2. Micha

          Re: Pfft

          I beg to differ on the ease-to-install bit. The default install (at least on the laptop I'm using) just used TPM, or a recovery key. No password required at bootup. Sure, the drive is encrypted, so if someone rips it out of the laptop it's useless(*), but if someone has access to the whole laptop, there's no protection at all.

          Had to spend quite a bit of time researching and finding the right Group Policies to edit (I don't use/admin Windows all that much) until I got an option in the control panel allowing me to specify a bootup password.

          Completely fail to understand what the point of the default install was.

    2. Anonymous Blowhard

      Re: Pfft

      "Anyone using Truecrypt on windows obviously doesn't care about security that much anyway"

      I think you'll find they really do care; you have to get past TrueCrypt to get to Windows, so the security or otherwise of Windows isn't as relevant as the security of TrueCrypt.

      A bit like putting a petty-cash tin in a safe.

      As other's have mentioned, the point of hard disk encryption is to ensure that if the disk goes missing, either through accidental loss or targeted theft, the information on the disk is still relatively secure.

    3. TheVogon Silver badge

      Re: Pfft

      "Anyone using Truecrypt on windows obviously doesn't care about security that much anyway."

      Yep, hence why enterprises tend to use BitLocker configured to best practices with a TPM and Secure Boot. No one that cared about security would want to use a product without commercial support.

      1. Smooth Newt

        Re: Pfft

        No one that cared about security would want to use a product without commercial support.

        Few would want to support a large user base in a company for a software product without commercial support because it is a nightmare if it suddenly breaks or something. But that doesn't say anything at all about its security, just its usability.

        But perhaps if someone really cares about security above all else, they would not consider using a closed source product, for exactly the same reasons for not using a secret proprietary encryption algorithm.

  5. qwertyuiop
    WTF?

    But how do I know I can trust Veracrypt?

  6. JakeMS
    WTF?

    People still use Truecrypt and friends?

    This surprises me actually I thought for the most part since it was abandoned people would have stopped using it?

    Although personally as I'm one of those hipster Linux users I've been using LUKS now for a long time. Personally I find it more convenient than truecrypt ever was. For example, on your mission critical laptop that holds every single credit card number, home address, siblings, wives and children personal and medical details that belong to your customers[1] you'll be better off just encrypting the whole drive with LUKS instead of making a Truecrypt container.

    [1] If you do this, you probably work for the NHS and are always losing these details.

    1. Doctor Syntax Silver badge

      Re: People still use Truecrypt and friends?

      "I'm one of those hipster"

      Shouldn't you be using a Mac?

      1. JakeMS

        Re: People still use Truecrypt and friends?

        "Shouldn't you be using a Mac?"

        No no no, I don't have a push bike! I'm not hipster enough for a Mac. :-P

        As a side note, I have tried ol' macs farm, but in all honesty it just wasn't for me, I could see it had a few good merits where some users would like it.. but just wasn't my bottle of rum.

      2. Anonymous C0ward

        Re: People still use Truecrypt and friends?

        Macs aren't hipster. They're far too mainstream. You want a real minority platform.

    2. Anonymous Blowhard

      Re: People still use Truecrypt and friends?

      "you'll be better off just encrypting the whole drive with LUKS instead of making a Truecrypt container"

      But you can use TrueCrypt for full disk (including system disk) encryption; works a treat, you can even use a single password to unlock all drives on the machine in one go (requires password caching in TrueCrypt, so is slightly less safe).

      1. ragnar

        Re: People still use Truecrypt and friends?

        You can't do full disk encryption in loads of circumstances though, one of which is using GPT partitions for Windows 10 or if you're using the Linux version.

        1. Anonymous Coward
          Anonymous Coward

          Re: People still use Truecrypt and friends?

          "for Windows 10 or if you're using the Linux version."

          What? There's a Linux version of Windows 10?

          (Sorry ragnar, I understand what you mean. Just my twisted mind twisting words again.)

        2. jason 7 Silver badge

          Re: People still use Truecrypt and friends?

          That's the main reason I stopped using Truecrypt for full disk encryption in that it can no longer support modern PC hardware in certain setups. I think that maybe had more to do with it being dropped by it's developer. Just not worth the hassle.

          I still use it for containers though.

    3. noboard
      Joke

      Re: People still use Truecrypt and friends?

      "[1] If you do this, you probably work for the NHS and are always losing these details."

      I think you'll find the details are safe and secure on this post-it note stuck to the inside of the laptop thankyouverymuch

    4. dogged

      Re: People still use Truecrypt and friends?

      > [1] If you do this, you probably work for the NHS and are always losing these details.

      If you work for the NHS, LUKS is not available for your Windows XP laptop.

    5. Anonymous Coward
      Anonymous Coward

      Re: People still use Truecrypt and friends?

      Why would it contain such data on its own drive, and not dial back over a VPN to a server to display the data?

  7. Alistair Silver badge
    Windows

    Truecrypt and veracrypt

    Hopefully whomever picks the code up makes the same assurances about integrity - the reason the originators stayed out of the public eye was that anonymity supposedly kept the TLA's from hunting them down and forcing a compromise into the code.... *cough* (thus the paranoia when they left the project). If you can lever it around and get elevated privileges in winders with the TrueCrypt client then well.......... Perhaps there original team saw an exploit in the wild that used those holes, and didn't know where to go with it, panicked and ran?

    LUKs has the advantage in my case of keeping several volumes, different passwords, different requirements - and additionally - I am able to hand off unique passwords to (boss/coworker/wife/lawyer) so that in the event of [BUS->] (me) they have some hope of recovering my work, but I can contain who gets to see which bits. As I get it bitlocker can do the (alternate password) bit but can't do "volume" level encryption, it must do the entire disk.

  8. JeffyPoooh Silver badge
    Pint

    It never mentioned that on the tin...

    General rule:

    IT / Encryption Security can be down to the tiniest detail.

    Any given system can be 'perfect', right up until it's revealed that it isn't (and wasn't).

    There are some deep lessons there.

    1. TechnicalBen Silver badge
      Mushroom

      Re: It never mentioned that on the tin...

      I suppose the example in the physical world is a good one.

      You can never really make it impossible for someone to steal something. You can only make it expensive, a lot of hassle, or take too much time.

      Well, with the exception of destroying it. But then if that is done, neither can you keep it. :P

  9. Anonymous Coward
    Anonymous Coward

    Like pulling teeth...

    ... to get some usable details. Kernel mode vulnerabilities from installing the Truecrypt driver. Veracrypt version 1.15 (just out) addresses it.

  10. batfastad
    Black Helicopters

    Audit

    Depends who did the audit. I mean, who really did the audit.

  11. Simon Hughes
    Alert

    There are no flaws in TrueCrypt

    TrueCrypt has been audited, and pounded on by the three letter acronym agencies without success.

    I bet VeraCrypt has holes in it though, probably put there by one of the three letter acronym companies.

    Much more of the true story can be gotten from Steve Gibson in the SecurityNow podcast over at https://www.grc.com/securitynow.htm

    TrueCrypt will be and always will be secure.

    1. Anonymous IV

      Re: There are no flaws in TrueCrypt

      You mean you actually believe all that Steve Gibson says?

      He's always struck me* as the coder implementation of Steve Ballmer. lashing out in all directions, somewhat randomly.

      (They even have the same forename.)

      * pun was accidental!

  12. crayon
    Joke

    "No one that cared about security would want to use a product without commercial support."

    The only commercial support worth having is for the case when the encryption key is lost/forgotten and they can use their backdoor to decrypt your data for you.

    1. Anonymous Coward
      Anonymous Coward

      "The only commercial support worth having is for the case when the encryption key is lost/forgotten and they can use their backdoor to decrypt your data for you."

      There isn't a backdoor in commercial / recommended settings installs of BitLocker, unless by choice you create a recovery key - in which case you normally store it in Active Directory.

      The support certainly is worth having - we received excellent support in recovering encrypted data from a corrupted disk (we had the recovery key).

      For home users though, there is a back door in that your recovery key is by default backed up to One Drive, so potentially other parties could access it. Simple to delete it if you are aware of this and care though...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019