back to article TrueCrypt considered HARMFUL – downloads, website meddled to warn: 'It's not secure'

The website of popular drive-encryption software TrueCrypt has been ripped up and replaced with a stark warning to not use the crypto-tool. It's also distributing a new version of the software, 7.2, which appears to have been compromised. It's feared the project, run by a highly secretive team of anonymous developers, has been …

COMMENTS

This topic is closed for new posts.
  1. Dazed and Confused

    Oh bugger!

    I hadn't upgraded to 7.2, I hope 7.1a is OK(ish)

    1. Anonymous Coward
      Anonymous Coward

      Re: Oh bugger!

      Just checked "Help - About":

      TrueCrypt 7.1a. Released February 7, 2012.

      Phew...

      1. diodesign (Written by Reg staff) Silver badge

        Re: Re: Oh bugger!

        "TrueCrypt 7.1a. Released February 7, 2012."

        If you've downloaded 7.1a recently and not checked the code signing, I'd be worried. Not spreading FUD, just ... considering the worst-case scenario. How long has this project been compromised?

        We're following the situation.

        C.

        1. Sir Runcible Spoon

          Re: Oh bugger!

          Fortunately (I hope) I haven't upgraded mine since 7.0a

        2. Intractable Potsherd

          Re: Oh bugger!

          My basic philosophy of "If there isn't a good reason to update, leave it alone" seems to have worked - version 7.0a from 2010 here. I'm not going to move to a Microsoft "solution" unless there is a pressing need. I'll look for other options that might not be as compromised as anything coming from a company with strong links to people who want to know everything.

          1. Sir Runcible Spoon

            Re: Oh bugger!

            Before the serial NSA apologist gets in to swing, I'll state that unless the audit shows up something fundamentally broken I'll carry on using 7.0a.

            I'm not, after all, a terrorist or paedo, so for securing my personal and business data from accidental loss and use 7.0a should still be ok as far as I'm concerned*.

            However, whichever way the verdict swings as to what has actually happened here, I think we can all at least agree it is 'significant'.

            *This doesn't mean I wouldn't like the option of the spooks not having a backdoor into my private files, but there are simpler ways of achieving it than rooting TrueCrypt if I were a real target.

            1. Jamie Jones Silver badge
              Joke

              Re: Oh bugger!

              Sir Spoon, you pinko commie terrorist loving liberal socislist unpatriotic pædo!

              "Before the serial NSA apologist gets in to swing, "

              *snigger* You know he will be!

              1. Matt Bryant Silver badge
                Big Brother

                Re: Jamie Jones Re: Oh bugger!

                Apologies if you were waiting for me to reply, I was too busy laughing at the sheeple getting in a state over this. If you seriously think the NSA did this then you really are beyond delusional, I suggest you consider a few more likely options:

                1. A 'concerned activist', such as paedo Oliver Drage, got caught with a Truecrypt partition and found out it didn't save him from jail time, and is subsequently miffed enough to have hacked the site and added his 'warning'. You could add to the list of suspects such 'delightful' nonces as the Lultwatz, the Anonyputz 'no leaders' leaders, etc., etc. In which case you might want to worry that maybe the NSA and chums have backdoored Truecrypt, but it is still unlikely.

                2. Some skiddie is having a laugh, you know, just for the 'lulz', and is probably pissing himself laughing at you and the rest of the sheeple as you bleat in fear. In this case the problem is security amongst the developers and, when you finish bleating, you can carry on as you were in your normal state of paranoid self-delusion.

                3. A member of the Truecrypt team has found some incriminating evidence that he/she (OK, more likely 'he') actually shows that the app has been backdoored and has taken unilateral action to stop anyone downloading the backdoored version. Actually not that unlikely given the average Githubber's level of communication skills, but it could be a backdoor planted by anyone from the FSB to criminal hackers to the Chinese Army to members of the Lultwatz themselves (OK, the last is the least likely given their level of 'skillz'). In which case, ignore the reality that someone who had hacked Truecrypt would be unlikely to warn you they had, you ALL need to be very worried, immediately disconnect your self from the Internet and head for hidey-holes in the Ecuadorean Embassy.....

                /Pointing and laughing and ROFLMAO.

                1. Sir Runcible Spoon
                  Stop

                  Re: Jamie Jones Oh bugger!

                  I don't think the NSA have backdoored TC.

                  I do think the developers have ditched TC in a 100%, no going back kind of way and queered the pitch for anyone else wishing to take it over using the new (less restrictive) licence.

                  As to why, well they might have had a NSL which could mean the next version *would* have a backdoor, or they could just be doing it to make it *look* like they received a NSL.

                  That there are bugs in the code that could be exploited is true. Are they serious? Not sure yet, we'll have to wait for the audit to complete to know for sure.

                  Are the developers bothered about updating TC to fix any bugs? Probably not, they don't get paid, they get lots of grief, and people have just handed over a ton of cash to find more things to beat them up with. Can't feel very nice.

                  As to the manner of the death of TC, I have no idea if this was a huge hissy fit to make it look like they got a NSL or if they actually got one - I don't think it really matters now.

                  That everyone knows they *could* have received a NSL leaves enough doubt to kill TC for good, and probably enough doubt to protect them from NSA reprisals, FUD is their business after all.

                  Time to start backing a true FOSS development that has a chance of remaining free of ghostly influences.

                  "/Pointing and laughing and ROFLMAO."

                  You are a strange dude Matt. Your laughter sounds a little forced with a hint of zealous hysteria to me. I really don't get you. You sometime argue your points well and can back them up with references, yet you constantly undermine your own credibility with asinine comments. I'd be interested in meeting you face to face just to satisfy my curiosity as to whether or not you really do live under a bridge :)

                  1. tom dial Silver badge

                    Re: Jamie Jones Oh bugger!

                    NSL? Not a user myself, I know one who is. From him, the earlier version of the web site, or Wikipedia I had the distinct impression that TrueCrypt was not developed in the US. Aside from that, the customary use of NSLs seems to be to require production of information without disclosure. It is unclear how that would be useful in the case of a software producer whose product is freely available in source code (presumably along with effective procedures for building the binaries). I never felt comfortable using it due to developer anonymity.

                    It seems possible, maybe even plausible, that one or more of the developers became aware of a compromise but did not, out of fear or for other reasons, wish to disclose that.

                2. Jamie Jones Silver badge
                  Happy

                  Re: Jamie Jones Oh bugger!

                  "Apologies if you were waiting for me to reply, I was too busy laughing at the sheeple getting in a state over this."

                  I was getting anxious.... You never phone, you never text.... :-(

                  But, apology accepted - I'm glad you're in a good mood!

                  "If you seriously think the NSA did this then you really are beyond delusional, I suggest you consider a few more likely options:"

                  ..

                  I hope you are adressing the commentards generally - I don't think that at all, and I though it pretty obvious that Sir Spoon didn't either - even before he posted his clarification followup.

                  As for your 3 points, you may be surprised (and dissapointed?) to know that I basically agree with you... (Though of course, you had to make the aggreived person a pædo rather than someone who was the victim of corporate espionage, or fraud, or someone who just wants to keep his/her personal life.....errr...personal... You were doing so well up until then [I even overlooked your use of 'sheeple'] - do you write for the Daily Mail per-chance?)

                  "/Pointing and laughing and ROFLMAO."

                  I told them at the time that this would happen - but they went ahead and gave you that full length mirror anyway *rimshot*

                  Still, I'm glad you're having a good time! :-)

                  1. Matt Bryant Silver badge
                    Happy

                    Re: Jamie Jones Oh bugger!

                    "....I hope you are adressing the commentards generally - I don't think that at all...." Maybe you should, seeing as the doubts over Truecrypt have been circulating for a while, and the recent drive to vet the code seems to have severely annoyed the developer(s). Probably not the Big Bad NSA, but maybe another Big Brother(ski) instead.

                    1. Jamie Jones Silver badge
                      Thumb Up

                      Re: Jamie Jones Oh bugger!

                      Hmmmm. weren't they pleased about the audit then?

                      I'd assumed they'd welcome someone independent validating their work.... Unless they did have something to hide.....

                      As for my more personal theories, I haven't really given it much thought - I don't use encryption for much, other than ssh sessions, and that's mainly to protect the passwords, not my drivel.

                      It's funny - I agree with you that most people are overly paranoid that somone wants to read their personal emails. Where we disagree, though, is that I think it's somones right NOT to be spied on without proper due process. I also resent the constant bollocks from governments using the terrorost excuse for this overreach.

                      Remember the Bush administration? If you disagreed with them on just about any topic, you were a terrorist!

                      P.s; Why the downvote? It's true you never call..you never text...

                      1. Matt Bryant Silver badge
                        Facepalm

                        Re: Jamie Jones Oh bugger!

                        ".....Why the downvote?....." Because you want to pretend Truecrypt and other tools are not also used by terrorists, criminals and the like. And all the stories you hear about Truecrypt are not about innocent businessmen protecting industry secrets or Joe Average using Truecrypt and being victimised by The Man, they are always about criminals using Truecrypt in an attempt to avoid prosecution.

                        ".... It's true you never call..you never text..." Stop it, you'll make Boring Green jealous. He is my flock-designated, rabid, stalker sheep, doncha know.

                        1. Jamie Jones Silver badge

                          Re: Jamie Jones Oh bugger!

                          ".....Why the downvote?....." Because you want to pretend Truecrypt and other tools are not also used by terrorists, criminals and the like. And all the stories you hear about Truecrypt are not about innocent businessmen protecting industry secrets or Joe Average using Truecrypt and being victimised by The Man, they are always about criminals using Truecrypt in an attempt to avoid prosecution."

                          Not at all. I fully agree that they are probably mainly used for dodgy and illegal purposes.

                          My issue was that *you* keep implying that that is their *only* use.

                          The problem is, do you ban/break something because terrorists can use them?

                          Do we ban social gatherings, because terrorists can use them to recruit? Do we track and store the movements of every vehicle because criminals use cars as getaway vehicles? Do we stop selling fertilizer because it can be used to make bombs? etc.

                          ".... It's true you never call..you never text..." Stop it, you'll make Boring Green jealous. He is my flock-designated, rabid, stalker sheep, doncha know."

                          :-)

                          Sorry, not sure who that is, but I don't want to upset your designated stalker! I'll suffer in silence from now on instead!

                          P.s. For what it's worth, I didn't downvote you

                          1. Anonymous Coward
                            Anonymous Coward

                            Re: Jamie Jones Oh bugger!

                            "Not at all. I fully agree that they are probably mainly used for dodgy and illegal purposes.

                            Don't be daft! They are probably widely used for dodgy and illegal purposes... just like cars and phones and watches and computers and pens and so on... but "mainly used for dodgy and illegal purposes" seems almost Matt-Bryant bonkers. If we're going to speculate, they are probably mainly used by teenagers messing about or keeping their pr0n stash out of sight of mum.

                            Or did you mean ...for dodgy or illegal purposes?.. which could probably include both messing about and perfectly legal pr0n sequestration.

                            1. Jamie Jones Silver badge

                              Re: Jamie Jones Oh bugger!

                              Yeah. replace 'mainly' with 'wildly'. My vocabulary was out of sync with what I meant.

                              Cheers, Matt ;-)

                          2. Matt Bryant Silver badge
                            Facepalm

                            Re: Jamie Jones Oh bugger!

                            ".....Do we ban social gatherings, because terrorists can use them to recruit? Do we track and store the movements of every vehicle because criminals use cars as getaway vehicles? Do we stop selling fertilizer because it can be used to make bombs?....." There are already many laws regulating social gatherings, especially protests. In times of war they have been extended to cover even small gatherings and the Government retains the right to issue an order banning any gathering it likes. We also already do record most car journeys in cities on cameras that can recognise both number plates and the face of the driver. And we already have a system in place that monitors the purchase of 'dual-purpose' goods such as fertiliser. I didn't down vote you but you are displaying an alarming lack of insight into the systems already in place.

                            1. Anonymous Coward
                              Anonymous Coward

                              Re: Jamie Jones Oh bugger!

                              Speak of the devil!

                              Cheers for the downvote Matt.

                              Right backatcha.

                              1. Matt Bryant Silver badge

                                Re: AC Re: Jamie Jones Oh bugger!

                                ".....Cheers for the downvote Matt....." I didn't down vote you. I didn't think your post was interesting enough or contained sufficient original thought to rate a vote either way, TBH. I also note you childishly down voted on a presumption of slight rather than the actual points I raised, which shows you are not interested in merit only in who bleats the way you do.

                                1. Anonymous Coward
                                  Anonymous Coward

                                  Re: AC Jamie Jones Oh bugger!

                                  That's because you didn't make a point. Just a rambling observation that the surveillance state is already out of control. If I was supposed to infer from that that you think it's a good thing, then I'm sorry, I'm afraid have better things to do than attempt to psychoanalyse random Daily Mail nut jobs.

                                  1. Matt Bryant Silver badge
                                    FAIL

                                    Re: AC Jamie Jones Oh bugger!

                                    "That's because you didn't make a point....." The point I made, which obviously got filtered by your woolly blinkers, was that the majority of sheeple posting here know SFA about either the capabilities of our authorities or what they use them for.

                                    "....Just a rambling observation that the surveillance state is already out of control....." Not so, it is under very tight and overseen control, it's just you want to baaaah-lieve otherwise. As I pointed out to another member of your flock, if you want to insist all this is being used for 'evil' please do show evidence of how it is being used to harm you.

                                    "....I'm afraid have better things to do...." Like finishing primary school, I assume?

                                    "...,,than attempt to psychoanalyse random Daily Mail nut jobs." Apart from the fact I don't read the Daily anything, I would laugh at the idea of you attempting to psychoanalyse anything give your obvious analytical and observational shortcomings.

            2. Goopy

              Re: Oh bugger!

              So a SF page hacked, just post up a new one, use a better password (to keep[ from getting the page hacked again) then post up 7.1a, as obviously there is no such legit version from the team called 7.2 - let's fix this FUD!

        3. Jamie Jones Silver badge
          Thumb Up

          *Source validated 10th February 2012 is available*

          As per this page ( http://svnweb.freebsd.org/ports/head/security/truecrypt/distinfo?revision=290882&view=markup ) , checked into the FreeBSD ports tree on 10th February 2012:

          Revision 290882 - (show annotations) (download)

          Fri Feb 10 22:09:24 2012 UTC (2 years, 3 months ago) by zi

          File size: 623 byte(s)

          SHA256 (TrueCrypt_7.1a_Source.tar.gz) = e6214e911d0bbededba274a2f8f8d7b3f6f6951e20f1c3a598fc7a23af81c8dc

          SIZE (TrueCrypt_7.1a_Source.tar.gz) = 1949303

          You can easily get a version that passes both the above criteria by googling 'TrueCrypt_7.1a_Source.tar.gz'

    2. RobHib

      Re: Oh bugger!

      This might be useful to someone. My versions are as follows:

      TrueCrypt 6.1a:

      – Modified: 28-12-2008, 07:48. – File size: 3,142,768 bytes

      TrueCrypt 6.3

      – Modified: 18-11-2009, 22:48. – File size: 3,358,808 bytes

      TrueCrypt 6.3a

      – Modified: 22-02-2010, 08:57. – File size: 3,358,880 bytes

      TrueCrypt 7.1

      – Modified: 07-09-2011, 00:21. – File size: 3,470,688 bytes

      TrueCrypt 7.1a

      – Modified: 10-02-2012, 03:30. – File size: 3,466,248 bytes

      ___

      All files been on this system since: 29-11-2012

      Local timezone: GMT: +10 (+11 summer, southern h.)

      I'll do CRCs if anyone needs them. (BTW, I'm not using them on this system, storing EXE's only--nothing important enough to encrypt.)

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh bugger!

        Digests of unauthenticated origin via insecure channel not particularly interesting. However, have you had a copy of the authentication key sitting with them, for as long? A comparison (PKI "fingerprints" or just file digests) between an old copy and the one offered now would be of anecdotal interest as there have been suggestions that the key has changed.

  2. Brent Longborough
    Headmaster

    If you were the NSA...

    If you were the NSA, how would you set about neutralising things like Truecrypt?

    One option might be what we see today.

    Food for thought.

    1. Anonymous Coward
      Anonymous Coward

      Re: If you were the NSA...

      They could endorse it. That would neutralize any security program.

      I don't think the NSA had anything to do with this as they work with a lot more subtlety and this work is very loud and amateurish. You can hate them all you want but they do their job in the shadows very well.

      1. Eleveneleven1111

        Re: If you were the NSA...

        Or it's a red herring for you think it couldn't possibly be them

        1. Yet Another Anonymous coward Silver badge

          Re: If you were the NSA...

          >Or it's a red herring for you think it couldn't possibly be them

          Or that's what they want you to think !

      2. 142

        Re: If you were the NSA...

        >You can hate them all you want but they do their job in the shadows very well.

        Yeah, that's a fair statement. So who was it - assuming it's a hack? Patriot Hackers? Seems like a slightly odd target.

        Thoughts?

        Some obscure Anonymous fringe perhaps? They're not averse to taking down things for fun on occasion, especially things that claim to be secure.

        1. Immenseness
          Black Helicopters

          Re: If you were the NSA...

          Yes, but anonymous groups tend to get the grammar wrong and spell things wrong, but this seems fairly well written which makes me doubly suspicious, although of what I'm not sure!

        2. Hit Snooze

          @142

          Yeah, that's a fair statement. So who was it - assuming it's a hack? Patriot Hackers? Seems like a slightly odd target.

          It could be:

          *State sponsored hacking (pick your nation of choice)

          *Criminal sponsored hacking

          *A lone hacker

          *A dev received a secret court order and is doing what (s)he can to announce it, as someone below suggested

          *A dev found a security hole being exploited and yanked that version off the site

          *Dev infighting causing one dev to get his/her revenge

          *Ballmer and Gates playing a prank on the OS community

          Without more information it is hard to say who did what and the reasons behind it but I'm sure Occam's razor is involved somewhere.

      3. Salts

        Yet...

        History would show a different story, not disagreeing, just pointing out that human stupidity is common.

      4. Anonymous Coward
        Anonymous Coward

        learn..

        Everyone who's said "I don't think the NSA ..." in the past ended up eating their words when Snowden showed us what's really going on...

        1. Anonymous Coward
          Anonymous Coward

          Re: learn..

          >ended up eating their words when Snowden showed us what's really going on...

          But is Snowden a modern double agent? and has actually been working for a US agency all along...

        2. Michael Wojcik Silver badge

          Re: learn..

          Everyone who's said "I don't think the NSA ..." in the past ended up eating their words when Snowden showed us what's really going on...

          Everyone? Snowden's revelations validated every single thing the NSA has ever been accused of?

          I know critical thinking doesn't come easily to many Reg commentators, and that goes double for the ACs, but really - try to have a little perspective, won't you?

        3. FrankAlphaXII

          Re: learn..

          Unless you had a bit of insight and knew with a good amount of certainty what they were doing and weren't surprised at all.

          I think he's a distraction from something as most of the programs he revealed were newish versions of activity that had been carried out during the Cold War and immediately following it, it didn't touch on anything really groundbreaking like what they used to call NONSTOP, and I don't know what the purpose behind a distraction like Edward Snowden would be. Probably something any sane intelligence professional wouldn't touch.

          That or they're getting so much content that analyzing it has become truly impossible, and having a whistleblower get the public and congresscritters to pressure the agency to reform its self and cut back on the massive amount of data they collect and never analyze suits the agenda of someone with some pull, but that upper level management will not listen to for whatever reason. Seems plausible enough for me, plus I've seen many War College and Command and General Staff College papers across all five services explore the possibilities of that happening.

    2. Anonymous Coward
      Anonymous Coward

      Re: If you were the NSA...

      No need and too public.

      You just bring pressure to bear. A bit if extra judicial extraction, bit of torture; job done. Standard USA foreign policy stuff.

    3. Christian Berger

      Re: If you were the NSA...

      Yes, particularly since "they" (whoever "they" may be) recommends Bitlocker, a system which has advertised back doors which are commonly used in companies. The back doors are there to still get to the data on your disks even after forgetting your password.

      Since Bitlocker is not just closed source software, but also relies on the TPM chip (which is closed source hardware) it's naive to think the NSA doesn't have an easy way to break this.

      1. h4rm0ny

        Re: If you were the NSA...

        >>"Yes, particularly since "they" (whoever "they" may be) recommends Bitlocker, a system which has advertised back doors which are commonly used in companies. The back doors are there to still get to the data on your disks even after forgetting your password."

        That's not a Backdoor. A "backdoor" is a secret route in that isn't documented, or at least isn't public knowledge and it outside the system owner's control. The whole notion of "advertised back doors" is pretty silly. Bitlocker allows you to select if you wish the storing of secondary keys on a third party system so that the data can still be unlocked if you, e.g. suffer a hard disk failure and your local keys are corrupted, you forget your password to the data, you're in an enterprise environment and your company wants to give you an encrypted store on your laptop but still open it themselves if you wish.

        Basically, useful, advertised and voluntary features. We'll file this particular silly distortion of yours along with those other posts of yours I recall about Secure Boot and Bing copying Google's search results - posts of yours I recall recently that similarly misrepresent things. Misinformation is damaging. Your agenda is obvious.

        1. Sir Runcible Spoon
          Black Helicopters

          Re: If you were the NSA...

          It could all be a double-bluff by NSA protesters.

          Try and make it look like an act of oppression by removing or compromising a trusted tool, then actively recommending alternatives from a company that likes to lick the NSA's ring-piece would probably do the trick - but they may have over-egged the pudding. It is fairly crude, but it will certainly get attention beyond the tech-world..eventually. Expect a garbled account from the Beeb in about 6 weeks or so.

          1. Anonymous Coward
            Anonymous Coward

            Maybe the NSA IS being extra sneaky

            So, what if, hypothetically, the NSA was pulling its hair out over TC's unbreakability?

            Why not do something, like sending some sort of NS letter to the supposedly anonymous developers, which makes them freak out and close down like this.

            End result: most people they're interested in move to another, possibly less secure solution....

            Not that this helps with TC volumes already in their possession, but it proves you don't have to actually break a solution's implementation to defeat it.

          2. Anonymous Coward
            Anonymous Coward

            Re: Expect a garbled account from the Beeb in about 6 weeks or so.

            By Jove, I think he's cracked it!

            "Expect a garbled account from the Beeb in about 6 weeks or so."

            Well spotted Sir Spoon! That's why this has been done! It was never about destroying TrueCrypt. TrueCrypt lives on. The cryptography is as strong today as it was yesterday and as it was twenty years ago. NO vulnerability has been disclosed. No vulnerability will be disclosed. This is because no vulnerability has been discovered. This is COINTELPRO

            This is an exercise in "controlling the story" and the story is bigger than TrueCrypt.

            There are two ways the BBC could run this:

            1) The pre-Neo-Labour : balanced information public service broadcaster...

            "The website of the popular encryption application 'TrueCrypt' has been defaced and replaced with a page citing unspecified failures and recommending Microsoft(TM) Bitlocker(TM) as an alternative. Security experts are puzzled by the events and caution users not to upgrade to the suspicious 7.2 release offered on the new page. They also advise users not to act in haste as no weaknesses have been disclosed or are known in previous versions of the software. An independent audit of the software is already underway and so far has found nothing suspicious. The BBC will bring you more information on this story, as it develops. " (i.e. The facts - remember those?)

            2) The post-Neo-Labour : government propaganda mouthpiece...

            "Developers of 'TrueCrypt' - the encryption software recommended by Edward Snowden are warning users that the software is not secure. The TrueCrypt website alerts users to the problem and is advising them to move their data to Microsoft(TM) Bitlocker(TM) immediately. The BBC will indoctrinate you further on this story, as it is ordered. "

            Ad-lib: "Makes you wonder who Edward Snowden is really working for, doesn't it?"

            We'll get version two.

            Snowden is the story. Snowden is the target. Any damage to TrueCrypt merely gravy.

    4. Velv
      Boffin

      Re: If you were the NSA...

      Interesting concept, but I can see where this particular one is likely to fail - the crowd funded investigation into the integrity of TrueCrypt. Assuming the investigation finds (presumably 7.1a) to be good then everyone in the world can trust that the correctly signed version is safe, and you end up with a tool the NSA can never discredit.

      Techies have long had a "toolbox" that often has older but known reliable tools in it. El Reg had just such an article this week,.

      1. Sir Runcible Spoon

        Re: If you were the NSA...

        "Techies have long had a "toolbox" that often has older but known reliable tools in it. El Reg had just such an article this week"

        If I were to take a longer view of things, removing avenues of escape (for data) would definitely be something I did if I were going to embark on a round-up exercise of miscreants at some point in the future.

        Whilst techies have skills and old tools, lack of new tools will severely hamper developments in this area. People who are not techies to start with will probably end up being stuffed.

        Imagine if you wanted to learn how to encrypt your personal data *today*. What would you find? No archives for TC, warnings about it being unsafe, recommendations for other software that is proprietary.

        This isn't about the people who already have the skills and tools, it's about stopping people without those skills and tools from obtaining them*.

        *imho - time will tell

    5. Stevie

      Re: If you were the NSA...

      "If you were the NSA, how would you set about neutralising things like Truecrypt?

      One option might be what we see today.

      Food for thought."

      Not a very good option.

      If I were the NSA, firstly I'd be extremely under-provisioned in the human assets department.

      Secondly, I'd secretly subvert Truecrypt 7.0 and let it mature to a couple of upgrades. Then I'd hack the latest version really obviously and put out lost of messages to switch to Microsoft software so all the knee-jerk unterrorist nonpaedos would dig in, smugly secure in the knowledge that they were using the "good" version.

      But I'm not the NSA (which does not exist).

    6. Michael Wojcik Silver badge

      Re: If you were the NSA...

      Food for thought.

      Junk food. Really, you think there's some insight in suggesting "hey, the NSA might be behind this" for every security-related incident? There are already plenty of folks on that bandwagon.

      Surely we can find some new bugbear du jour. Can we blame the "Dark Web"?

      1. Destroy All Monsters Silver badge
        Thumb Down

        Re: If you were the NSA...

        Surely we can find some new bugbear du jour. Can we blame the "Dark Web"?

        Dear Monsieur Wojcik,

        Might have been your mom instead. Frankly, one must be a bit woozy in the head to call NSA "bugbear du jour".

        NSA is first in line when suspicious shit HTF in relation to crypto. Their prior is extremely high. Bayesian evaluation of

        Probability( NSA involved | Weird and mysterious stuff happens with crypto )

        yields a value rather far away from 0.

  3. Terry 6 Silver badge

    Anonymity

    The apparently anonymous status of the TC developers rather makes it difficult to know who to look to for information in this issue.Or more to the point, for them to prove they are who they say they are.

    1. Anonymous Coward
      Anonymous Coward

      Re: Anonymity

      The proof is in the pudding. When it works, it works. For instance, The Register website works. I do not know who is in charge of it's servers or it's programming, but I don't need to if it's in tip top shape.

      However, as you said, if it does not work, then it's more difficult to find a solution. But that is the result of moving responsibility. I'd not suggest going to the trouble of programming one's own encrypted file system, but if it's out of one's hands and in another's, it's down to another to sort out.

    2. Anonymous Coward
      Anonymous Coward

      Re: Anonymity

      If the annihilation faction/operation hasn't secured exclusive control of the PKI key then it'll be very easy for us to identify them and for them to prove they are who they say they are.

      The key is as old as the project, so there's a reasonable chance that at least one of the original team has a copy. Although, of course, good practice would dictate destroying all copies except that held by the webmaster/publisher. ...and perhaps that one individual has been the mole all along. Perhaps the TrueCrypt project was an operation to control an interesting encryption project and the decision has now been made that it's time to pull the plug/rug.

      I hope someone else has a copy of the key! I hope someone will pop up and drop us a (signed - or even unsigned) note explaining the structure, politics and evolution of the TrueCrypt "team"

      This is better than anything I've seen on telly for ages!

  4. Anonymous Coward
    Anonymous Coward

    7.1a still okay

    7.1a, which was the most recent version for a long time, and the version being audited, and which was signed by the truecrypt dev keys, was valid and had no issues raised with the independant audit.

    It comes across as a combination of site hijack (keys compromised, DNS hack, vulnerability?) and possibly the keys have been compromised hence the recent key activity. Guess things will become clear pretty soon, in the meantime stay away from 7.2 and don't be ripping out 7.1a on the back of this.

    1. Bartholomew

      Re: 7.1a still okay

      Does TrueCrypt talk directly to the ALL hardware not using any OS API's is the question you should be asking. Do you trust the firmware for the harddisks processors are safe (all U.S. companies) ? If not, then it it like trying to build a skyscraper in a swamp with no foundation. It may look good today, but I wouldn't like to live there. The real problem is trust, and with secret gag orders, it is hard to trust anything connected with the US (or UK) in any way.

      1. Michael Wojcik Silver badge

        Re: 7.1a still okay

        Does TrueCrypt talk directly to the ALL hardware not using any OS API's is the question you should be asking

        No, the question everyone should ask is what is my threat model. Whether you want to attempt to mitigate possible threats in OS APIs and drive firmware and the like is not an absolute. The use of any IT system is a trade-off among risks, including security risks.

        Part of thinking about security - most of thinking about security - is considering what "security" means for particular use cases, rather than flailing around seeing monsters in every closet.

  5. Anonymous Coward
    Anonymous Coward

    Highly skeptical of this whole situation. Not using 7.2 here anyways but I'll take a "wait and see" approach....

  6. Anonymous Coward
    Anonymous Coward

    Matt Green seems to think it's legit.

    https://twitter.com/matthew_d_green/status/471752508147519488

    I also saw this comment, posted below, on Ars, thoughts?

    The SourceForge page, which was delivered to people trying to view truecrypt.org pages, contained a new version of the program that, according to this "diff" analysis, appears to contain only changes that warn the program isn't safe to use. Significantly, TrueCrypt version 7.2 was certified with the official TrueCrypt private signing key. That suggested the page warning TrueCrypt isn't safe wasn't a hoax posted by hackers who managed to gain unauthorized access. After all, someone with the ability to sign new TrueCrypt releases probably wouldn't squander that hack with a prank. Alternatively, the post suggests that the cryptographic key that certifies the authenticity of the app has been compromised and is no longer in the exclusive control of the official TrueCrypt developers. In either case, it's a good idea for TrueCrypt users to pay attention and realize that it's necessary to move to a new crypto app. Ars will continue to cover this unfolding story as more information becomes available.

    Consider the logic of it.

    The version with the warning is signed with the true private signing key. So it is authentic.

    The explanation about this being related to Windows XP support is ridiculous.

    The suggestion to use BitLocker is quite telling.

    Now suppose that the author received a secret order from a secret court that required the author keep secret the secrecy of the secret order from the secret court. Furthermore, the author was secretly required to turn over his secret signing key to a secret third party.

    If you were the author, what would you do? Consider your options.

    One is that you could issue an update with a warning that the program is no longer secure. Even though the program really is, at this moment, secure. The only source code changes are to insert the warnings. But what the warnings are warning you about, but cannot just come out and say, is that the program will not be secure in the future because a third party now has the keys to sign authentic new insecure versions.

    This wouldn't be unlike Lavabit shutting down. The author is choosing to fall on his sword for the good of everyone.

    1. diodesign (Written by Reg staff) Silver badge

      "Significantly, TrueCrypt version 7.2 was certified with the official TrueCrypt private signing key"

      It appears the signing key changed for v7.2.

      C.

    2. Anonymous Coward
      Anonymous Coward

      "The version with the warning is signed with the true private signing key. So it is authentic."

      Incorrect. It just means someone had a copy of the private key and knew the paraphrase.

      Without knowing how well the key was managed, it offers zero guarantee of authenticity.

      1. Michael Wojcik Silver badge

        "The version with the warning is signed with the true private signing key. So it is authentic."

        Incorrect. It just means someone had a copy of the private key and knew the paraphrase.

        Without knowing how well the key was managed, it offers zero guarantee of authenticity.

        Sigh. The signature is how the TrueCrypt authors have chosen to prove, and thus define, authenticity. This version of TC is authentic by the definition used by the authors of TC. Unless you believe in some absolute, Platonic "authenticity"1, claiming that this TC is "not authentic" and that it has 'zero guarantee of authenticity" is specious. It has, in fact, precisely the same "guarantee of authenticity" that every other TC release has.

        There is no other such guarantee, in the context of TC; so your argument distills into "this version of TC is exactly like all other versions of TC (in terms of 'authenticity')".

        1In which case I have a lovely metaphysics to sell you.

    3. Julz

      Unfortunately, sort of what I was thinking; bugger...

    4. Cynic_999

      No, I do not agree that this is what a developer shackled by a secret court Order would do. They may do something similar, but instead of advising people to switch to a Microsoft product that they have no way of knowing how secure it is, they would surely advise people to use the last known secure version of the product, (and give the hash that will verify it to be genuine). In addition, they would probably ensure that there is a "leak" of the secret court Order - which of course we may see materialising in the coming days/weeks/months.

      Some years ago I wanted to make Truecrypt compatible files from an embedded device, and so looked into the published source code quite deeply. If there was any backdoor in that source, it was exceptionally well hidden. Not that I ever got the source to compile to an exact copy of the published binary - but that is not at all suspicious given that I was not using exactly the same development tools.

      1. Anonymous Coward
        Anonymous Coward

        The key appears authentic to me (successfully verifies old signatures I have lying around) but interestingly it's an NSA/NIST original DSA format signing key so it's very, very likely to be pwnable by the designers.

        (little bone for the tinfoilers)

      2. Martin Taylor 1

        @Cynic_999: Do you know what the terms of the order (or rather, National Security Letter) might be? Nor do I. It seems not impossible that it might forbid the authors recommending previous versions of Truecrypt, or in some other way make it impossible for them to do so without breaching the terms of the order. By offering the ridiculous advice that they have offered, they not only avoid that possibility, but make it clear that they are acting under duress.

  7. Anonymous Coward
    Alert

    Stay clear of the OSX binary too!

    The OSX binary contains the same text found on that homepage/windows binary!

  8. Anonymous Coward
    Anonymous Coward

    NSA!

    Stop fiddling with our software!

  9. Anonymous Coward
    Anonymous Coward

    Uh-oh

    I wonder about the Linux binaries, will the package managers have pulled the infected code?

    One more reason people should ONLY use Free software and even then, they should not trust it.

    1. Captain Scarlet Silver badge
      Trollface

      Re: Uh-oh

      "One more reason people should ONLY use Free software and even then, they should not trust it"

      Unless you coded it in binary yourself on a machine you designed from scratch I don't think you should trust it.

      1. Anonymous Coward
        Anonymous Coward

        Re: Uh-oh

        Unless you coded it in binary yourself on a machine you designed from scratch and built yourself - and has never been out of your sight - I don't think you should trust it.

  10. Zmodem

    they`ve found out the NSA has had a backdoor in all of its encryption for the past 5 years

  11. Anonymous Coward
    Anonymous Coward

    Intriguing

    The site goes out of its way to provide the information needed in order to move data away from truecrypt volumes, for all platforms - not just Windows.

    This suggests that it isn't just a malicious hack or take-down of Truecrypt, but a serious atttempt to get people to move their data out of Trucrypt volumes. Therefore one might be inclined towards the theory that the developers are responding to an attempt to subvert the product, or discovery that it has already been subverted.

    What is slightly puzzling is the push to download and use version 7.2. Maybe I'm missing something, but wouldn't anyone with a Truecrypt volume already have an earlier version available? If an earlier version can't be trusted, why trust a new neutered version?

    It boils down to whether 7.2 is truly just a cutdown decrypt-only truecrypt, or has some little extras put in to take advantage of all that lovely information being passed through it. That would be pretty audacious, I think.

    1. mourner

      Re: Intriguing

      Sure, most people using Truecrypt volumes today have a version of Truecrypt installed - most likely v7.1a

      However, what about someone who rediscovers a Truecrypt volume in 5 years time?

      If this episode actually boils down to the Truecrypt developers deciding they have had enough of developing Truecrypt, then the sensible thing to do would be to leave available the source and binary that can decrypt all previous versions' volumes so such people can rescue their files. Stripping out the encryption routines is a sensible precautionary measure as the software will be unmaintained going forward, so any subsequently discovered holes or bugs are not going to be fixed - hence removing the possibility that people in the future will rely on a possibly obsolete encryption application. This is very good practise when it comes to security related software.

      Encryption methodology and complexity is a moving goal as even with mathematically sound and correctly implemented algorithms it is only a matter of time before the incessant scaling up of computing power renders today's best encryption useless in the face of full on brute forcing. Hence why over the years advice on what length of key to use in any given ecryption scheme has increased time and again. The point being that encryption should only be relied on to keep something "secret" beyond the point it is of any use, not forever.

      1. mourner

        Re: Intriguing

        Care to explain the thumb down thumbdowner?

        I was just trying to bring some rational dicussion to the fore, rather than the OMGZ111!!!2! Truecrypt PAN1C headlines that seem to be littering the tech media.

        1. Michael Habel

          Re: Intriguing

          Care to explain the thumb down thumbdowner?

          I was just trying to bring some rational dicussion to the fore, rather than the OMGZ111!!!2! Truecrypt PAN1C headlines that seem to be littering the tech media.

          There's always at least One arse here that downvotes everything. Irregardless if the actual comment made, I just try to ignore 'em.

          1. Havin_it
            Headmaster

            Re: Intriguing

            >Irregardless

            That's not a word. You almost got a downvote for that.

            1. Anonymous Coward
              Anonymous Coward

              Re: Intriguing

              "That's not a word. You almost got a downvote for that".

              Contrariwise, it's a perfectly cromulent word.

            2. Michael Wojcik Silver badge

              Re: Intriguing

              >Irregardless

              That's not a word

              Frickin' prescriptivists.

              Of course it's a word. It's clearly a well-formed sequence of letters that's well within the space of English word formations, and it's widely used and even more widely recognized by English speakers and writers.

              It's a redundant, ugly, awkward, and widely-despised word, but it's a word nonetheless.

          2. Anonymous Coward
            Anonymous Coward

            Re: Intriguing

            "One arse here that downvotes everything".

            Gosh, now there are two...

            1. Destroy All Monsters Silver badge

              Re: Intriguing

              Sounds like a nontruism.

    2. Anonymous Coward
      Anonymous Coward

      Re: Intriguing

      Or alternatively the NSA has taken control and is trying to get people to move their data out of older secure truecrypt archives and onto platforms that they have backdoored?

    3. Daniel B.

      Re: Intriguing

      The site goes out of its way to provide the information needed in order to move data away from truecrypt volumes, for all platforms - not just Windows.

      It skims over Linux, just saying "use any integrated support for encryption". They did give the quick instructions for OSX though.

  12. Paul 87

    Or, ya know, it's just a publicity stunt for when they "regain control" of the webpage and announce a new, even more secure version for a price.

    1. Steven Raith

      Yeah, because what you want in an encryption suite is childish shenanigans and insinuations of codebase compromise.

      1. Sir Runcible Spoon
        Coat

        "just a publicity stunt"

        That thought crossed my mind too, but it was quickly dismissed as being a shot-in-the-foot-too-far.

  13. Havin_it
    Black Helicopters

    The synchronicity is the most intriguing part

    This all happening just as the audit project breaks its silence and promises upcoming "exciting news": giving me a pretty high pucker factor on the whole business. Rather glad I migrated my encrypted drives to LUKS a while back, anyhow.

    The main reason at the time for doing that was that Gentoo and a few other packagers were going berserk about its license terms (I forget the details but it related to end-user indemnity IIRC). It wasn't until the Reg reported on the audit that I took note that the developers were actually anons (not Anons, as far as we know haha), which troubled me a lot more to be honest. I mean, in this world there are certainly valid reasons for that choice (e.g. the NSA can't lean on you if they don't know who you are), that inscrutability cuts both ways and just makes it a little hard to trust the project. Mind you, I guess that's what the audit was for (assuming one trusts the auditors).

    And of course, making us all uber-paranoid makes the spooks' job even easier in some ways...

    1. mourner

      Re: The synchronicity is the most intriguing part

      Are the developers really that anon though?

      I've been vaguely following the audit process and it seems the audit team have direct contact with the developers. Of course that may be via tortuous anonymising routes.

      To be fair if I was a developer of Truecrypt, I'd do the exact same thing. I would think creating a tool with the express intention of creating plausibly deniable encrypted filesystems beyond the reach of even national level intelligence agencies is going to end badly one way or another if one were to be associated with it. Be that from vigorous "arm twisting" from both governmental and criminal goons or from some odious smear campaign (by anyone so motivated) that you are developing tools for peado-terrorists to use to hide their activities etc. Roll on the aiding and abetting charges (and coercion opportunities that brings in itself).

      In this sphere I'd trust unknown anonymisters over some sprightly startup LLC based in the US to provide this complexity of encryption software.

      It will be interesting to see how this plays out over the next few weeks. Whatever happens Truecrypt has passed a point of no return with this move.

      One small (and I think interesting) point that I picked up on while reviewing the diffs of the 7.1a and 7.2 source (see https://github.com/warewolf/truecrypt/compare/master...7.2 ) and only seen commented on once on another forum is that as well as all the code changes to remove the encryption routines all the references to localisation that previously referred to "U.S." have been changed to "United States". Now that may just be down to some previously coded changes in underlying libraries requiring the change - but it could also be considered as a not so subtle noisy canary tweeting its last song before turning its toes up.

      1. Havin_it

        Re: The synchronicity is the most intriguing part

        I did acknowledge that there are valid motives for anonymity, and like you I'd be lairy of it if the devs were a "sprightly startup LLC based in the US" (especially the US part!). But that's just an exploration of alternative realities; if we're going there, I'd much rather the devs were a traditional OSS collective of known, established experts in the field, based in all corners of the globe so it'd be hard to impossible for them all to be under the thumb of a single espionage agency or criminal network.

        When software is born as a decentralised global operation, it's damn hard if not impossible for it to be subverted to the whims of any one country. When audits are carried out, ideally that process ought to happen in the same context.

  14. Adam 1
    Windows

    Am I safe?

    Downloaded 7 Apr 2014

    fciv "TrueCrypt Setup 7.1a.exe" -sha1

    //

    // File Checksum Integrity Verifier version 2.05.

    //

    7689d038c76bd1df695d295c026961e50e4a62ea truecrypt setup 7.1a.exe

    1. Anonymous Coward
      Go

      Re: Am I safe?

      Running the hash through a number of search engines yields plenty of results (many of which from 2012) so my guess is that you're quite safe.

    2. mourner

      Re: Am I safe?

      Just checked my rarely used Win7 partition for Truecrypt install files but all I have is a v7.1 (NOT v7.1a) installer file dated Tue 03 Jan 2012 14:40:01 GMT - which would coincide with when I purchased this particular machine.

      So whilst I cannot answer your question I am going to post the sha1 for that installer file.

      mourner@mint13-laptop ~/Desktop $ sha1sum ./TrueCrypt\ Setup.exe

      5910a05bf671a385c2c5967171aa1c5509a3d3ee ./TrueCrypt Setup.exe

      As far as I know that is the sha1 hash of the unadulterated v7.1 (NOT v7.1a) Windows installer.

    3. Anonymous Coward
      Anonymous Coward

      Re: Am I safe?

      That matched the executable that I have, dated 2012/7/28

    4. Jamie Jones Silver badge

      Re: Am I safe?

      "Downloaded 7 Apr 2014

      fciv "TrueCrypt Setup 7.1a.exe" -sha1

      //

      // File Checksum Integrity Verifier version 2.05.

      //

      7689d038c76bd1df695d295c026961e50e4a62ea truecrypt setup 7.1a.exe"

      No (You are using SHA1!)

    5. Christian Berger

      Re: Am I safe?

      Hmm distributed checksum verification. That's actually not a bad idea.

  15. This post has been deleted by its author

    1. Sir Runcible Spoon

      You've either encrypted your original post with the new 7.2 version, or you are missing some words that would otherwise render your post sensible, such as 'did it' and 'their' perhaps?

  16. Anonymous Coward
    Anonymous Coward

    Does anyone know..

    .. under which jurisdiction this project runs?

    If it's in the US (and sourceforge is), then there are all sorts of interesting things that can happen to both the service it's hosted on and the people that work on the project, all neatly legalised under federal laws brought into play post 9/11. Given that none of the people involved with the project have made public statements so far it is not unreasonable to assume that they have been served with something official. That'll be my assumption until I hear from someone near the project.

    Bonus questions:

    1 - maybe the key was breached? That creates a whole chain reaction of problems.

    2 - what will happen with the review project and the money sourced for it?

    1. Anonymous Coward
      Anonymous Coward

      Re: Does anyone know..

      Gazing back through the murky mists of time... I see... shapes... familiar shapes... shapes on a map... I see... Germany and... Eastern Europe.

      Not sure how accurate my recollection of that is and the contributors always protected their anonymity. Which is a VERY GOOD thing.* But that's what I recall from the conception of the project.

      I certainly got no US connection concerns until a few years after the project began, when up popped something called "TrueCrypt LLC" - a company registered in Nevada. "Zoikes! Why the US, when the US is so hostile to strong cryptography in general and TrueCrypt in particular" was my thought at the time... much as you're expressing now.

      Thinking about it then, I concluded that TrueCrypt LLC wasn't that significant. It's probably a sort of front-of-convenience established by a sympathetic party for the convenience of the collective. For the developers to strictly maintain their anonymity (A VERY GOOD THING) various mundane tasks would become rather difficult and I concluded that this was just a presence to ease that situation. Managing the (US based) domain registrations, hosting, etc... collection and distribution of donations... all that sort of stuff which involves transfer of funds and proof of identity. Tricky if you wish to remain anonymous!

      Thinking about it again now, more than half a decade later, I'm inclined to think that was all pretty close to the mark... and is the key to all the recent shenanigans.

      As time passes, what appeared at first glance to be a simple sarcastic website defacement, is looking ever more wilful and premeditated. The files appear to have been prepared well in advance. The defacement is FAR more involved and considered than necessary - preparing all those screencaptures alone was not an insignificant endeavour. The content appears contrived to achieve maximum alienation... everyone sufficiently sophisticated to be using TrueCrypt will be aware of Bitlocker. Of the plethora of free, open, mature and trustworthy alternatives, why design and publish a giant poster proclaiming "use the NSA crippleware" to that audience? We know about the NSA option! That's why we're HERE! Almost as offensive as, after ACRES of verbose handholding for Windows users, that lone "fuck off" oneliner served to the Linux crowd... that must have hit a raw nerve square on! And so on. This was certainly no casual hoax.

      If TrueCrypt LLC was what I think it was, then the entity behind it had injected themselves into a position of GREAT influence within the project. Control of the funds, control of the primary communication medium and as publisher perhaps sole control of the authentication keys. The perfect position from which to achieve exactly what we have just witnessed.

      This hasn't been a simple website defacement. It's a carefully planned and executed coup d'état.

      *There's been CONCERTED HEAVY PRESSURE from parties within the US against anonymous development of free and open security related projects. It's even bubbled up in these very threads. Always exactly the same doublethink. The Tails developers have been particularly relentlessly battered. This is COINTELPRO. In such matters, interesting security matters, anonymity is A VERY GOOD THING. Think about it. Think HARD.

  17. Terry 6 Silver badge

    Encryption software alternatives

    One of the problems with encryption software is that it is product dependant. Irrespective of which alogorythm is used the same software package to decrypt it is essential. Which poses a long term problem that the software youuse today may not be available tomorrow if you need to reinstall it to get hold of some important data.

    Compare this to, say, ZIP or office software. MS Office/open Office/Libre office etc etc. can all open each other's files. Ditto 7zip etc.

    1. Havin_it

      Re: Encryption software alternatives

      There's more difference between your counter-examples than between some of them and TrueCrypt. The key is openness of the spec (file format).

      TrueCrypt's file/volume format is open, as is ZIP, as is OpenDocument as used by OOo/LO. That means that as long as there's a demand and somebody, anybody, can be arsed doing the work, then that software will exist.

      MS Office formats, on the other hand, are either proprietary (in the case of the old binary formats) or specced so vaguely that they're virtually impossible to implement properly (OOXML). Never mind the future, you can't use these formats with perfect fidelity now unless you have the right version of MSOffice. The third-party solutions that you do have are either reverse-engineered or have done their best (which is never going to be enough) to adhere to a 6,000-page spec full of undocumented gubbins whose meaning is buried in the (still proprietary) workings of those old binary formats.

      Whew! Rant over, but I hope you get my point. As long as there's the demand and someone willing to meet it, there will always be software capable of doing exactly what TrueCrypt does. Office 97? Not so much.

  18. pip25
    Facepalm

    This is ridiculous

    TrueCrypt had a quite functional, if not very eye-catching website, which has been replaced by a primitive HTML page that you can throw together in two minutes. The source code for "7.2" is peppered with inane "INSECURE_APP" messages. The binary was signed with a different key. Can anyone seriously believe that this is the work of the original developers?

    Whatever the motivation, this looks like a rather obvious security breach regarding the project's SourceForge account. No more and no less.

    (I mean... switch to Bitlocker? That's not even a good troll.)

    1. John Tserkezis

      Re: This is ridiculous

      "TrueCrypt had a quite functional, if not very eye-catching website, which has been replaced by a primitive HTML page that you can throw together in two minutes."

      It's as if the developer-killed-himself-with-his-own-sword conspiracy theorists can't read. You've mentioned some of the more glaring points that clearly tell us perhaps some twat had nothing better to do on a sunday morning, got lucky with the server access, and cooked up a new version that doesn't work.

      Bitlocker. Funny.

    2. Mark .

      Re: This is ridiculous

      "(I mean... switch to Bitlocker? That's not even a good troll.)"

      Okay, I'll bite - what are the problems?

      Truecrypt is cross-platform, and also available on all versions of Windows. But for someone where this isn't an issue, what is it about Bitlocker that makes this laughable?

      1. Anonymous Coward
        Anonymous Coward

        Re: This is ridiculous

        To me it's the equivalent of Mozilla shutting up shop and recommending IE as a secure alternative to FF.

        I would seriously hope it's not gonna happen.

  19. DrM

    I'm from the government and I'm here to help you.

    So, this all comes about when XP is dead and now no user has a legitimate need for other than BitLocker?

    Sounds like once it could be said that no Windows user needed it -- we have BitLocker! - the Feds convinced them to pull pull the program. The Feds, the NSA HATE encryption. They don't like me and Eric using it.

    And, sure, why not use BitLocker? It only has 25% of the functionality and who can you trust more for secure code than Microsoft? Not only are they highly skilled -- they won't even talk to the NSA, I'll bet.

    1. Havin_it
      Windows

      Re: I'm from the government and I'm here to help you.

      >So, this all comes about when XP is dead and now no user has a legitimate need for other than BitLocker?

      Except for users of any edition of Windows Vista and 7 below Enterprise, and 8.* below Pro, IOW virtually every high-street-bought home computer in use today.

    2. PrivateCitizen

      Re: I'm from the government and I'm here to help you.

      " It only has 25% of the functionality"

      Agreed - Whole Disk Encryption was not the main reason I used truecrypt, and isnt the main reason almost everyone I know used truecrypt.

      If if if that was the whole reason, Bitlocker is even a poor alternative for truecrypts WDE.

  20. Anonymous Coward
    Anonymous Coward

    Key escrow

    They're advocating you move to a different product that supports NSA key escrow - that's pretty telling...

  21. Liam2

    fork();

    I'm not worried about TC going away. It's only a matter of time before a fork comes to light. Such is the magic of free software.

  22. thexfile

    SourceForge has been compromised for a least two months now.

    1. Destroy All Monsters Silver badge

      It's time to put a fork in it.

  23. John Smith 19 Gold badge
    Unhappy

    Rebuild from source code

    Isn't that the whole idea of open source?

    1. Blacklight

      Re: Rebuild from source code

      ISTR that the problem was that no-one could generally get it to build correctly from source....

      From : http://istruecryptauditedyet.com/ :

      "Implement deterministic/reproducible builds. Many of our concerns with Truecrypt could go away if we knew the binaries were compiled from source. Unfortunately it's not realistic to ask every Windows user to compile Truecrypt themselves. Our proposal is to adapt the deterministic build process that Tor is now using, so we can know the binaries are safe and untampered. This is really a precondition to everything else. And it's not an easy process"

      1. MJB7

        Re: Rebuild from source code

        I don't think building from source is all that hard. What is hard is deterministically building from source. Thus given the same source files, you end up with the same (bit-wise identical) executable.

        There are a lot of tools that make that hard these days; there are good reasons, but it's not desirable in open source security software.

        1. Jamie Jones Silver badge

          Re: Rebuild from source code

          FreeBSD:

          cd /usr/ports/security/truecrypt && make install clean

  24. MostlyGordon

    The Conspiracy Theory

    1. Last week EBay gets hacked and losses their password database. But, says don't worry it was encrypted.

    2. This week IOS devices start getting hijacked.

    3. Hijacked users probably had the same EBay and iCloud passwords.

    4. Guess what EBay used for encryption...

    The burning question is, can anyone recommend a good alternative? Free, open source, and cross platform with similar functionality to TrueCrypt?

    1. Destroy All Monsters Silver badge

      I shiggedy

      I seriously hope they didn't ENCRYPT password with TrueCrypt instead of HASHING them in an irrecoverable manner using "openssl passwd -1 -salt $SALT $PASSWORD" then putting them into a RELATIONAL DATABASE!

  25. Anonymous Coward
    Anonymous Coward

    Thing is...

    Last year, I was messing about and installed TrueCrypt (from a download link on the .org site) on a system to try something out and well... it ended up putting Wajam on the PC, which despite its company acting like it's a legit piece of software has this habit of acting a lot like malware and for all intents and purposes should be considered as such, as far as I'm concerned.

    1. pepper

      Re: Thing is...

      Heh, I just did a quick search for that Wajam company, I ended up on the wiki page and started reading the talk pages(which are often quite informative).

      That company is massively trolling wikipedia in the hopes of getting any positive PR.

  26. ici.chacal

    With regard to platform-provided security...

    As well as using Truecrypt, I also use home directory encryption when I install Ubuntu. Does anyone know how secure that is..?

    1. mourner

      Re: With regard to platform-provided security...

      As far as I remember it uses AES encryption with a 128 bit key by default. So presuming the implementation has been done correctly it's relatively robust i.e. an opponent would need to brute force the encryption which would take a very long time provided you choose to use a sensible / strong password.

    2. robmobz

      Re: With regard to platform-provided security...

      It is ecryptfs which is audited here: https://defuse.ca/audits/ecryptfs.htm

      There are several vulnerabilitis but still better than nothing.

  27. Shaha Alam

    very, very triksy.

    just goes to show, you can have the best safe in the world, but it's no good if someone can replace it without you knowing.

    security isn't about locks and safe and encryption. it's a state of mind. a mind constantly on the edge of paranoia.

  28. TopOnePercent

    The real questions

    Seems to me there's 2 likely possible triggers for all this:

    1) The audit has indeed found something big and has notified the developers ahead of time. That would be courteous and professional, so not unexpected *IF* the audit found something.

    2) Its just a hack of the site rather than the software.

    I suspect #1 is rather more likely than #2, but both surely spell the end of TrueCrypt. so the real question is to what should everyone migrate? TrueCrypt was pretty much the universal standard, so is there anything waiting in the wings to take over, and if so, will it now be audited?

    1. Destroy All Monsters Silver badge
      Headmaster

      Re: The real questions

      Clearly, if it's (2) then rolling back to earlier versions and moving to a serious hosting environment that is not the weakest link in the chain may re-normalize the situation.

      1. Destroy All Monsters Silver badge
        Flame

        Re: The real questions

        Mr. William Hague, please stop the downvoting, kthx.

  29. Sir Runcible Spoon

    Exclusion from Wayback machine

    It has been removed since at least Feb 10th 2014

    From Wayback FAQ:

    Why isn't the site I'm looking for in the archive?

    Some sites may not be included because the automated crawlers were unaware of their existence at the time of the crawl. It's also possible that some sites were not archived because they were password protected, blocked by robots.txt, or otherwise inaccessible to our automated systems. Siteowners might have also requested that their sites be excluded from the Wayback Machine. When this has occurred, you will see a "blocked site error" message. When a site is excluded because of robots.txt you will see a "robots.txt query exclusion error" message.

    The actual response from Wayback is

    "

    Sorry.

    This URL has been excluded from the Wayback Machine."

    Note, not 'blocked site error'. Unless they have updated their processes and the faq is incorrect.

    I'd like to know how far back this goes and determine if it is in anyway linked to the current situation. It might be important.

    1. Sir Runcible Spoon

      Re: Exclusion from Wayback machine

      For future reference, an archive of the TC binaries

      https://github.com/DrWhax/truecrypt-archive

      Also, check out this interesting thread on the matter..

      http://www.metafilter.com/139452/FalseCrypt

      Especially the bit about the 410 page when trying to retrieve the truecrypt.org/robot.txt file

      1. Destroy All Monsters Silver badge
        Trollface

        Re: Exclusion from Wayback machine

        I like this:

        The best explanation I've seen is a rage-quit, based on the commit history; as if someone was making changes and then decided "fuck you people" because the audit kickstarter got all kinds of money and Truecrypt got nothing.

        1. Destroy All Monsters Silver badge
          Pint

          All along the watchtower...

          And also...

          The TC devs have been willing to labor in obscurity for 10 years on an ideological project that almost certainly hasn't earned them a living, that is wasted on and unappreciated by most computer users, that could earn the devs some pretty powerful enemies, and the importance of which has arguably been steadily eroded by the feature creep of popular operating systems.

          It would not be shocking to learn that the devs were fairly eccentric. Socially idiosyncratic. Crotchety. Grouchy. Zealots. Justified paranoids. Assholes, even. And I say this with affection: I've used TrueCrypt for years. It warms my heart to imagine that my security software was designed by grouchy zealot paranoid assholes.

          I point this out because most of the "something is UP" vibe this story seems to radiate really just comes down to "But this is so abrupt and confusing!" That is, it comes down to the social signals connected to the event, or lack thereof. But the devs have never been very forthcoming with any sort of social signals. If they're grouchy zealot paranoids, they may see social signals as weakness. Well, in this newfangled game, where every detail of your writing style is preserved for all time, for later analysis by computers and programs that don't even exist yet, maybe they can be.

          I'm coming around to the point of view that this isn't as crazy a way for the devs to quit the TC project as it seems at first blush. TC is open source and I'm sure the program will continue to be developed to some degree by someone. Probably several projects, several someones. Maybe the TC devs (who haven't updated TC at all in nearly two years) have a new project they view as more important. Maybe being a grouchy zealot is really tiring.

          posted by Western Infidels at 9:24 PM on May 28 [18 favorites]

          1. Sir Runcible Spoon

            Re: All along the watchtower...

            This is the best archive info of TC I've found so far..

            www.domaintools.com/research/screenshot-history/true-crypt.org/

            www.domaintools.com/research/screenshot-history/truecrypt-foundation.org/

            1. Sir Runcible Spoon

              Where?

              Domain Name: TRUECRYPT.BIZ

              Domain ID: D11969768-BIZ

              Sponsoring Registrar: GODADDY.COM, INC.

              Sponsoring Registrar IANA ID: 146

              Registrar URL (registration services): whois.godaddy.com

              Domain Status: clientDeleteProhibited

              Domain Status: clientRenewProhibited

              Domain Status: clientTransferProhibited

              Domain Status: clientUpdateProhibited

              Registrant ID: CR19068119

              Registrant Name: TrueCrypt Foundation

              Registrant Organization: TrueCrypt Foundation

              Registrant Address1: NAVAS Station

              Registrant City: Marie Byrd Land

              Registrant Postal Code: 80S 120W

              Registrant Country: Antarctica

              Registrant Country Code: AQ

              Registrant Phone Number: +672.0000

              Registrant Email:

              Administrative Contact ID: CR19068121

              Administrative Contact Name: TrueCrypt Foundation

              Administrative Contact Organization: TrueCrypt Foundation

              Administrative Contact Address1: NAVAS Station

              Administrative Contact City: Marie Byrd Land

              Administrative Contact Postal Code: 80S 120W

              Administrative Contact Country: Antarctica

              Administrative Contact Country Code: AQ

              Administrative Contact Phone Number: +672.0000

              Administrative Contact Email: domain.admin@truecrypt-foundation.org

              80S 120W is quite literally, the middle of nowhere.

              And this one looks a bit fishy..

              http://whois.domaintools.com/truecrypt.us

              Registered on March 3rd 2014 from Hong Kong...why would that be?

              1. Sir Runcible Spoon

                Re: Where?

                From the comparison code analysis from 7.2 to 7.1a I noticed this little nugget from the licence..

                - name truecrypt.org is associated with Your Product.

                + name truecrypt is associated with Your Product.

                There are a few other instances where truecrypt.org has been truncated to just truecrypt.

                It's almost as if whoever wrote it was anticipating TC code being hosted on sites other than truecrypt.org, or anything that re-directs to it.

                Something else I noticed, not only does the new installer not install the setup guide (understandable if it's only there to decrypt everything you already have) but it also deletes any existing one you might have in the install directory (such as from a previous version).

                At least that's what it looks like, I'm no coder.

                Everything I've read and looked up all points to the coders distancing themselves from the project as much as possible, but to do that in such a dramatic way without any credible explanation screams 'Lavabit exit strategy' to me, and not something done on a whim - this was well planned, including removing all the cached archives of the site.

  30. Anonymous Coward
    Mushroom

    Replacement?

    1. Ideally you understand all the crypto algorithms and write your own software, as simple as possible. You write your own OS, compiler, everything. You fab your own CPU and chipset.

    2. Too hard? Ok, download something from the internet, examine the source code until you understand every line of it and know for a fact that it's flawless, and compile it yourself. Do that with the whole OS. Audit your hardware, somehow.

    3. Still too hard? YES. You're screwed. Assume all electronic devices are 100% insecure.

    1. Bartholomew

      Re: Replacement?

      You forgot about making your own keyboard. From your brain to your hands is where the trust begins and ends.

      1. Michael Wojcik Silver badge

        Re: Replacement?

        From your brain to your hands is where the trust begins and ends.

        Wrong (see e.g. Descartes' Evil Genius argument) and dumb. There is no "trust", in any absolute sense, any more than there's any absolute "security".

        1. Anonymous Coward
          Anonymous Coward

          Re: Secure from our brain to our hands?

          "Don't tell him Pike!"

          http://youtu.be/0V3SqxUomwk

      2. Destroy All Monsters Silver badge

        Re: Replacement?

        From your brain to your hands is where the trust begins and ends.

        Dr. Strangelove is of a different opinion.

  31. Anonymous Coward
    Anonymous Coward

    Arch Linux still on v7.1a...

    ...and I'm not upgrading until I hear otherwise. There's a discussion on the Arch forum (https://bbs.archlinux.org/viewtopic.php?id=182128) - a couple of possible alternatives are mentioned, but one poster put forward the view that whether or not this is a hoax, either way it suggests TC is compromised (by The Spooks or The Hackers... or even both?).

    It would be a bit of a hassle to look for an alternative volume-encryption solution - I use both TC and EncFS to encrypt files in my cloud-storage account (financial info, etc.). The main difference for me, is that files encrypted with EncFS are easily identifiable, whilst a TC volume doesn't have to "stand out" so clearly.

    Still, if we have to migrate, we have to. I'll be keeping a close eye on developments here, and hope that whatever the true story may be, we'll be permitted to find out what it is...

  32. 0765794e08
    Terminator

    TrueCrypt Forum

    I just want to mention that this has wiped out the TrueCrypt forum too.

    There were hundreds of users at the TC forum (myself included), which contained a goldmine of information, not just about TrueCrypt itself but also crypto and computer security in general.

    Many people put in many hours of work in the forum, and it would seem that that repository of knowledge is gone at a stroke.

    So farewell Dan, pepak, Nicky and all the others…. “Sic transit gloria mundi”.

    bae24d3fff

  33. Jim 59

    md5sum

    The md5sum of the bad binary matches the one advertised on the SourceForge site. Not surprising I guess (8af39ed9c2080fa9b3061fa7c0ff792f)

  34. Anonymous Coward
    Anonymous Coward

    Food for thought

    If there are unfixed security issues with TrueCrypt, without knowing what they are it would be stupid to fork the project. Maybe it is time to rethink everything back to first principals, for a new virgin whiteboard to be sacrificed to the gods of trust. Since trust in god is dead, in the U.S. anyhow.

  35. David Kelly 2

    Cross Platform

    One of the most attractive features of TrueCrypt was that it is/was cross platform.

    1. Anonymous Coward
      Anonymous Coward

      Re: Cross Platform

      That's one reason why I use TC - I can access the encrypted content from our Mac and my Linux netbook.

      I've also been using EncFS, but I never quite got my head around the Mac support (which there is, I know). Apparently, I understand a security audit of EncFS revealed significant weaknesses as well, so I'm looking for an open-source alternative which can operate under both Linux and Mac OS X. eCryptFS is one option I'm reading up on, but TrueCrypt is going to be a tough act to follow.

  36. Christian Berger

    They probably had to give out their private key

    This is something that can easily be done in the US with security letters and you can combine it with a "gag order".

    In that case, particularly with open source software, one sane idea is to "just give up". The project will then be forked and people in other countries, where signing keys don't have to be given out, can continue it.

    If you step back a few steps you can see the 2 main problems with software distribution today.

    One is that most software packages are so huge a single person cannot understand them, the other is that some platforms don't ship with compilers.

    Imagine TrueCrypt would only consist of 100-1000 lines of code and everyone would just download the source code and compile it themselves. It would be a _lot_ more likely people would take a look at it. And it would be a lot more likely they'd find a back door or bug door.

  37. Rick Giles
    Linux

    Bitlocker

    I can't quit laughing... "Use Bitlocker..."

    Since it is a Microsoft product, it is about as useful as a sieve to bail water...

  38. Anonymous Coward
    Anonymous Coward

    If I were the NSA

    I would get someone to make a Truecrypt fork with a backdoor in it. Post it anon from someplace off the US map so to speak. Lots of idiots would then believe they have a fixed and secure version but they do not.

    I think the only way you can be sure of something is to 1. program something yourself or 2. have the source code and only be able to compile it on one compiler (possibly including version) per platform. That way people can inspect the code and still have comparable output. Only a guess mind since I do not know much of anything about programming.

  39. Nuno trancoso

    Sad if true

    And there's another quite dark avenue. If TC really has/had no backdoors, at maximum strength it would make spooks job if not outright impossible, at the very least immensely resource consuming.

    Now, if i was the spooks, and kinda found myself between the rock and the hard place with nowhere to turn, would i be tempted to take the easy way out and turn the FUD dial up to eleven?

    Leaning hard on someone to get the signing keys, lill site hijack, "bombastic news", and suddenly the "tabloid news" worshiping masses are running away from what we don't want them to use. Sounds like a decent plan with low resource usage...

    Anyway, kinda non-event. After all, no tinfoil hat brigade member would ever take a TC volume after usage and NOT use another encryption layer on it, would they.

  40. Daniel B.
    Boffin

    Hm...

    Sounds fishy. Wonder what happened? I've been using FileVault2 ever since I switched to OSX, but TrueCrypt was my one true multi-platform crypto option. What should I use now?

    1. Anonymous Coward
      Anonymous Coward

      Re: Hm...

      A safe and a decoder ring?

  41. FrankAlphaXII
    Pirate

    Hmm.

    This sounds like plain old vandalism and criminality to me. I really strongly doubt any State actor was involved here. If one was, you'd probably never be able to tell. I'd be willing to bet its something traditionally criminal and they're seeking to drop a fuckload of malicious software on your machine when you install what you think is a new version of TrueCrypt.

    Instead its Malicious porn toolbars, Trojans, Bot programs, Malicious Cryptocurrency miners, and Bootkits ahoy!

    I'd avoid it like the plague and plan to do exactly that permanently at this point, and I'd suggest that users use something else as well. TBH, I was never a big fan of TrueCrypt anyway. I use quite a number of encryption programs on the job and at home, and it just never struck my fancy I guess. I don't know if I'm the only one, but it felt to me to be as clunky as a post-2005 Symantec product last time I used it.

    The brightside is that there are other full disk encryption suites out there, and even some file systems like ZFS and Btrfs offer a built in full disk encryption functionality for *BSD and Linux. As well as standalone programs for *BSD and Linux which sometimes leverage that capability, which doesn't help a Windows User at all, but other Windows full disk encryption technologies than TrueCrypt do exist at varying levels of trustworthiness and quality, as well as expense.

    I have no idea about OS X though I'd imagine that as long as the right libraries are installed in Darwin that you could use one of the *BSD full disk encryption packages.

    1. PrivateCitizen

      Re: Hmm.

      TrueCrypt was more than just whole disk encryption.

      TrueCrypt provided a tool which allowed users to create portable storage and deniable containers - all in one cross platform bundle.

      It will be missed but even if it does return, will anyone ever be able to trust it again?

  42. A J Stiles
    Holmes

    Hmm .....

    I smell an attempt by a proprietary software vendor to discredit Open Source software.

    Would they resort to this sort of tactics? Undoubtedly.

    I'm keeping an ear out for what the OpenBSD folks have to say about this. They are one of the few development teams I trust, and they don't distribute crap; if something isn't fit for OpenBSD, then they either patch it or drop it.

    1. Destroy All Monsters Silver badge

      Re: Hmm .....

      if something isn't fit for OpenBSD, then they either patch it or drop it

      OpenSSL says that this is not so

      1. A J Stiles

        Re: Hmm .....

        Looks like patching from where I'm sitting .....

  43. PrivateCitizen

    TAILS and Sans

    Tails has been trying to get rid of Truecrypt for a while now:

    https://labs.riseup.net/code/issues/5373 and https://tails.boum.org/blueprint/replace_truecrypt.

    Looking at the changelog, zuluCrypt was added as an option on 19 May but the bit about "recent concerns" was added 29 May.

    Also, there is a SANS forensics presentation from 2010 which (on slide 23) covers Truecrypt and states "removed at the request of US government" - http://digital-forensics.sans.org/summit-archives/2010/18-lord-cryptanalysis.pdf

    1. Anonymous Coward
      Anonymous Coward

      Re: TAILS and Sans

      Indeed.

      Sadly the nice zuluCrypt GUI (nicer than TC itself IMO) has so far been refused acceptance into Debian: https://bugs.debian.org/703911

      Seems there's a bit of a disagreement over permissions. Haven't looked into that AT ALL yet but obviously any binary operating on block devices must have appropriate authority... but wouldn't that be cryptetup/tcplay rather than a UI?

      I hope this TC implosion is taken as motivation to get the matter resolved, rather than an opportunity to suppress. The developer certainly seems willing and forthcoming. I wonder if we'll be made to watch him bang his head on a wall of excuses until he gives up and goes away...

This topic is closed for new posts.

Other stories you might like