Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Tuesday June 17 2014, @10:30AM   Printer-friendly
from the Paging-Dan-Brown dept.

In an update to the speculation that TrueCrypt development was officially discontinued as a response to efforts by US intelligence agencies to compromise the project, the TrueCrypt web site seems to contain a secret message warning potential users of NSA interference in the integrity of the software. The apparent message, "Don't use TrueCrypt because it is under the control of the NSA" is read as an acrostic in Latin, contained in the message announcing developer cessation of the project on SouceForge. Two independent analytical exercises, conducted independently, arrive at the same conclusion. User "Badon" at the Live Business Chat message board has a detailed exegesis including screenshots and footnotes.

[EDITOR'S NOTE: I have cross checked this on some Latin specific sites, and the consensus seems to be that it is nonsensical from a perspective of proper Latin grammar and syntax. However, Google Translation does reproduce these results. I can certainly believe that a warning might have been composed using G.T. rather than by consulting a classicist. --ED]

Related Stories

TrueCrypt Discontinued, Compromised? 91 comments

The TrueCrypt website has been changed it now has a big red warning stating "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues". They recommend using BitLocker for Windows 7/8, FileVault for OS X, or (whatever) for Linux. So, what happened? The TrueCrypt site says:

This page exists only to help migrate existing data encrypted by TrueCrypt. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

Did the TrueCrypt devs (or SourceForge?) get a NSL? They are offering a "new" version (7.2), but apparently the signing key has changed and a source code diff seems to indicate a lot of the functionality has been stripped out. What's up?

Audit Reveals Significant Vulnerabilities for TrueCrypt and Successor VeraCrypt 18 comments

VeraCrypt security audit reveals many flaws, some already patched [Zeljka Zorz/Helpnet Security]

VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab.

The researchers found 8 critical, 3 medium, and 15 low-severity vulnerabilities, and some of them have already been addressed in version 1.19 of the software, which was released on the same day as the audit report.

The code auditing effort analyzed VeraCrypt 1.18 and its bootloaders.

"A first step consisted in verifying that the problems and vulnerabilities identified by iSec and NCC Group in TrueCrypt 7.1a for the Open Crypto Audit Project had been taken into account and fixed," the Quarkslab researchers involved in the effort explained.

"Then, the remaining study was to identify potential security problems in the code specific to VeraCrypt. Contrary to other TrueCrypt forks, the goal of VeraCrypt is not only to fix the public vulnerabilities of TrueCrypt, but also to bring new features to the software."

A short overview of the issues found (fixed and still not fixed) can be found here. The audit report, with mitigations for still unpatched vulnerabilities, can be downloaded from here.

Are any Soylentils using Veracrypt and/or other forks of Trucrypt?

The full audit report: TrueCrypt Cryptographic Review[PDF] [Alex Balducci, Sean Devlin, Tom Ritter/Open Crypto Audit Project]

Previously:
Independent Audit: Newly Found TrueCrypt Flaw Allows Full System Compromise
No Backdoors Found in TrueCrypt
TrueCrypt Site Encodes Warning about NSA Infiltration
TrueCrypt Discontinued, Compromised?

-- submitted from IRC


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Funny) by GreatAuntAnesthesia on Tuesday June 17 2014, @10:41AM

    by GreatAuntAnesthesia (3275) on Tuesday June 17 2014, @10:41AM (#56297) Journal

    This would make a great film, maybe with Tom Hanks running around looking for obscure latin clues hidden in arcane texts.

    Sorry, did I say "great? I meant "shit".

    • (Score: 2) by c0lo on Tuesday June 17 2014, @10:52AM

      by c0lo (156) Subscriber Badge on Tuesday June 17 2014, @10:52AM (#56298) Journal
      It's so shitty I would be surprised if it actually is true.
      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
      • (Score: 1) by Jeremiah Cornelius on Tuesday June 17 2014, @05:51PM

        by Jeremiah Cornelius (2785) on Tuesday June 17 2014, @05:51PM (#56553) Journal

        The TC crew, suggesting BitLocker as a replacement is a HUGE red flag that they are waving in your face:
        "Hey! Look Here! There's something we are trying to say! Do we have your attention yet?!"

        --
        You're betting on the pantomime horse...
  • (Score: 5, Insightful) by Lagg on Tuesday June 17 2014, @11:19AM

    by Lagg (105) on Tuesday June 17 2014, @11:19AM (#56300) Homepage Journal

    Now let me make one thing perfectly clear. I do not underestimate the NSA. I'm as disgusted in them as the next person and I will hate them until either I die or they do (and I don't just mean the organization itself). But come on. Really? This is just getting more and more unbelievable and making me dislike truecrypt's maintainers as time goes on. For one thing there are less ambiguous ways of embedding a warning and for another thing truecrypt is open source. I don't know why this is such a hard thing to grasp right now and not only is it open source but there was a successful first pass audit of the code and said audit is still ongoing. Or at least I hope so and the people who organized it and are being hired with that funding money aren't going to be called corrupt or something.

    This is just... Unethical. Even if this was completely true these authors are the biggest jackasses in both the world of code and cryptography alike. You don't go "This is compromised. Better use this proprietary tool instead. It's probably not compromised since you can't see the code". Schrodinger's programming. The best kind of programming.

    --
    http://lagg.me [lagg.me] 🗿
    • (Score: 0) by Anonymous Coward on Tuesday June 17 2014, @11:32AM

      by Anonymous Coward on Tuesday June 17 2014, @11:32AM (#56304)

      I think the developer(s) are just fucking with everyone, and the ones who see the NSA behind every tree are eating this shit up. Or, the developers are worse than the people who see the NSA behind every tree and they've decided that their tinfoil hats are no longer effective.

      Next they'll come out and say that they saw "NSA agents" peeping into their girlfriend's bedroom window.

      • (Score: 2, Informative) by Horse With Stripes on Tuesday June 17 2014, @12:44PM

        by Horse With Stripes (577) on Tuesday June 17 2014, @12:44PM (#56329)

        Either way - true or just seeing ghosts - I'm not using TrueCrypt anymore.

        • (Score: 2) by Rune of Doom on Tuesday June 17 2014, @01:50PM

          by Rune of Doom (1392) on Tuesday June 17 2014, @01:50PM (#56362)

          Which, to go further down the rabbit hole, could also be the point.

          • (Score: 0) by Anonymous Coward on Tuesday June 17 2014, @03:18PM

            by Anonymous Coward on Tuesday June 17 2014, @03:18PM (#56444)

            Indeed. The whole thing reminds me of a haunted house horror movie... at some point, the characters hear a spooky voice saying "Geeettttt ouuuuuuttttttt...." Do they get out? No, no they don't -- and the horror part begins.

            For some reason yet unknown for sure, the TrueCrypt folks flat out told everyone: "Geeettttt ouuuuuuttttttt.... (ahem) stop using this." Y'all can sit around and wonder why, but I'm getting out.

    • (Score: 1) by q.kontinuum on Tuesday June 17 2014, @11:33AM

      by q.kontinuum (532) on Tuesday June 17 2014, @11:33AM (#56305) Journal

      truecrypt is open source.

      So is openssl in BSD [theregister.co.uk], and they do a lot of reviews as well...

      You don't go "This is compromised. Better use this proprietary tool instead. It's probably not compromised since you can't see the code".

      To me this was a clear hint that TrueCrypt is not only un-maintained, but most likely really has or will have some backdoor. I will not use bitlocker (as it isn't available for the systems I usually use ;-)), but this advice emphasized to me that they really want to discourage me to use TrueCrypt for some probably sound reason they don't want to spell out loud.

      --
      Registered IRC nick on chat.soylentnews.org: qkontinuum
    • (Score: 4, Insightful) by Darth Turbogeek on Tuesday June 17 2014, @12:35PM

      by Darth Turbogeek (1073) on Tuesday June 17 2014, @12:35PM (#56326)

      IF TrueCrypt was compromised by the NSA, do you really think they would be able to say it directly? This is about as good a canary as they could do.

      And really, why is anyone doubting the project is compromised by a TLA? Do we need a slideshow from Snowden to get the doubters to see reality? I view it as properly ethical to undermine a compromised encryption project.

      • (Score: 2) by HiThere on Tuesday June 17 2014, @07:35PM

        by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @07:35PM (#56612) Journal

        The thing is, you don't need to assume it was compromised by (specific group). All you need to assume is that it's compromised. Maybe it's the Russian Mafia. Maybe it's the NSA. Maybe it's (what's that British group?). Doesn't really matter by who. Not for this purpose.

        --
        Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    • (Score: 2) by sjames on Tuesday June 17 2014, @06:41PM

      by sjames (2882) on Tuesday June 17 2014, @06:41PM (#56577) Journal

      I would like to see the audit completed on the current version, but it's not likely the problem. The most plausible scenario involving the NSA is that they were attempting to use some sort of pseudo-legal process to force the release of a corrupt future version complete with a gag order. Their actions would be an excellent response to that assuming they didn't want to go to jail.

  • (Score: 2, Interesting) by Anonymous Coward on Tuesday June 17 2014, @11:42AM

    by Anonymous Coward on Tuesday June 17 2014, @11:42AM (#56310)

    Here's an alternate theory: it's not in Latin, but in Romanian: http://kabelmast.wordpress.com/2014/06/17/truecrypt-developer-admits-nsa-connection/ [wordpress.com]

    tldr;
    Message translated from Romanian To English (with Bing): "im with the nsa and uti".
    UTI [wikipedia.org] = Romanian IT company which works for the military, etc.

    • (Score: 1) by goodie on Tuesday June 17 2014, @02:36PM

      by goodie (1877) on Tuesday June 17 2014, @02:36PM (#56407) Journal

      And there I was going to recommend tons of cranberry juice to help with that :D

    • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @10:31AM

      by Anonymous Coward on Wednesday June 18 2014, @10:31AM (#56869)

      as a Romanian speaking guy, that does not sound Romanian at all. I know it's fun to use Google Translate for pattern matching though ...

  • (Score: 3, Insightful) by Anonymous Coward on Tuesday June 17 2014, @11:46AM

    by Anonymous Coward on Tuesday June 17 2014, @11:46AM (#56311)

    This all seems a bit similar to the "Paul is dead" thing.

    If you put the spaces in different places you can get:"ut insa im cu si", which translates to "I might be mad if I care".

    • (Score: 1) by larku on Tuesday June 17 2014, @12:02PM

      by larku (4429) on Tuesday June 17 2014, @12:02PM (#56316)

      I'm not casting judgement whether this is coincidence or not but my initial thoughts were - a bit too much like bible codes. Look at anything long enough and you can make/find some contrived secret 'meaning'.

      But there is also the fact that the TrueCrypt guys are cryptography experts and are skilled at hiding things in plain sight :)

    • (Score: 2) by HiThere on Tuesday June 17 2014, @07:41PM

      by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @07:41PM (#56618) Journal

      You are correct. It's not certain that there's an actual message there. But if you could show that there WAS an intentional message, it might well be illegal for them to do it.

      Valid certainty is not available in this circumstance. (Well, it never is, but in this case more than most.) What you need to do is estimate your risks and plan your actions based on that. And remember the weakening of internet cyphers. The weakness doesn't need to be something that anyone besides the govt. (or equivalent big powerful malicious group) could get through. If you aren't worried about any of them, it may not matter to you. (But do notice all the bits where I indicated this is an estimated risk, not a calculated one.)

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 5, Funny) by Robotron on Tuesday June 17 2014, @11:48AM

    by Robotron (3099) on Tuesday June 17 2014, @11:48AM (#56312) Homepage

    If you click on his name link you receive the following message: The user you requested does not exist, no matter how much you wish this might be the case.

    Take the final letter of each of these words, reverse them and separate your letter crop into one eight letter word, one six letter word and one four letter word. This is the 'Geezer Cypher' named for London's gangsters who perfected its use through postwar years.

    Now, consult Tolkien's writings perform a rough conversion to Elvish/Elfish/Orlandabloomish. By translating your results into Old Norse (favored tongue at the Bilderberg conference and known J.R.R. staple) and finally back to Postmodern English we receive the following revelatory and newsworthy phrase:

    "Government toiletcam him."

  • (Score: 0) by Anonymous Coward on Tuesday June 17 2014, @11:52AM

    by Anonymous Coward on Tuesday June 17 2014, @11:52AM (#56314)

    Presumably someone has already checked for steg messages in the screenshots. Cos if I wanted to hide a message I'd put one there.

    • (Score: 1) by q.kontinuum on Tuesday June 17 2014, @12:38PM

      by q.kontinuum (532) on Tuesday June 17 2014, @12:38PM (#56327) Journal

      I wouldn't. The reference picture could would have to be publicly available, which would make plausible denial later on difficult. The current warning should be sufficient to make anyone suspicious who really has to rely on a secure encryption, but obviously (proven by comments to this article) leaves enough doubt to debate if it is really a hidden message. And the beauty of it: It's probably risk-free for the author. If he received a gag order, anyone suing him for violating it would by that confirm himself its existence.

      So, if anyone needs to encrypt his porn drive: Go ahead. You are probably save enough. If you want to pull a Snowden... Maybe you want to chose something else (although probably not Bitlocker as well)

      --
      Registered IRC nick on chat.soylentnews.org: qkontinuum
  • (Score: 3, Insightful) by BsAtHome on Tuesday June 17 2014, @11:52AM

    by BsAtHome (889) on Tuesday June 17 2014, @11:52AM (#56315)

    You can find any meaning in anything. You just massage the data in the right way and it will tell you what you have always believed in. A self-fulfilling prophecy in perpetual motion.

    There may be a truth in any remark or finding, but extraordinary claims require extraordinary proof. Or, in other words, if it walks like a duck, quacks like a duck and flies like a duck, it would most probably be a (duck) goose [sigh].

    Some good questions:
    - If the authors of TC are anonymous, where no one knows who they are, how can they be silenced?
    - If there are multiple devs, are they all US nationals? If not, why are they all silent?

    • (Score: 0) by Anonymous Coward on Tuesday June 17 2014, @12:55PM

      by Anonymous Coward on Tuesday June 17 2014, @12:55PM (#56339)

      I'm afraid those aren't very good questions. To you and me the developers are anonymous, to NSA et al. not so much. Also, do you really think that the NSA follows the laws of the countries it spies upon? Pretty naive.

      If you're doing anything sensitive, your a fool to use Micro$oft to begin with. Ditto apple, google, facebook...

    • (Score: 2) by LookIntoTheFuture on Tuesday June 17 2014, @04:00PM

      by LookIntoTheFuture (462) on Tuesday June 17 2014, @04:00PM (#56479)
      "You can find any meaning in anything. You just massage the data in the right way and it will tell you what you have always believed in. A self-fulfilling prophecy in perpetual motion."

      I know this is off-topic but this is why collecting "big data" and having humans analyze it (or writing code to do so) is a recipe for disaster. Especially when this data is used to hurt your reputation, imprison or kill you.
      • (Score: 0) by Anonymous Coward on Friday June 20 2014, @11:02AM

        by Anonymous Coward on Friday June 20 2014, @11:02AM (#57894)

        Answer 2 questions here http://soylentnews.org/comments.pl?sid=2401&cid=56617 [soylentnews.org] & you're more than welcome to validly technically disprove my points on hosts here also http://soylentnews.org/comments.pl?sid=2401&threshold=0&commentsort=0&mode=improvedthreaded&pid=56357#56595 [soylentnews.org] since you avoided them before ("gosh, I wonder why?" Not!) & yet you saw fit to give me orders? Do you own this site?? No, I doubt that.

        APK

        P.S.=> You're 1 of 4 types of people (bank on it):

        1.) Advertiser
        2.) Malware maker &/or botnet herders
        3.) Webmaster (I held the app back for them in fact, it was done, in 3 parts though in tty mode, as far back as 2003 here but when malvertizing went out of control, out the door she went to 'the masses' for the absolute good, since any idiot knows being destructive = easy, but doing good NEVER is, but it's worth it imo)
        4.) An INFERIOR competitor (e.g. - AdBlock, Ghostery, & RequestPolicy)

        * Doesn't 'take a brain' to realize THAT much - after all: THEY'RE THE ONES WHO GET "HURT" by it... problem is, THEY have been hurting others bandwidth/speed, security, & more for DECADES...

        Funniest part is that those technically unjustifiable downmods are "the best they got" but they certainly CAN'T get the better of me disproving my points on hosts files' mulitiple nigh ubiquitous value to end users...

        In fact? I'd almost WAGER per #5 above in this case, that it's Wladimir Palant (AdBlock creator) who wrote me by email, 1st, saying "hosts are a shitty solution" - well, when I confonted him in email reply to show me that "Almost ALL ADS BLOCKED" can do MORE than custom hosts? He refused to reply, & RAN like a scared rabbit - ESPECIALLY after this article study showed how massively INEFFICIENT in RAM (5gb usage) & HIGH CPU USAGE AdBlock is https://blog.mozilla.org/nnethercote/2014/05/14/adblock-pluss-effect-on-firefoxs-memory-usage/ [mozilla.org] ... apk

    • (Score: 2) by HiThere on Tuesday June 17 2014, @07:49PM

      by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @07:49PM (#56624) Journal

      This is true only if you have enough data to work with, or a REALLY loose definition of what it means to massage the data. (OTOH, someone already came up with an alternative involving Romanian, above this in the thread. I didn't find it convincing, but there may be other meanings that could be derived, some of which might be convincing.)

      Still, to address your questions:
      Why do you think that they fear legal actions rather than illegal ones? What makes you think they are really anonymous? (Being anonymous for any length of time is really difficult if someone with resources is after you.)

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 4, Informative) by elf on Tuesday June 17 2014, @12:52PM

    by elf (64) on Tuesday June 17 2014, @12:52PM (#56337)

    This reminds me of the Bible Code!

    A couple of things here

    1) The developers are anonymous, no one knows who they are. If the NSA does know who they and they are under their control then they would have to be American citizens. The NSA has no jurisdiction on and people not being in the US. If they got a letter they could just publish it and not worry about prosecution.

    2) As many people have said before, the code being open source, is open for anyone to view and see changes over time. If, the developers were American, and received a letter from the NSA then the mostly like reason for them leaving is not because there is a back door already there but because they were asked to put a back door in going forwards. I don't know how much of the code history has been preserved since it was all shut down (I know a code version is available now but I don't know if you can look at previous code versions still) but if it is then a clear picture will be made available when the 2nd part of the code review is finished.

    It looks like there are a few efforts to get forks of the project up and away. I know the open source license was quite restrictive, but with out anyone stepping forward to make a claim of breaching the license it will be hard to prosecute anyone for forking. (IANAL so just a personal guess). Even if someone did it will be hard to prove you were actually the owners of the code in the first place.

    • (Score: 2) by d on Tuesday June 17 2014, @01:02PM

      by d (523) on Tuesday June 17 2014, @01:02PM (#56344)

      You assume that they obey the law. If they don't, the NSA devs might as well be foreigners.

    • (Score: 2) by Hairyfeet on Tuesday June 17 2014, @11:22PM

      by Hairyfeet (75) <{bassbeast1968} {at} {gmail.com}> on Tuesday June 17 2014, @11:22PM (#56690) Journal

      They don't have to be US citizens, they could be citizens of any country under Five Eyes [wikipedia.org] or have family under five eyes which pressure can be placed upon. Remember its REALLY not hard for a government to put pressure on somebody these days, hell all they would have to do is say they are gonna grab your relative and charge them with CP. It won't matter if its true or not, the case will take a couple years to wind through the courts and CP cases have a better than 95% conviction rate because juries just hear the word and are ready to convict. you really gonna let uncle Howard do 60 years comrade, or are you gonna put out this "new version" with a backdoor and hand us the keys?

      Lets face it we ALL know what happened and involves the words NSA. Funny that we defeated fascism in WWII only for the country to slowly sink into a fascist oligarchy.

      --
      ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
  • (Score: 2) by geb on Tuesday June 17 2014, @12:58PM

    by geb (529) on Tuesday June 17 2014, @12:58PM (#56340)
    As much as we might like to mock this, we can't dismiss it as being too unlikely.
    Something unlikely has already happened. The project wouldn't have died instantly and mysteriously in normal circumstances. The only question is which unlikely thing happened.
    • (Score: 4, Insightful) by WizardFusion on Tuesday June 17 2014, @02:42PM

      by WizardFusion (498) Subscriber Badge on Tuesday June 17 2014, @02:42PM (#56414) Journal

      Occam's razor applies

      • (Score: 1) by Jeremiah Cornelius on Tuesday June 17 2014, @06:51PM

        by Jeremiah Cornelius (2785) on Tuesday June 17 2014, @06:51PM (#56580) Journal

        Occam's Razor applies to natural phenomena, not so much to psychological motivation or human behavior.

        --
        You're betting on the pantomime horse...
        • (Score: 2) by aristarchus on Tuesday June 17 2014, @07:42PM

          by aristarchus (2645) on Tuesday June 17 2014, @07:42PM (#56620) Journal

          Don't see why Occam's would not apply to human psychology as well, but it is obvious that the razor you are looking for is Hanlon's Razor [princeton.edu]

      • (Score: 2) by sjames on Tuesday June 17 2014, @06:53PM

        by sjames (2882) on Tuesday June 17 2014, @06:53PM (#56582) Journal

        OK, that rules out alien conspiracy. But given that the NSA is known to have corrupted a NIST standard and there is good evidence that they paid RSA a decent chunk of money and RSA then chose a rather unlikely default for a popular crypto library that just happened to encourage use of the corrupted PRNG, the simplest explanation is that they are at it again. Assuming that after years of sanity and allowing a largely complete project coast along the Trucrypt guys suddenly went nutz and threw a hissy fit for no discernable reason is the weaker theory under Occam.

      • (Score: 2) by HiThere on Tuesday June 17 2014, @08:01PM

        by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @08:01PM (#56632) Journal

        "Do not multiply entities without sufficient cause"?
        Which entities?
        We know the NSA exists.
        We know the NSA has a pattern of acting to compromise security.
        We know that some agency, presumably the NSA, has in the past taken probably illegal actions to compromise security.
        We know that TrueCrypt was for the purpose of providing security.
        We know that the NSA has the ability to cause to be issued National Security Letters which forbid the recipient to disclose that they have received the letter AND enjoin them to take actions that would compromise security.
        We know that TrueCrypt has shut down with little explanation and unbelievable alternative recommendations.

        There may be other relevant facts, but those are on the top of my mind. They don't suffice to prove that the NSA is the villain of the piece, but they make it extremely plausible, and no other explanation appears even nearly as plausible.

        This isn't proof, but if it is valid, proof would probably be illegal. So we can't expect that proof would be available. So the lack of proof is not evidence against the theory. (It isn't evidence in favor of it either, as some alternative theories also would imply that proof would not be available. E.g., it could have shut down under threat from criminals from some country or other.)

        --
        Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
        • (Score: 1) by cafebabe on Wednesday June 18 2014, @12:46AM

          by cafebabe (894) on Wednesday June 18 2014, @12:46AM (#56706) Journal

          The test of a good conspiracy theory is that it cannot be proved or disproved. Unfortunately, when a National Security Letter is involved, the situation immediately devolves into a conspiracy theory. I'd like this to be a clear-cut and empirical as the next person. However, we are in a realm of shadows and specters.

          --
          1702845791×2
          • (Score: 2) by Yog-Yogguth on Monday June 30 2014, @01:20PM

            by Yog-Yogguth (1862) Subscriber Badge on Monday June 30 2014, @01:20PM (#61910) Journal

            "That's A Conspiracy!" is the name of that tune which goes "La la la la I can't hear you because I'm singing this song as loudly as I can, as loudly as I can!, AS LOUDLY AS I CAN!". Would be nice if people stopped playing and singing it all the time or at least went a bit easy on the fucking refrain but instead they'll complain about anyone talking about you-know-what.

            So no, we're not in the realm of shadows and whatnot. We know that National Security Letters are being used in exactly the same way that we know secret courts and secret laws are being used: someone told. Not just Snowden either but huge multinational companies and other people who used to work for the system. Lately we even got to know that entire secret trials have been attempted where even talking about the existence of the trial/any of the contents was supposed to be illegal and kept secret except at most (and under duress) what amounted to saying "there was a trial"! There are a lot of trials going on at any time and without anything more added to it that would be as good as saying nothing at all i.e. a secret trial.

            It has been in the news for over a year now yet people still ignore it: there is no conspiracy, it is reality. It is happening as we speak, every second of every day, your post, my post, everything, it is being analyzed, it is being categorized, it is being mined, it is being scrutinized, but it's "okay" because it's not humans doing it and thus "not" surveillance.

            We know the only way to struggle against a National Security Letter is to stop, as suddenly as you can, and hope both that people will notice and that it wont put you in some kind of jail or kill you. If you can't treat such specific behavior as likely proof then both you and Francis Bacon might as well take up permanent lodging at the local asylum because the real world has left you behind ages ago.

            You might be (I don't know for sure) the kind that thinks you got away with cheating because you weren't caught in the act. Well, they got caught in the act multiple times and you're still talking about "conspiracies", shadows, and ghosts.

            --
            Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
  • (Score: 5, Informative) by Anonymous Coward on Tuesday June 17 2014, @03:49PM

    by Anonymous Coward on Tuesday June 17 2014, @03:49PM (#56473)

    Speaking for myself, I found the TrueCrypt developers to be a bit too defensive when it came to cryptographic issues. Let me give you an example:

    At one time, a certain block mode was being considered as a draft standard. There were a number of highly skilled members of the committee who had concerns about the draft mode. Later after yet another significant cryptographic issue was discovered with the mode, the committee abandoned the mode and began the long effort to consider another mode.

    To my surprise, I discovered that TrueCrypt had implemented the draft mode we abandoned. It was bad enough that TrueCrypt had released an implementation of a moving target draft standard, but sometimes people jump the gun not realizing how drafts can change in subtle but important ways. Thinking they may have not heard of why the block mode was abandoned, I begin to communicate details with TrueCrypt Foundation. I included references to committee documents along with additional details that may not have been apparent from a casual reading.

    The reaction from people claiming to be from the TrueCrypt Foundation was hostile. Thinking I had somehow unintentionally offended someone, I sent apologetic replies trying to smooth the situation. Unfortunately what followed from the TrueCrypt Foundation was denial that anything was wrong. Even after seemly smoothing over any feelings, their reply was a vow to march ahead and to continue to support the code they released.

    Having better things to do, I gave up communicating with the TrueCrypt Foundation, concentrating on the next standard drafts that focused on the replacement mode. Later on when it came time to document our efforts, I again encounter people from the TrueCrypt Foundation defending the old mode. As an example, text on Wikipedia explaining what happened with the standard was removed. An attempt to replace text with citations supporting what happened was removed. The source of those removals turned out to be some of the same TrueCrypt Foundation people. Moreover, comments posted on the Undo used some of the exact same defensive language as I encountered on my earlier Email exchange.

    And while TrueCrypt later picked up the new mode when the standard was adopted (and then became a NIST published mode and an ISO standard), TrueCrypt still to this day maintains code that supports that flawed mode in a what TrueCrypt says is a backward compatibility mode.

    I have no idea if any of the recent stories and rumors about TrueCrypt are true. I do, however, NOT recommend using the TrueCrypt backward compatibility mode. And if their reaction to cryptographic issues were any judge of their crypto developer capability, I would strongly caution against automatically trusting the cryptographic integrity of TrueCrypt.

    I was urged by a colleague to post my reaction to the TrueCrypt announcement. I reluctantly agreed to do so. However, I really don't was to get into another flame war with TrueCrypt over this issue, so pardon me if I post as an "anonymous coward".

    • (Score: 1) by Jeremiah Cornelius on Tuesday June 17 2014, @06:53PM

      by Jeremiah Cornelius (2785) on Tuesday June 17 2014, @06:53PM (#56583) Journal

      Thank you very much, for bothering to do this.

      --
      You're betting on the pantomime horse...
    • (Score: 2) by HiThere on Tuesday June 17 2014, @08:06PM

      by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @08:06PM (#56634) Journal

      Thank you. Anonymous comments are always reasonable to distrust, but as this is only further backing for what the TrueCrypt developers were recommending anyway, it provides an additional reason to seek a replacement.

      P.S.: If your committee documents were public, it might be useful to include a link.

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
      • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:22AM

        by Anonymous Coward on Wednesday June 18 2014, @02:22AM (#56729)

        These documents might be available on the IEEE P1619 reflector .. the committee is dormant now that XTS is a NIST and ISO approved mode.

        In the mean time ... and I know this is all of the the pointers, here is the mode of operation reference:

        http://en.wikipedia.org/wiki/TrueCrypt#Modes_of_operation [wikipedia.org]

        See also:

        http://en.wikipedia.org/wiki/Disk_encryption_theory#Liskov.2C_Rivest.2C_and_Wagner_.28LRW.29 [wikipedia.org]

        See also:

        http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue [wikipedia.org]

        Note in the above URL the following text is full of bogons:

        "Some members of the group found it non-trivial to abandon LRW, because it had been available for public peer-review for many years (unlike most of the newly suggested variants)."

        BTW: Side node: XTS: originally called XTC, but some people objected to the pun on moral grounds (gee wiz). XTS: It may be spelled X T S but you can just say XTC! :)

        Anyway, XTS based on XEX which has been around for a while:

        http://grouper.ieee.org/groups/1619/email/msg01369.html [ieee.org]
        http://grouper.ieee.org/groups/1619/email/pdf00042.pdf [ieee.org]
        http://grouper.ieee.org/groups/1619/email/pdf00086.pdf [ieee.org]

        Rogaway proposed the XEX back in 2004:

        http://www.cs.ucdavis.edu/~rogaway/papers/offsets.pdf [ucdavis.edu]

        And the basis of that work went back much farther. So XTS was no "virgin crypto" by any means. While concerns over LRW mounted, work in XEX (which let to XTC which was renamed XTS) continued. And compared with LRW that was known to be flawed, XTS was way ahead.

        Even though flaws in LRW were known, TrueCrypt defended its use with a surprising zeal. Demonstrated flaws were ignored. The "but we are using it!" cry was, unfortunately, loud. Even so, picking up a proposed draft mode and running ahead with it before it was fully analyzed is a risk. TrueCrypt got burned.

        Today XTS is still holding ground:

        http://www.tandfonline.com/doi/abs/10.1080/01611194.2012.635115 [tandfonline.com]

        However, breaks in crypto only get worse. It is possible that a serious problem with XTS will force a new mode to be developed. It pays to be agile. :)

        • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:38AM

          by Anonymous Coward on Wednesday June 18 2014, @02:38AM (#56734)

          I should have started:

          These documents might be available on the IEEE P1619 reflector .. the committee is dormant now that XTS is a NIST and ISO approved mode.

          In the mean time ... and I know this is NOT all of the the pointers you wanted ... so here is some stuff, such as the mode of operation reference:

          ...

        • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:46AM

          by Anonymous Coward on Wednesday June 18 2014, @02:46AM (#56736)

          Thanks for that post on TrueCrypt, LRW, XTC (laugh) and XTS!

          My 2 anonymous cents:

          There were (are?) commercial products that depend(ed) on the flawed LRW mode. There were employees of those firms who defended their commercial products with as much, if not more zeal than the TrueCrypt Foundation.

          I do not know if there was any crossover or ties between those commercial products that used LRW and the TrueCrypt Foundation. I don't mean to imply there is or was anything sinister with a tie between commercial product and TrueCrypt development. I just waned to point out that the TrueCrypt folks were not the only one upset about the fate of LRW. On the other hand, if there was a tie, it might explain a few things.

      • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:34AM

        by Anonymous Coward on Wednesday June 18 2014, @02:34AM (#56733)

        An interesting thing to test with TrueCrypt is to see how they maintained backward compatibility with LRW. There certainly are ways to do backward compatibility right. TrueCrypt backward compatibility may have done the right way.

        If an attacker could force TrueCrypt code into using only backward compatibility mode, then under certain circumstnces key material encrypted in its own volume could be leaked due to one flaw in LRW. And certainly TrueCrypt disks operating in backward compatibility mode ARE today subject to the problems with LRW:

        http://grouper.ieee.org/groups/1619/email/msg00962.html [ieee.org]
        http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue [wikipedia.org]

  • (Score: 2, Insightful) by takyon on Tuesday June 17 2014, @04:55PM

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Tuesday June 17 2014, @04:55PM (#56521) Journal

    This "lead" looks pretty thin. Maybe someone should check for a TrueCrypt volume hidden in the text of the announcement.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
  • (Score: 2, Insightful) by tftp on Tuesday June 17 2014, @07:35PM

    by tftp (806) on Tuesday June 17 2014, @07:35PM (#56613) Homepage

    I can easily imagine that the TC code has a bug. It may have an intentional backdoor even that can be exploited by the NSA. Yes, if you are worried about the NSA, don't use TC. As matter of fact, don't use a computer.

    However this stunt pulled the plug on millions of TC installations that have nothing to do with NSA. Lots of people encrypt their laptops so that a thief cannot get access to their banking information. I do not believe that a common thief would have access to NSA decryption facilities.

    All crypto solutions are fallible, somewhere and somehow. If you cannot calculate the key, for example, use a $5 wrench. Put a keylogger in. Use TEMPEST. Install a video camera, or insert a virus that makes screenshots of plaintext. There are many ways to defeat a given piece of technology. Security depends on locking all the doors, not just one or two.

    Disappearance of TC made life harder for all those people who used TC to protect their personal and business laptops. Does a business worry about NSA? No, because the government can at any time walk in, arrest everyone, and confiscate all the servers. Perhaps it's an abuse of law, but that's how things are. A business has no reason to worry about NSA. A business would be happy enough to continue using TC, as it is a sufficiently high barrier against thieves. Now this option is no more - until TC is forked.

    • (Score: 1) by takyon on Wednesday June 18 2014, @08:13AM

      by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Wednesday June 18 2014, @08:13AM (#56828) Journal

      The timing of the TrueCrypt announcement was the right kind of abrupt and vague ("unfixed security issues") to spook everyone. I expect at least another 5 stories about it here on Soylent.

      WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

      This page exists only to help migrate existing data encrypted by TrueCrypt.

      The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

      Maybe the hidden message is in plain sight: the dev(s) want to move on with their lives, they cite recent OSes including encrypted disk support as a reason to quit, and the reference to "unfixed security issues" serves as a fair warning of what could happen to software no longer receiving bug fixes. If you're not worried about the government swooping in and taking your machines, then you won't have a problem using one of the more corporate (backdoored?) alternatives. And if you do have a problem, you don't have a choice, unless you want to use a newer version by TrueCrypt.ch [truecrypt.ch].

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
  • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @06:08PM

    by Anonymous Coward on Wednesday June 18 2014, @06:08PM (#57061)

    Someone else noted the initials in Schneider's comments section, and was mostly ignored at the time.

    But what kind of warning is this? To carry any weight we'd need at least a single detail as to how past versions were compromised. If those versions are actually okay, the poster did everyone a disservice by being so unclear, canary pressures notwithstanding. The whole thing's tarred with uncertainty.

    • (Score: 2) by Yog-Yogguth on Monday June 30 2014, @02:52PM

      by Yog-Yogguth (1862) Subscriber Badge on Monday June 30 2014, @02:52PM (#61953) Journal

      I'm out of my mind replying to ancient AC post given my circumstances but here goes lol and it's Schneier not Schneider, easy mistake :)

      If someone wants to verify their own findings then telling invalidates independent verification.

      If someone asks for help in investigations then demonstrably some things have to be independently verified to be believed and telling will only trigger unreasonable ridicule.

      Since you're talking about Schneier's comment section look at the whole audio side-channel issue and remember that elsewhere someone respected who told but was struggling to nail it down in its malware form (as in hindsight should be expected) was first and foremost labeled a fool and idiot. This is now known to be a real possibility even though it hasn't gotten all that much attention. We now have recent academic papers using ordinary off the shelf computers and mobile phones that defeats air gaps. Some say Linux is secure against it while OpenBSD isn't; I very much doubt that applies to the actual malware which likely cuts through both like air.

      As far as I know (and I'm not up to date, not even on my rss feed which explains this late comment -I'm completely overwhelmed by a deluge of information and need longer and longer breaks) nobody has nailed down the in-the-wild malware yet but I'm not sure that will be possible considering the likely source and the likely tools it employs. The computers and mobile phones don't actually control the hardware in question; instead they delegate to it, they have to, it is the whole point of the subsystem existing in the first place, it is unavoidable and I don't see anyone providing open source subsystem replacement code which would require "rooting" and replacing the independent sub-system processor hardware firmware software (yes that was meant to make sense: the software stored on and running on the sub-system processor) using software backdoors (which is obviously possible because it too has been publicly demonstrated in similar and applicable circumstances). Compare this to a virus successfully targeting and attacking the independent genome of mitochondria instead of that of the body at large.

      Someone went through a lot of effort to create this little gem, one can already say that even when not knowing the specifics of the content. As a hack it is impressive and beautiful and far above the minds and imaginations of most of us (at least that's the way I feel about it myself: I doubt I could even conceive of it on my own).

      People still doubt it all but that will always be the case.

      Anyway back to Schneier's comments section: have fun finding some weird comments that most likely alludes to this "air gaps are dead" business (or much worse). I don't know if they're advanced warnings or not but a few months later it is obvious that the setup Scheier uses to remain secure is anything but: he uses TrueCrypt in combination with airgapped computers and PGP/GPG. Unless Schneier keeps his system separated in different rooms that aren't traversed by electronic devices (no carrying around of for example mobile phones within a significant radius of the room) then his setup isn't secure: thus most likely for example the seed numbers for any encryption are known, maybe much more.

      --
      Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
  • (Score: 0) by Anonymous Coward on Thursday June 19 2014, @12:08AM

    by Anonymous Coward on Thursday June 19 2014, @12:08AM (#57187)
    The message is in the first line of the announcement:

    WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues