SoylentNews

TrueCrypt: Flaw in Container Creation Suspected

posted by martyb on Friday May 30 2014, @08:45PM   
from the some-settling-of-contents-may-have-occurred dept.

Anonymous Coward writes:

According to a German researcher, Mattias Schlenker, we are to expect that the reason for TrueCrypt's recent shutdown is not a National Security Letter, but a serious security flaw in how TC container files are created on Windows.

He expects the flaw to become public within a week.

What gives this chap some credibility is that he's one of the developers of "desinfec't", a Knoppix-based live Linux that comes with several virus scanners and is distributed by well-renowned German computer magazine c't (whose mother company/publishing house, Heise, hosts the forum where he made his announcement).

Link to his original German posting: http://www.heise.de/security/news/foren/S-Re-Warum -TrueCrypt-nicht-in-Desinfec-t-enthalten-ist/forum -280432/msg-25289876/read/

See our earlier coverage: TrueCrypt Discontinued, Compromised.

• Re:Maybe, but... (Score: 2) by maxwell demon on Saturday May 31 2014, @10:30AM

  by maxwell demon (1608) on Saturday May 31 2014, @10:30AM (#49520) Journal

  (Taking the liberty to remove stray characters from the quote and add proper formatting):

  An active attacker with root privileges may also eliminate the randomness from the Linux random devices by the commands

  sudo rm /dev/random /dev/urandom
  sudo mknod /dev/random c 1 5
  sudo mknod /dev/urandom c 1 5

  completely

  I wonder if that would still work with udev. But nevertheless, it's an interesting point; it means that before using /dev/random or /dev/urandom you should first make sure that they have the correct major and minor device number.

  --
  The Tao of math: The numbers you can count are not the real numbers.

  Parent

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2