Shit. I've been doing some work with TrueCrypt as a means of allowing select users at my org to transfer offsite/take home sensitive files on memory sticks.
posted by nubs at 5:59 PM on May 28, 2014

Since an explanation of what TrueCrypt is would be helpful: "TrueCrypt is a source-available freeware application used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or (under Microsoft Windows except Windows 8 with GPT) the entire storage device (pre-boot authentication)."
posted by ardgedee at 5:59 PM on May 28, 2014 [7 favorites]

So you get this when you try to install Windows Truecrypt. What messages do the Linux / OSX versions give you, I wonder? Because "ending development because Windows already has encryption" is a stupid thing to say when your software is multi-platform...
posted by Jimbob at 6:01 PM on May 28, 2014 [5 favorites]

The warrant canary theory sounds interesting, but doesn't seem to translate into the offline encryption software world in the same way it works for cloud hosted services. A secret court order requiring them to insert a backdoor into an open source piece of software and get everybody to update has some major practical problems.
posted by zachlipton at 6:04 PM on May 28, 2014 [1 favorite]

I am so much more easily convinced the conspiracy theories are real post-Snowden.
posted by pulposus at 6:06 PM on May 28, 2014 [57 favorites]

I'm catching up here, but am I right that the authors of TrueCrypt have remained anonymous? There's a "TrueCrypt Team" but precious few names attached to it. The other piece of the story I'm learning about; an independent volunteer effort to audit TrueCrypt started last year.
posted by Nelson at 6:07 PM on May 28, 2014

The best explanation I've seen is a rage-quit, based on the commit history; as if someone was making changes and then decided "fuck you people" because the audit kickstarter got all kinds of money and Truecrypt got nothing.
posted by Old'n'Busted at 6:10 PM on May 28, 2014 [6 favorites]

Nelson - here are the results from phase I of that audit. I don't believe phase II has started/is anywhere near complete.
posted by nubs at 6:12 PM on May 28, 2014 [1 favorite]

Sooooo...What do folks suggest for the encryption of individual files or of a partition for OSX now?
posted by rollbiz at 6:13 PM on May 28, 2014

Really, really bizarre story at this point. As of last month, after the iSec audit, Schneier was still using Truecrypt.

Many days it feels like the infosec community (which keeps me employed, fed and caffeinated) can generate a completely endless stream of drama.
posted by These Premises Are Alarmed at 6:16 PM on May 28, 2014 [8 favorites]

Jimbob, both Linux and OS X have disk encryption built in. OS X has FileVault, which supports encrypting the full boot disk since 10.7, and Linux has dm-crypt, which is probably going to demand some fiddling unless your distro built it into the installer. I know Ubuntu at least supports disk encryption at install time. For encrypting archives rather than full disks, the OS X disk utility allows you to create an encrypted disk image. I'm not sure what simple tools are available for Linux right now.

The Truecrypt screw-this includes this page of advice for Mac and Linux users. It's a little bit hilarious.

If you have files encrypted by TrueCrypt on Linux:

Use any integrated support for encryption. Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation.

posted by skymt at 6:23 PM on May 28, 2014 [4 favorites]

So, is there a cross-platform way to encrypt a file container, or am I now screwed?
posted by dirigibleman at 6:23 PM on May 28, 2014 [1 favorite]

gpg is multi platform and does file encryption
posted by idiopath at 6:25 PM on May 28, 2014 [3 favorites]

worth pointing out that they changed the license on the new version by removing this clause, which could be interpretable as turning it into truly 'free' software, releasing it into the hands of other developers? but maybe i'm off base, ianal.

- c. Phrase "Based on TrueCrypt, freely available at
- http://www.truecrypt.org/" must be displayed by Your Product
- (if technically feasible) and contained in its
- documentation. Alternatively, if This Product or its portion
- You included in Your Product constitutes only a minor
- portion of Your Product, phrase "Portions of this product
- are based in part on TrueCrypt, freely available at
- http://www.truecrypt.org/" may be displayed instead. In each
- of the cases mentioned above in this paragraph,
- "http://www.truecrypt.org/" must be a hyperlink (if
- technically feasible) pointing to http://www.truecrypt.org/
- and You may freely choose the location within the user
- interface (if there is any) of Your Product (e.g., an
- "About" window, etc.) and the way in which Your Product will
- display the respective phrase.

posted by p3on at 6:34 PM on May 28, 2014

Here's an interesting tweet- said interview airs in 20 minutes, so I guess we'll know soon enough.
posted by dilaudid at 6:39 PM on May 28, 2014 [1 favorite]

What in the flipping hell happened? I was hoping for a new version that worked better with Win 8 and multiboot systems, or so my relative ignorance of the product led me to think. They recommend BitLocker? Uh. Well, my current laptop has one of those fancyass TPM Infineon modules, so I suppose I'll give it a try? At least AxCrypt is still going on, bleh.
posted by Iosephus at 6:41 PM on May 28, 2014

At this point, does the government demanding access to security software under an NDA even classify as a conspiracy theory? I mean, by that definition I guess I conspire to pay my taxes every year.
posted by Phyltre at 6:47 PM on May 28, 2014 [14 favorites]

Ah, they are being ironic? Or even "ironic"? If this is due some buggers in some government agency I'm likely to invent a whole new class of creative Spanish insults regarding them, mind you.
posted by Iosephus at 6:48 PM on May 28, 2014

Yeah, if we're assuming that the developers were forced to discontinue the software because it had been compromised, or because they were coerced—and those seem like real possibilities, given the bizarre nature of the situation—then we have to assume that the content of the developers' announcement and recommendations may have been influenced by those same forces.

If that's the case, then installing BitLocker might be playing right into Their hands—if They're shaping the message, presumably they would recommend an alternative that they already have the back door keys to.
posted by escape from the potato planet at 6:51 PM on May 28, 2014 [2 favorites]

Wow, this is really… Yuck.

I expect that, if this wasn't a plain ol' hacked web site (in an attempt to get malware onto the machines of people with Something To Hide), then it was a government twisting a developer's arm. And that really makes me sad an uncomfortable and angry.
posted by wenestvedt at 6:59 PM on May 28, 2014 [1 favorite]

"If you have files encrypted by TrueCrypt on Linux:Use any integrated support for encryption. Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation"

Did TrueCrypt just tell me to go fuck myself?
posted by qxntpqbbbqxl at 7:02 PM on May 28, 2014 [73 favorites]

I downloaded the sources for the new (?) 7.2 version, and there's no changelog in sight, plus every source file seems to have the same timestamp. Not a good sign, no sir.
posted by Iosephus at 7:04 PM on May 28, 2014 [2 favorites]

It gets worse, I idly thought "hey, let's see if I can't get some of the old sources from archive.org and compare changes".

"Sorry.

This URL has been excluded from the Wayback Machine."

WHAT
posted by Iosephus at 7:08 PM on May 28, 2014 [15 favorites]

Here's the sucker bet.

"Search available installation packages for words encryption and crypt, "

Hmm. There is, on most Unix boxes, an encryption utility called "crypt." It emulates a one rotor Enigma machine. IOW, it's an incredibly weak encryption. And this is the suggested replacement?

Note that they didn't say "crypto", they said "crypt."
posted by eriko at 7:12 PM on May 28, 2014 [2 favorites]

As far as alternatives go, I hear CryptoLocker is pretty secure? I know it's not free, but if no one can get to my files, then I might be willing to pay.
posted by ODiV at 7:18 PM on May 28, 2014 [3 favorites]

Besides http://truecrypt.sourceforge.net/, Archive.org has also excluded all copies of http://www.truecrypt.org/ from what I'm getting. Someone is busy with a big digital vacuum cleaner, I don't know whether to be amused or terrified.
posted by Iosephus at 7:21 PM on May 28, 2014 [7 favorites]

Are they recently excluded? Isn't the archive something you can opt out of?
posted by ODiV at 7:22 PM on May 28, 2014

The even mildly paranoid should assume that BitLocker and FileVault (as well as Symantec PGP and a bunch of others) have escrow keys that would allow Federal access to encrypted volumes. And you have to trust the TPM vendor. So...wtf? Open source GPG?
posted by kjs3 at 7:23 PM on May 28, 2014

.
posted by Bovine Love at 7:36 PM on May 28, 2014 [3 favorites]

Ok, I don't know a lot about software development or cryptography but this seems sketchy as hell. What's going on? What does this mean? If I'm still using an older version of true crypt, is it safe to keep using it? Argh.
posted by medusa at 7:38 PM on May 28, 2014

Archive.org can be opted out of via your robots.txt file: https://archive.org/about/exclude.php

They'll respect it pretty much immediately.
posted by caphector at 7:43 PM on May 28, 2014

Right then, sorry and disregard my ramblings. For a moment the surprise (to me) of archive.org regarding the TC pages being excluded made me worry.

A nice archive of what seem to be every source version of TC since forever was indeed quickly found via google here.
posted by Iosephus at 7:47 PM on May 28, 2014

Am I reading this correctly?

TrueCrypt shut down and basically told everybody to "use any other crypto program you want. Good luck, kids"?

That can only mean they were compromised somehow. I can't think of any other explanation.
posted by Avenger at 7:49 PM on May 28, 2014 [1 favorite]

I am intensely curious to find out if we ever find out what happened here.
posted by aubilenon at 8:04 PM on May 28, 2014 [9 favorites]

medusa: "If I'm still using an older version of true crypt, is it safe to keep using it?"

It's almost exactly as safe as it was before today to keep using an older version. It isn't really possible for a Nefarious Three-letter Agency to retroactively insert a vulnerability in a pre-existing copy of the software. We might be in the process of learning that a vulnerability exists, or an attempt was made to insert one. But things are still very unclear. Unless you are hiding things from a nation-state, you're raising your risk profile only infinitesimally by continuing to use your old copy of TrueCrypt.

If previous versions of the software turn out to have been compromised, that should be a much bigger story, like NYT and broadcast news-level (though with Snowden fatigue these days who knows).

Disclaimer: I'm not a computer security expert by any stretch of the imagination, just a nerd who likes doing programm-y stuff in my spare time.
posted by dendrochronologizer at 8:12 PM on May 28, 2014 [3 favorites]

That can only mean they were compromised somehow. I can't think of any other explanation.

1) Compromised. It would be total, because the new binaries are signed with the same key as the older ones, so the compromise means they also got the private passphrase and private key.

2) Developer Fallout, and one of them decided to take the keys and go home.

3) Warrant Canary, they're doing this to make you stop using TrueCrypt without actually telling you why because it's illegal for them to do so.

4) Dumb answer to a major flaw: They found a major hole in how TrueCrypt works and are responding badly (rather than saying "we have a problem, update now.)

5) Developer Compromise: The TrueCrypt devs are famously anonymous. Maybe someone was going to spill the beans, or is actively threatening the developers.
posted by eriko at 8:19 PM on May 28, 2014 [21 favorites]

It's almost exactly as safe as it was before today to keep using an older version. It isn't really possible for a Nefarious Three-letter Agency to retroactively insert a vulnerability in a pre-existing copy of the software.

It's not typically worth their time, but what you described is trivial for say, the Tailored Access Operations group, if you wanted to slowly exfiltrate data from TrueCrypt users that didn't realize they were compromised and were storing increasingly sensitive or detailed information, that would be pretty straighforward. It's not worth their time to attack you, is the more practical explanation of why most people have little to worry about "until they have something to hide" or a machine learning algorithm decides they might.

Every possible way of compromising a machine is NSA/TAO bread and butter, whether physical tampering, breaking into endpoints to circumvent encryption, and if necessary, going back to their roots and breaking encryption. But even better if you can convince someone to use an old version of something and let them quietly build their own "case" against them.

Modifying living executables is easy once you've busted your way in and have the resources of a Three Letter Agency with a massive shadow budget sucking up the best and brightest that are willing to sell their souls.
posted by aydeejones at 8:24 PM on May 28, 2014 [6 favorites]

Note: hashing algorithms aren't all that either, though that would be the most practical way to determine if you were hax0red. Also, if you have a silver cat and an eye patch and fifty AK-47s plated in 24K gold in your nuclear silo bunker you might have something to think about.
posted by aydeejones at 8:25 PM on May 28, 2014 [1 favorite]

You don't even need to compromise everybody's instance of TrueCrypt in an operation, just get involved in the moments of truth, like key generation.
posted by aydeejones at 8:27 PM on May 28, 2014

This kind of reads like a Dead Man's Switch or something. It reads like placeholder text that wasn't fully thought through.
posted by empath at 8:35 PM on May 28, 2014 [10 favorites]

Hi security types, I'm one of those idiots who started using PGP & GPG ages ago and gave up because it was a PITA. From reading the thread, I get the sense that TrueCrypt is the One True Crypter. Am I reading this thread correctly? I'd like to know there's something out there if the need ever arises (which it won't because I yams a law-biding am'rrkn).
posted by artof.mulata at 8:42 PM on May 28, 2014

aydeejones: "Modifying living executables" [...]

I'm not sure I completely understand what you're saying, but insofar as I do, it's not really about TrueCrypt. If the NSA has some particular reason to want to 0wn you, they are (almost certainly) going to do it whether you're using TrueCrypt, GPG, LUKS, something else, or nothing at all. I don't think there's any new reason to think older versions of TrueCrypt are suddenly more vulnerable.
posted by dendrochronologizer at 8:47 PM on May 28, 2014 [2 favorites]

Many days it feels like the infosec community (which keeps me employed, fed and caffeinated) can generate a completely endless stream of drama.

Whenever a security hole is uncovered, new keys must be generated. A stream of entropy is necessary for secure key generation. Drama is a kind of entropy. Ergo, whenever the infosec community is generating drama, there must be a new security hole.
posted by justkevin at 8:48 PM on May 28, 2014 [16 favorites]

you can see here that they have specifically disallowed ia_archiver, AKA internet archive.

however, http://truecrypt.org/robots.txt has a strange message, and thats not a default 404 page, its HTTP 410 Gone, a rarely used response type, and typing in any random gibberish gets you a different page that forwards you to the sourceforge site. weird.
posted by Mach5 at 8:49 PM on May 28, 2014 [3 favorites]

"10.4.11 410 Gone

The requested resource is no longer available at the server and no forwarding address is known. This condition is expected to be considered permanent. Clients with link editing capabilities SHOULD delete references to the Request-URI after user approval. If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 (Not Found) SHOULD be used instead. This response is cacheable unless indicated otherwise.

The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable and that the server owners desire that remote links to that resource be removed. Such an event is common for limited-time, promotional services and for resources belonging to individuals no longer working at the server's site. It is not necessary to mark all permanently unavailable resources as "gone" or to keep the mark for any length of time -- that is left to the discretion of the server owner."
posted by artof.mulata at 8:54 PM on May 28, 2014 [3 favorites]

and thats not a default 404 page, its HTTP 410 Gone, a rarely used response type,

From the W3C's error code definitions:

404 Not Found: The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
posted by fifthrider at 8:55 PM on May 28, 2014 [1 favorite]

If the NSA has some particular reason to want to 0wn you, they are (almost certainly) going to do it

Since they have professed to wanting to own everyone, and everyone is (assumedly) not yet owned, I cannot concur.
posted by RobotVoodooPower at 8:56 PM on May 28, 2014 [1 favorite]

I can't believe you missed an opportunity to call this "Tales from the 'Crypt."
posted by Zozo at 8:58 PM on May 28, 2014 [21 favorites]

1) Compromised. It would be total, because the new binaries are signed with the same key as the older ones, so the compromise means they also got the private passphrase and private key.

2) Developer Fallout, and one of them decided to take the keys and go home.

3) Warrant Canary, they're doing this to make you stop using TrueCrypt without actually telling you why because it's illegal for them to do so.

4) Dumb answer to a major flaw: They found a major hole in how TrueCrypt works and are responding badly (rather than saying "we have a problem, update now.)

5) Developer Compromise: The TrueCrypt devs are famously anonymous. Maybe someone was going to spill the beans, or is actively threatening the developers.
posted by eriko at 8:19 PM on May 28 [3 favorites −] [!]

All of those are true, but you'll notice that 1, 2, 3 & 5 basically amount to "we're being compromised/blackmailed, all hands abandon ship!"
posted by Avenger at 9:03 PM on May 28, 2014 [2 favorites]

This status code is commonly used when the server does not wish to reveal exactly why the request has been refused

Well, that's not ominous in the least. {/hamburger}

I *really* don't like the feel of this. I've been watching it develop all day & pored over the diffs for the 'new version', and it's definitely feeling closer to deadman's switch than anything else. Best-case: Accidental deployment when setting it up.

More-likely case: Something bad's gone down. Could be state action (Which state?), could be something else.

Right now, it feels like that scene in just about any media about giant leviathans, where a shadow is cast over the town below and there's a low rumbling, but nobody can see what's going on on the macro scale.

There are things happening that are not on our scale.
posted by CrystalDave at 9:05 PM on May 28, 2014 [6 favorites]

RobotVoodooPower: "Since they have professed to wanting to own everyone, and everyone is (assumedly) not yet owned, I cannot concur."

Jeez. I made my first comment to try to give a sensible answer to medusa's question which (I infer from the tone and venue in which it is asked) is more about protecting some old tax returns or a juicy trove of erotic fanfiction rather than government-level secrets. But don't let me rain on the paranoia parade.
posted by dendrochronologizer at 9:10 PM on May 28, 2014 [2 favorites]

Avenger: All of those are true, but you'll notice that 1, 2, 3 & 5 basically amount to "we're being compromised/blackmailed, all hands abandon ship!"

2 doesn't really. It could just be a developer infight, someone scuttling the project to avoid losing control of their 'baby'. It seems plausible if the majority of the developers wanted to move the project in a direction the minority felt was insecure, the majority overruled them, so the minority scuttles the project and taints it as 'insecure' to protect the user. But I think the NSL idea is probably more likely.

Not that an NSL would stop a popular open source project. It'll just get forked and developed in a different country.
posted by Mitrovarr at 9:16 PM on May 28, 2014 [1 favorite]

The TC devs have been willing to labor in obscurity for 10 years on an ideological project that almost certainly hasn't earned them a living, that is wasted on and unappreciated by most computer users, that could earn the devs some pretty powerful enemies, and the importance of which has arguably been steadily eroded by the feature creep of popular operating systems.

It would not be shocking to learn that the devs were fairly eccentric. Socially idiosyncratic. Crotchety. Grouchy. Zealots. Justified paranoids. Assholes, even. And I say this with affection: I've used TrueCrypt for years. It warms my heart to imagine that my security software was designed by grouchy zealot paranoid assholes.

I point this out because most of the "something is UP" vibe this story seems to radiate really just comes down to "But this is so abrupt and confusing!" That is, it comes down to the social signals connected to the event, or lack thereof. But the devs have never been very forthcoming with any sort of social signals. If they're grouchy zealot paranoids, they may see social signals as weakness. Well, in this newfangled game, where every detail of your writing style is preserved for all time, for later analysis by computers and programs that don't even exist yet, maybe they can be.

I'm coming around to the point of view that this isn't as crazy a way for the devs to quit the TC project as it seems at first blush. TC is open source and I'm sure the program will continue to be developed to some degree by someone. Probably several projects, several someones. Maybe the TC devs (who haven't updated TC at all in nearly two years) have a new project they view as more important. Maybe being a grouchy zealot is really tiring.
posted by Western Infidels at 9:24 PM on May 28, 2014 [25 favorites]

protecting some old tax returns or a juicy trove of erotic fanfiction rather than government-level secrets.

HOW DID YOU KNOW ABOUT MY FANFICTION
posted by medusa at 9:24 PM on May 28, 2014 [8 favorites]

Erotic tax return fanfiction.
posted by Chrysostom at 9:26 PM on May 28, 2014 [38 favorites]

Has anyone done a close read of the diffs between 7.2 and 7.1a? I'm far from an expert in such things but I found it interesting that the diffs include not just stuff that I assume is meant to disable encryption (e.g.: replacing huge chunks of code with AbortProcess("INSECURE_APP")) but also updates to status/warning messages, some of which appear directly related to the disabling of encryption, some are related to deactivating/shuttering the truecrypt.org domain, but also cases like this and this where they just replaced instances of "encrypt" with "encrypt/decrypt" (even though this version doesn't support encryption any more). This latter change might align with comment changes here and here.

Speaking of comments, there are also a couple of cosmetic (?) changes to comments like this one and this typo correction (?!).

In addition to the disabling of encryption and change to their license terms, they also removed references to their donations page (e.g.: this deletion) and the TrueCrypt user guide (e.g.: this addition). There's also big chunks of added code that I'm even less qualified to speculate about but appear to be related to new (?) in-place decryption features and resolving ambiguous volumes/paths.

I would definitely like to see an expert's take on the diffs, though.
posted by mhum at 9:27 PM on May 28, 2014 [6 favorites]

protecting some old tax returns or a juicy trove of erotic fanfiction rather than government-level secrets.

Now I'm curious about the possibilities contained within a juicy trove of erotic tax returns, and/or old government-level secret fanfiction.
posted by Ryvar at 9:28 PM on May 28, 2014 [3 favorites]

Damn you, Chrysostom!
posted by Ryvar at 9:28 PM on May 28, 2014 [4 favorites]

artof.mulata: The two serve different purposes. Truecrypt is for securing data at rest with symmetric keys and PGP is partially for securing data in motion and signing binaries with asymmetric keys.

Regarding the idea that they found a vuln and are handling it poorly: Maybe. If its a vuln that potentially opens up old Truecrypt encrypted drives, and patching would give away the vuln, it might actually be better to burn the project to the ground. Theres no concept of forward secrecy for data at rest. Think about the number of Truecrypt encrypted drives that law enforcement officals have that they would love to get into... burning it down becomes a lot more appealing then. Even if this isn't what happened, it strikes me as more legit than saying they're handling it poorly.

As some have pointed out, Truecrypt doesn't interface with the TPM, thus leaving it vulnerable to evil maid style attacks which have been public for a while. At least some security people (such as Trail of Bits dude dguido) are saying it's a good decision.

My money is one developer burning it down because they're tired of dealing with it, or are suffering some #badBIOS levels of stress or something. The blackmail/canary/etc scenarios hold some weight, but less so to me. I think it's fairly reasonable for the devs to look at the existing landscape, look at what would be required to implement TPMs with Truecrypt, and decided that it wasn't worth it.

While it's easy to throw stones at Bitlocker for its probable backdoor, depending on who you're trying to defend against, Bitlocker is better than Truecrypt. Specifically, if you're adversary isn't the US Govnt, the TPM integration with Bitlocker buys you more than Truecrypt without the backdoor. It seems reasonable that someone could look at this landscape and decide things are good enough?

I am very interested to see how this plays out more. It's certainly an interesting story.
posted by yeahwhatever at 9:29 PM on May 28, 2014 [7 favorites]

I'm too lazy to find it right now, but awhile back I did read Bruce Schneier's blog article about the various things he uses, and how he just kind of has to trust certain things without being 100% sure, and he has air gaps, and blah de blah. To me he was basically implying quite heavily that he uses TrueCrypt to hide super-duper-sensitive information and is protecting much more than just his Quicken files, and I could be misremembering, but I'm pretty sure he was working closely with Glenn Greenwald at the time and may have been reviewing some of the Snowden stuff too.
posted by aydeejones at 9:34 PM on May 28, 2014 [2 favorites]

This is at least part of what I'm talking about, not to suggest that Schneier has a motherlode of unknowably-badass scary NSA data, but he's not exactly the dude to just whisk away in secrecy either. So what we need is a twitter account with millions of followers doing this canary and dead man switch stuff...

@holy_fuck Oh shit, they're raiding me right now...#WTF #90sCyberPunkShitComesToLife #WTF!!!
posted by aydeejones at 9:40 PM on May 28, 2014 [1 favorite]

Man, nothing is safe, that Twitter idea is teh fail. But there's probably a way to pull off at least some level of oh-shittery notification that might in fact help save someone from giving in to a secret subpoena and pulling a Snowden with the aid of sympathetic news agencies or what have you. Can you help a secret subpoena announcer GTFO 'murka? Is that legal? Fuhhhhhh
posted by aydeejones at 9:44 PM on May 28, 2014

Regarding the 7.1a vs. 7.2 (decrypt-only) diff, from the /r/netsec thread:

HOWEVER, if we take a look on diff of his code, we can see two interesting things:

• messages about TrueCrypt not being secure
• and the second thing he changed everywhere U.S. text to United States

Here is where we drink...maybe a drinking game?
posted by aydeejones at 9:49 PM on May 28, 2014 [3 favorites]

No, pretty sure we just start drinking and never stop.
posted by contraption at 9:55 PM on May 28, 2014 [8 favorites]

Yeah, the NSA Revelations drinking game is mostly "I am all out of gin so it's time to switch to something harder"
posted by DoctorFedora at 9:56 PM on May 28, 2014 [17 favorites]

How about: there never were any zealot developers in the first place; TrueCrypt has been an NSA front from the start and the software creates some sort of subtle security vulnerability when you install it; and this is all happening because someone else compromised their equivalent of a botnet's command-and-control servers.
posted by XMLicious at 10:05 PM on May 28, 2014 [6 favorites]

The name is certainly Orwellian in context with everything else. It really hides the information! Truly. And so easy to use, and in a world where people maybe, finally aren't using admin privileges on their Windows machines to do everything, it kinda needs those to function which also gives it unfettered access to your whole machine, last time I checked (common scenario: external flash or HDD media needing admin to mount).

I hit my Windows key and typed "True..." and yup, I have the 7.1a installer downloaded April, 2013. Need to check the MD5s, I don't think it's some elaborate hard-to-find thing at this point but I'll keep it forever because I don't know.

As for the whole thing with 7.2 being decrypt-only and not connecting to the internet and such (I should be done after this), there could be a conficker-level payload deployed to machines worldwide that is just waiting for people to dump their volumes into the clear. Granted, they are just as vulnerable decrypting their volumes at all using the 7.1 version, but instilling a panic and watching who downloads it (not likely high-value targets if they're that dense or unconcerned, but hmm, what's their deal) and who doesn't could have some value. It's all so insanely weird.
posted by aydeejones at 10:08 PM on May 28, 2014

How about: there never were any zealot developers in the first place; TrueCrypt has been an NSA front from the start and the software creates some sort of subtle security vulnerability when you install it

This has long been been my line of thought regarding BitCoin.

It amazes me how the seemingly most paranoid people are all "Software created by anonymous entities? Sign me up! I can't wait to use it to store my most sensitive files/conduct illegal transactions!"
posted by Sangermaine at 10:43 PM on May 28, 2014 [15 favorites]

"I am all out of gin so it's time to switch to something harder"

Trash-can Gin!
posted by hellojed at 11:03 PM on May 28, 2014

No, pretty sure we just start drinking and never stop.

That's my favorite drinking game. It's called "Drink." Someone starts by pointing at someone and saying "drink." That person drinks as much as she can, points at a new person and says "drink." Rinse and repeat all night.
posted by mrgrimm at 11:05 PM on May 28, 2014 [7 favorites]

It amazes me how the seemingly most paranoid people are all "Software created by anonymous entities? Sign me up! I can't wait to use it to store my most sensitive files/conduct illegal transactions!"

For this reason, I wouldn't expect BitCoin or TrueCrypt would have seen nearly as much uptake if they were closed source. That said, it is true that lots of people just download the binaries, trusting that they do what the published source code says.

It's really not clear whether anonymous strangers on the internet are more or less likely to install a backdoor than a large well-known corporation. Though I suppose if you're already on windows, using a Microsoft-provided encryption solution makes some sense because if they've sold you out you're fucked no matter who does your full-disk encryption.
posted by aubilenon at 11:18 PM on May 28, 2014 [4 favorites]

That said, it is true that lots of people just download the binaries, trusting that they do what the published source code says.

It's a hard problem, because if you are truly creating software for users, you can't be expecting them to interpret and audit the source code, nor even to know how to compile it. Should every Firefox user be expected to understand the code? Should every Linux user, including, you know, everyone with an Android device? There is implicit trust in the vague crowd of people who are assumed to be not-evil, and are assumed to know what they're doing. Some source code is still preferable to no source code as far as I'm concerned, despite the fact that it's not a perfect system.
posted by Jimbob at 12:52 AM on May 29, 2014 [6 favorites]

Some source code is still preferable to no source code as far as I'm concerned, despite the fact that it's not a perfect system.

Oh for sure. And the availability of source at least gives paranoid users the opportunity to build it themselves, and to kickstarter an audit.
posted by aubilenon at 1:20 AM on May 29, 2014 [1 favorite]

The first thing that jumped out for me was the fact MS ended support for Windows XP in April not in May.
posted by fullerine at 2:39 AM on May 29, 2014 [6 favorites]

> 1) Compromised. It would be total, because the new binaries are signed with the same key as the older ones, so the compromise means they also got the private passphrase and private key.
> 2) Developer Fallout, and one of them decided to take the keys and go home.
> 5) Developer Compromise: The TrueCrypt devs are famously anonymous. Maybe someone was going to spill the beans, or is actively threatening the developers.

We don't know how well the devs know each other; and it's possible they don't.

So to combine these three possibilities: Maybe one or more of the anonymous devs discovered that one or more of the other anonymous devs was a government employee, and so the code signing private key had been within reach of the NSA already.
posted by ardgedee at 4:10 AM on May 29, 2014 [5 favorites]

however, http://truecrypt.org/robots.txt has a strange message, and thats not a default 404 page, its HTTP 410 Gone, a rarely used response type, and typing in any random gibberish gets you a different page that forwards you to the sourceforge site. weird.

I've actually never seen a 410 GONE before, what the hell?

This also seems like another good place to soapbox my point that the internet archive shouldn't instantly, retroactively delete the ENTIRE history for a site based on a new robots.txt.

Maybe the last year? But seriously, there's been sites with histories dating back to the early 2000s or 90s that get completely wiped because some domain squatter or internal catfight between new owners/the admins/whatever causes a new robots.txt file to go up and the whole thing goes kablooey.
posted by emptythought at 4:28 AM on May 29, 2014 [10 favorites]

> I've actually never seen a 410 GONE before, what the hell?

That's because people rarely maintain sites by hand. 410 is the correct status response if you want the user-agent to stop looking for the page or requesting for followups: "Sorry, dude. This is it." Usually what returns when a user visits a formerly-existing page is 404 Not Found, which means that the page isn't here now, and stop looking further; but 404 also means the page might come back later.

Websites are supposed to use 410 when they pull stale web content that's not coming back. 404 leaves status ambiguous. 404 has become the default configuration out of lazy good-enough server admin rationale, which is why 410 stand out as alarming here.

tl;dr: Some by-the-book guys are doing things by-the-book.
posted by ardgedee at 5:07 AM on May 29, 2014 [12 favorites]

A secret court order requiring them to insert a backdoor into an open source piece of software and get everybody to update has some major practical problems

This is the awesome part of secret warrants issued by secret courts where you aren't allowed counsel because secret. You can require any American citizen to do whatever you desire, or you put them in jail. Once in jail, you can torture them (See: Chelsea Manning) and frame them for crimes to make their stay indefinite.

So this isn't just a warrant canary, they're poisoning the whole magilla in a bid to make them no longer interesting for the Government to put the screws to. There may be some vindictive backlash, but the devs probably see this as preferable to being in perpetual thrall to ideological opponents, with the threat of perpetual torture in jail hanging over their heads for unsatisfactory compliance.
posted by Slap*Happy at 5:15 AM on May 29, 2014 [4 favorites]

I was really hoping to wake up to find this mystery solved.
posted by Adam_S at 5:22 AM on May 29, 2014 [12 favorites]

I use TrueCrypt only for file/folder encryption at work to keep personal files away from prying IT eyes. What are the real choices now to replace it? I can do GPG on the command line, but that's kind of a pain.
posted by tommasz at 6:22 AM on May 29, 2014

We can all relax now. The NSA have confirmed that TrueCrypt is fine.
posted by Poldo at 6:49 AM on May 29, 2014 [18 favorites]

Pretty chilling.
posted by So You're Saying These Are Pants? at 7:02 AM on May 29, 2014

I've implemented a 410 Gone on my Apache server to get some very persistent robots to stop trapping themselves in an infinite URL tar pit. It's no big deal to do, both mod_rewrite and mod_alias make it easy enough. But it's an unusual handcrafted sort of thing, not a default action any web server's going to give you out of the box. The main reason people use it in practice is hoping it will encourage search engines to remove the page from its index more quickly, although in practice that probably doesn't work. Anyway it's a particularly odd thing to do with a robots.txt. But while a 410 is idiosyncratically pedantic, I don't think it has any Big Meaning.
posted by Nelson at 7:15 AM on May 29, 2014 [1 favorite]

I'm guessing that our firm is still safe using version 7.1a for purposes of keeping random people out if a laptop is lost or stolen.
posted by charred husk at 7:18 AM on May 29, 2014

Metafilter: .. idiosyncratically pedantic, I don't think it has any Big Meaning
posted by Bovine Love at 7:23 AM on May 29, 2014 [5 favorites]

I kinda wonder if they knew something was going to come up with Phase II of the audit and decided to pull the plug before it did....
posted by kaibutsu at 7:23 AM on May 29, 2014 [2 favorites]

My understanding is that the phase 1 audit that has been completed isn't sufficient to count as an "all clear," and that part of the audit process would be verification that the binaries come from the published source.

In fact my recollection is that the audit project sprouted from or was inspired by an earlier, less ambitious attempt to create a reproducible build environment for Windows TrueCrypt - to set up a system that could produce the published binaries exactly from the published source. Which eventually succeeded.
posted by Western Infidels at 7:56 AM on May 29, 2014 [2 favorites]

there's something happening here
what it is ain't exactly clear...
posted by bruce at 8:03 AM on May 29, 2014 [1 favorite]

Mark Pilgrim used 410 Gone when he decided to delete himself from the internet. His blog and all of his books were 410 Gone. It's quite a statement to make.
posted by zsazsa at 8:18 AM on May 29, 2014 [7 favorites]

Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation.

Typical man page, IMHO.
posted by Mo Nickels at 8:54 AM on May 29, 2014 [6 favorites]

old government-level secret fanfiction

Lemon Lyman dot com
posted by BrashTech at 8:59 AM on May 29, 2014 [3 favorites]

not all man pages
posted by thelonius at 9:30 AM on May 29, 2014 [30 favorites]

It's probably an old joke, but the most spectacularly passive-aggressive Linux user forum response I've seen was something like

Hi! Give this a try:
$ man man
You should be able to work out the rest from there. HTH.

posted by metaBugs at 9:47 AM on May 29, 2014 [12 favorites]

In fact my recollection is that the audit project sprouted from or was inspired by an earlier, less ambitious attempt to create a reproducible build environment for Windows TrueCrypt - to set up a system that could produce the published binaries exactly from the published source. Which eventually succeeded.

Are you sure it succeeded? According to the audit team repeatable builds were going to be the next step.

If it turns out TrueCrypt official buids were hinkey in some way, Stallman gets another millimeter on his beard.
posted by RobotVoodooPower at 9:51 AM on May 29, 2014 [3 favorites]

Ah, you might be thinking of Tor's deterministic builds, which were to be used as a starting point for TrueCrypt.
posted by RobotVoodooPower at 10:03 AM on May 29, 2014

Prime Minister names DOJ's top national security and law enforcement lawyer as next Privacy Commissioner of Canada (via ioerror)
posted by jeffburdges at 10:17 AM on May 29, 2014 [1 favorite]

aydeejones: "and the second thing he changed everywhere U.S. text to United States"

Yeah, I noticed that too. I suspect this has to do with a different version of Visual Studio or whatever is automatically generating those resource files but my cursory Googling was inconclusive.
posted by mhum at 10:23 AM on May 29, 2014 [1 favorite]

Wait, was this note on there before?

"WARNING: Using TrueCrypt is not secure"

So - it seems as if they're giving some excuse. Or is this what they're saying in general...
posted by symbioid at 10:39 AM on May 29, 2014

RobotVoodooPower: Are you sure [the effort to reproduce the Windows TrueCrypt build] succeeded?

You can read the gory details at How I compiled TrueCrypt 7.1a for Win32 and matched the official binaries.
posted by Western Infidels at 11:03 AM on May 29, 2014 [4 favorites]

Wait, was this note on there before?

"WARNING: Using TrueCrypt is not secure"

I'm stealing this curious bit from comment section of the post on Schneier on Security:

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues
WARNING: Using TrueCrypt is not secure as...
WARNING: TrueCrypt is not secure as...
WARNING: TrueCrypt is Not Secure As...
WARNING: TrueCrypt is NSA
posted by ringu0 at 11:09 AM on May 29, 2014 [10 favorites]

TrueCrypt is NSA

Yep, we're living in a cyberpunk ARG now
posted by tyllwin at 11:17 AM on May 29, 2014 [13 favorites]

Has there been any discussion of alternatives? Are there any (relatively) trustworthy tools that do (some of) what TrueCrypt did?
posted by reprise the theme song and roll the credits at 11:19 AM on May 29, 2014

A list of some Truecrypt alternatives for Windows. Not sure how good/reliable some of these are.
posted by nubs at 11:25 AM on May 29, 2014

I'm a bit saddened with the realization that my gut reaction to the idea that "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" is reducible to "WARNING: TrueCrypt is NSA" is "Seems plausible", but here we are.

Anyway, as long as we're looking for secret messages like that, the instructions for Mac and Linux users page that skymt and eriko note essentially boils down to "If you have Linux, replace TrueCrypt with trivial WWII-era nuts-and-bolts encryption" also contains another whopper:

In the Mac section, it says

Click New Image icon. Select Size according to the size of data encrypted by TrueCrypt and select Encryption. Then click Create to create a new encrypted virtual disk file:

Which is followed by a picture of the dialog box where you would do all that. Note that they don't say what you should set "Encryption" to in those instructions. But in the picture, "Encryption" is set to "None".

And of course the Windows page says to use BitLocker. So my tin foil hat tells me that the TrueCrypt people are saying:

You can replace the protection TrueCrypt affords you with no encryption at all. Or, equivalently, BitLocker.

I'm going to keep using BitLocker (I had used TrueCrypt until upgrading to Windows 8 and seeing that you now had to jump through hoops to use TrueCrypt for full disk encryption), since I don't have a better alternative and since really my personal concerns are "keep my bank records away from someone who steals my laptop" as opposed to "keep the NSA out", but this is all disturbing.
posted by Flunkie at 11:35 AM on May 29, 2014 [2 favorites]

ringu0:
"WARNING: TrueCrypt is NSA"

A reddit user points out

if we take a look on diff of his code, we can see two interesting things:

messages about TrueCrypt not being secure
and the second thing he changed everywhere U.S. text to United States

posted by wcfields at 11:45 AM on May 29, 2014

If you look at the comments in that thread (and this one), it's pointed out that the change from "U.S." to "United States" most likely just means the devs upgraded to a later version of Visual Studio.
posted by reprise the theme song and roll the credits at 11:49 AM on May 29, 2014 [1 favorite]

reprise the theme song and roll the credits: "If you look at the comments in that thread (and this one), it's pointed out that the change from "U.S." to "United States" most likely just means the devs upgraded to a later version of Visual Studio."

Yeah I caught that right after :/

Was really hoping it was THAT subtle/obvious of the dev to put a flag in there.
posted by wcfields at 11:56 AM on May 29, 2014

eriko: There is, on most Unix boxes, an encryption utility called "crypt." It emulates a one rotor Enigma machine. IOW, it's an incredibly weak encryption. And this is the suggested replacement?

Flunkie: ...the instructions for ... Linux users ... boils down to "If you have Linux, replace TrueCrypt with trivial WWII-era nuts-and-bolts encryption"

I'm waaaay outside whatever expertise I may have, here, but the Linux packages that set up full-disk encryption mainly use dm-crypt, a modern Linux component designed for exactly this job. This is a distinct thing from the obsolete crypt.

The migration-from-TrueCrypt-on-Linux "instructions" are both ridiculous and legit at the same time; you'd probably end up here and that would work out.
posted by Western Infidels at 12:04 PM on May 29, 2014 [1 favorite]

It's true that the TrueCrypt devs are likely to be quite aware of a lot of ways to plausibly-deniably communicate secrets.

It's true that the NSA and other government agencies are doing a lot of unpleasant things these days, and can plausibly assert the authority to order their victims into silence.

It's also true that it's a lot of fun to analyze the imagery of an album cover in search of hints that one of the band members has suffered an untimely demise.
posted by reprise the theme song and roll the credits at 12:38 PM on May 29, 2014 [3 favorites]

wcfields: "reprise the theme song and roll the credits: "If you look at the comments in that thread (and this one), it's pointed out that the change from "U.S." to "United States" most likely just means the devs upgraded to a later version of Visual Studio."

Yeah I caught that right after :/

Was really hoping it was THAT subtle/obvious of the dev to put a flag in there."

I don't get this. At all.

I have Visual Studio 2013 and it doesn't do any kind of comment/ acronym expansion for me automatically. Even if you have code analysis expansion turned on, it entirely depends on the developer to create and maintain those rules in a dictionary file. IDEs don't just randomly go around manipulating comments and text automatically.

Maybe there is some sort of plug-in that provides this feature, but saying "oh, it's an upgrade" isn't a satisfactory answer.
posted by boo_radley at 12:40 PM on May 29, 2014 [1 favorite]

Reportedly the "U.S."/"United States" changes were in template text that came from Visual Studio.
posted by reprise the theme song and roll the credits at 12:49 PM on May 29, 2014 [2 favorites]

There we go. Thanks.
posted by boo_radley at 12:52 PM on May 29, 2014

Via friends on Twitter: fanfic tagged "taxes", also a "taxfic challenge". (Rule 34, y'all.)
posted by epersonae at 12:53 PM on May 29, 2014 [1 favorite]

Okay, I just checked. If you search through the diff, all the "United States" changes went like this:

-// English (U.S.) resources
+// English (United States) resources

in files that have this at the top:

// Microsoft Visual C++ generated resource script.

I think we can put that one to bed, yeah.
posted by reprise the theme song and roll the credits at 12:55 PM on May 29, 2014 [2 favorites]

Guys, guys, did you hear the documents changed U.S. to United States? What does it mean?
posted by Nelson at 12:58 PM on May 29, 2014

I hate it when people check in generated files.
posted by Bovine Love at 1:24 PM on May 29, 2014 [1 favorite]

It seems to me that with a vacuum left behind, if the suspicion is that it was compromised by the NSA that this is an opportunity to create an opensource encryption honeypot in order to find/track accesses of the source.
posted by plinth at 1:38 PM on May 29, 2014

Ubuntu and ubuntu derived distributions seems to have a tickbox upon installation for encrypting the userdir with ecryptfs.
posted by xcasex at 2:17 PM on May 29, 2014

TrueCrypt is still safe to use.
posted by NSA at 3:22 PM on May 29, 2014 [27 favorites]

I hate it when people check in generated files.

RC files are source files. They can be written by hand, but that's a pain, so they're usually authored with a GUI editor.
posted by aubilenon at 3:27 PM on May 29, 2014

What with this and the cryptome.org kickstarter campaign with creeper video of Greenwald et al at the recent Pulitzer ceremony (remembering John Young had suspicions that WikiLeaks was persuing donations to its likely detriment, and has never previously requested donations) this has been a strange day of unexpected behaviour from groups ppl like to trust. More:

http://www.dailydot.com/politics/cryptome-kickstarter/
posted by bigZLiLk at 3:52 PM on May 29, 2014 [1 favorite]

I'm a big fan of Cryptome and in general respect how he was doing the Wikileaks thing way, way before Wikileaks. But one of the things he's hosting, since March 8, is a complete doxxing of Leah McGrath Goodman, the journalist who wrote that "I know who Satoshi Nakamoto" article is for Newsweek a few months back. I didn't like that article either but it seemed beyond the public interest to be hosting pictures of her, her UK visa, her real estate records, etc. I assume he felt that was fair play and in the public interest, but I disagree entirely.
posted by Nelson at 5:12 PM on May 29, 2014 [2 favorites]

My mistake, aubilenon, I hadn't looked at exactly what file was changed, and had been fighting the problem (of checked in generated files) very recently, was was inclined to jump to conclusions :).
posted by Bovine Love at 5:44 PM on May 29, 2014

For Linux there are (at least) two viable alternatives: tc-play, and crypt-setup.
posted by Poldo at 6:34 PM on May 29, 2014

TrueCrypt is still safe to use.
posted by NSA

Well, that's all the assurance I need!
posted by wenestvedt at 6:47 PM on May 29, 2014

A Truecrypt developer speaks (allegedly):

Steven Barnhart (@stevebarnhart) wrote to an eMail address he had used before and received several replies from “David.” The following snippets were taken from a twitter conversation which then took place between Steven Barnhart (@stevebarnhart) and Matthew Green (@matthew_d_green):

• TrueCrypt Developer “David”: “We were happy with the audit, it didn't spark anything. We worked hard on this for 10 years, nothing lasts forever.”
• Steven Barnhart: (Paraphrasing) Developer “personally” feels that fork is harmful: “The source is still available as a reference though.”
• Steven Barnhart: “I asked and it was clear from the reply that "he" believes forking's harmful because only they are really familiar w/code.”
• Steven Barnhart: “Also said no government contact except one time inquiring about a ‘support contract.’ ”
• TrueCrypt Developer “David”: Said “Bitlocker is ‘good enough’ and Windows was original ‘goal of the project.’ ”
• Quoting TrueCrypt Developer David: “There is no longer interest.”

posted by Jimbob at 9:56 PM on May 29, 2014 [3 favorites]

Geezes, one of the features I liked about Truecrypt over Windows Encryption is it isolated my encrypted files from whatever brain dead feature creep Microsoft would decide to roll out in a service pack that would make all my files read only or something. And do any of the OS level tools support the plausible denyabilty features of Truecrypt's container within a container feature? That has always seemed to me to be one big advantage of Truecrypt over any other package.

Besides, on Windows anyways Truecrypt "just worked" and was easy to work with (or at least as easy as any encryption package is likely to be).
posted by Mitheral at 11:54 PM on May 29, 2014

If it's a case of the developers no longer having interest / not seeing the point in adding new necessary functionality to keep up with the times, it's a pity but understandable. Makes you wonder how many other good freeware / open source projects many of us depend on to do things are similarly fragile in that they wouldn't exist if not for two or three developers that keep it going on, perhaps even to the obsession point.
posted by Iosephus at 2:35 AM on May 30, 2014

I could imagine the TrueCrypt dev team just got tired of working on it. I mean, would you want to maintain a Windows filesystem driver? Ugh. But what a bizarre and unprofessional way to shut it down, particularly immediately sounding an alarm about the security of your security product. I mean they don't owe us anything, but in this atmosphere of things like the Lavabit shutdown a little more caution in communications seems important.

The @OpenCryptoAudit Twitter account made its promised announcements. Still auditing TrueCrypt, will also be auditing OpenSSL, and are thinking about a TrueCrypt fork.
posted by Nelson at 8:30 AM on May 30, 2014

I really hope someone with the skills and trustability forks it, and it is continually audited by outside professionals as necessary. I don't use crypto, but I feel kind of bad about not doing so. I feel like I should just on principle. Wait, is this something I should be admitting? LOL.

Seriously though, good on them for doing this unglorious and very difficult labor for so many years, but boo for such a shitty way to end it.
posted by symbioid at 8:42 AM on May 30, 2014

I use TrueCrypt on about 30 corporate machines and it works out wonderfully (to the best of my knowledge) and like many I'm feeling a bit unprepared for my next steps. For the time being I'm operating on the assumption that it is secure enough to handle my use cases, which is primarily making any stolen computer a paper weight with no accessible data. For now I'll continue to use it but I never imagined it would fall apart like this.

The best theory I've found so far is that some other group raised $30k to audit TC, but the developers of TC have probably made very little money with donations. So you have some code auditors making money to find stuff to bitch and moan about. Objectively speaking, you appreciate the criticism but deep down you feel rather pissed because everyone expects you to write NSA-thwarting software for free.

I would have preferred instead if they made a clear case for the community to pony up some money or they would cease development. I know I would have gotten my company to pitch in.
posted by dgran at 10:42 AM on May 30, 2014

handle my use cases, which is primarily making any stolen computer a paper weight with no accessible data.

Yeah, my use case boils down similarly - not even necessarily to paperweight for a lost/stolen computer/laptop/memory stick, just to "getting at this data is too difficult/painful for what might be in there, screw it." And without the suspicion that there's a government/corporate backdoor. TrueCrypt was pretty useful that way.

Bigger complication is that TrueCrypt was pretty straightforward for non-techy users once installed, and I could do partitions - so memory sticks that were used to handle both sensitive information and things like public presentation slides were possible (people could use one memory stick, and not have to fuss around getting in if they were just out to do a talk). Now I need to find something trustworthy and easy.
posted by nubs at 10:50 AM on May 30, 2014

Steve "SpinRite" Gibson (who is a crank, but a smart one) thinks TrueCrypt 7.1 is still safe to use, quoting tweets from the OpenCryptoAudit project:

> We are continuing forward with formal cryptanalysis of TrueCrypt 7.1 as committed, and hope to deliver a final audit
> report in a few months.

> We are considering several scenarios, including potentially supporting a fork under appropriate free license, w/ a fully
> reproducible build.

I am going to keep on using TrueCrypt for the moment, pending further word, for these reasons:

= If there is a huge flaw in the 7.1 source, the audit will find it. If the audit team does find some gaping hole, I expect they will say so at once without waiting for the final report. There will be plenty of folks listening for that shoe to drop. The longer it goes without dropping, the more likely it becomes that there's no huge flaw.

= If a backdoor not in the open source has somehow been slipped into the precompiled binaries, whether due to pressure from a three-letter agency or for whatever reason, clean recompiles from clean source will be done by others. Old possibly-compromised TrueCrypt volumes can then be extracted and re-encrypted as needed, or just in case.

= If the encryption method that TrueCrypt depends on has been cracked, either by a three-letter agency or space aliens working for Putin or whomever, and the devs became aware of this and fled, they will find a way to get the word out--not just "don't use it" but also why-- because such a crack would be fatal to a lot of other stuff besides just TrueCrypt and such folks will want everyone to be aware.

-- my .00001% of a bitcoin.
posted by jfuller at 10:57 AM on May 30, 2014

MetaFilter: a crank, but a smart one.
posted by Nelson at 11:12 AM on May 30, 2014 [1 favorite]

clearly truecrypt was behind the disappearance of mh370. wake up, sheeple.
posted by quonsar II: smock fishpants and the temple of foon at 11:25 AM on May 30, 2014

Here is hoping for a fork. I use TrueCrypt for a couple of different reasons: (1) I back up my home file server on a daily basis, but on a weekly basis I back it up to one of a rotating set of hard drives that I keep offsite in case the house floods or burns down or whatnot. Because I move my personal data offsite, I encrypt the disks so that if I lose them, it is not obvious that the disk contains anything useful and it will be difficult for someone to get anything useful from them. I am no wizard, but TrueCrypt is easy enough to use from the command line that I was able to script automatic encryption without much difficulty. (2) I occasionally have to move confidential work files to a USB drive, and I like to encrypt them to keep client information safe. In both cases, I like having the option of opening the encrypted drive/partition/file on both Windows and Linux machines. For these purposes, it was amazingly useful and user-friendly product.

I'm not so worried about the NSA prying into my erotic tax return fanfic, so I don't have any immediate plans to migrate to a different product. But given the apparent death of TrueCrypt, it would be nice to have a reliable, cross-platform option that permits on-the-fly full-drive, partition, and file-container encryption in a similar fashion. If any MeFites are aware of any such alternatives, I'd love to know about them.
posted by dilettanti at 1:34 PM on May 30, 2014 [2 favorites]

> wake up, sheeple.

Well, Q, if it does turn out I can't use TrueCrypt any more I'm just going to rot13. I have nothing to hide!
posted by jfuller at 6:20 PM on May 30, 2014

For really important stuff, I rot13 it twice.
posted by aubilenon at 7:02 PM on May 30, 2014 [6 favorites]

Some alternatives here, I see others in the comments of the Bruce Schnier site.
posted by Admira at 7:31 AM on May 31, 2014

This was an interesting theory for shutting down in a comment on the Krebs on Security site.
posted by schnee at 12:11 PM on May 31, 2014 [2 favorites]

TrueCrypt has been forked, and there is a movement to save it by taking it over. Hoist the Jolly Roger!
posted by IAmBroom at 8:41 AM on June 2, 2014 [1 favorite]

If you have Linux, replace TrueCrypt with trivial WWII-era nuts-and-bolts encryption

This is a very strange assertion. I'd have to go out of my way to find WW II era crypto for Linux; I already know how to set up my choice of AES, TwoFish, Blowfish, or Serpent.
posted by Zed at 12:02 PM on June 10, 2014

We're slouching toward gematrian analysis of the TrueCrypt communiqué:

Taking the first letter of each letter in "Using TrueCrypt is not secure as it may contain unfixed security issues" results in uti nsa im cu si which is Latin for "If I wish to use the NSA".

(These links are provided for entertainment purposes only.)
posted by Zed at 10:23 AM on June 16, 2014 [3 favorites]