Forgot your password?
typodupeerror
Encryption Government Your Rights Online

The Sudden Policy Change In Truecrypt Explained 475

Posted by timothy
from the maybe-your-canary-needs-a-canary dept.
X10 (186866) writes "I use Truecrypt, but recently someone pointed me to the SourceForge page of Truecrypt that says it's out of business. I found the message weird, but now there's an explanation: Truecrypt has received a letter from the NSA." Anyone with a firmer source (or who can debunk the claim), please chime in below; considering the fate of LavaBit, it sure sounds plausible. PCWorld lists some alternative software, for Windows users in particular, but do you believe that Microsoft's BitLocker is more secure?
This discussion has been archived. No new comments can be posted.

The Sudden Policy Change In Truecrypt Explained

Comments Filter:
  • That's not proof! (Score:5, Insightful)

    by Threni (635302) on Sunday June 01, 2014 @03:25PM (#47142457)

    You're taking twitter posts too seriously. That's just speculation based on what appeared on their site the other day, followed by:

    "Alyssa Rowan @AlyssaRowan
    @munin @0xabad1dea @puellavulnerata I can confirm presence of TrueCrypt duress canary as per 2004 conversation"

    Sorry, who the fuck are you?

    • Re: (Score:2, Interesting)

      by mmell (832646)
      Wow, they implemented the canary on their website? That by itself is major league cool!

      I am however very sorry to hear that TrueCrypt may be going away. I personally use LUKS (being a Linux user), but this is still bad news for end users in the computing community.

      • Re:That's not proof! (Score:4, Informative)

        by fnj (64210) on Sunday June 01, 2014 @06:39PM (#47143469)

        very sorry to hear that TrueCrypt may be going away

        Ya think? Really? You are hereby awarded the prize for most spectacular understatement of the obvious. Sorry, I do not intend to be mean; it just hit my funny bone; peace, man. It's somewhat akin to stating that the US "may be entering a period of decline" or saying in 2004 the space shuttle program "may be winding down".

        OTOH, seriously, the project may have gone deader than a doornail overnight, but use of 7.1a is still just as viable as it was before the stunning suicide note. It has passed the independent stage 1 security audit with thumbs up, and if you don't already have a copy it's not hard to find out there. Pretty sure in the long run somebody will pick up the pieces and carry on. The HQ for the next project will clearly have to be located some place other than the inheritor of the Nazi Germany/Soviet Russia mantle of most despicable police state.

        LUKS is very good, but until someone works out a way to do hidden containers, it's not even close to a replacement for the most critical feature of TrueCrypt.

    • "Alyssa Rowan @AlyssaRowan @munin @0xabad1dea @puellavulnerata I can confirm presence of TrueCrypt duress canary as per 2004 conversation"

      Sorry, who the fuck are you?

      If it's the real Alyssa Rowan tweeting that then it's a pretty reliable source.

      • Could you clarify? Who is Alyssa Rowan to TrueCrypt? Sorry for my ignorance, I tried Googling a bit and just got links to this article.
        • Re:That's not proof! (Score:5, Interesting)

          by arglebargle_xiv (2212710) on Sunday June 01, 2014 @04:19PM (#47142777)

          Could you clarify? Who is Alyssa Rowan to TrueCrypt? Sorry for my ignorance, I tried Googling a bit and just got links to this article.

          It's someone who has been active in the crypto/security community for awhile now. Personal details are pretty scarce (i.e. it could be a front for the NSA for all anyone knows), but the persona has been active in crypto. If you want something to Google on try "alyssa rowan cryptography".

        • clearly the name is an anagram that you aren't Robert Langdon enough to suss out.

    • by Anonymous Coward on Sunday June 01, 2014 @03:52PM (#47142617)

      "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"

      • by ysth (1368415)

        Yes, it seems pretty clear to me that this is a warrant canary.

        It may still be that they triggered it (or let it self-trigger via inaction) out of lack of desire to continue the project.

        In any case, the presumed goal of the canary - making sure that no one trusts any future TrueCrypt version released via the normal channel - has certainly been successful.

      • by Anonymous Coward on Sunday June 01, 2014 @04:25PM (#47142803)

        Haha. Frankly, usable crypto kits need security audits.

      • by Jane Q. Public (1010737) on Sunday June 01, 2014 @05:57PM (#47143243)

        WARNING: Using TrueCrypt is notsecure as it may contain unfixed security issues

        But this raises many questions.

        (1) If Truecrypt were secure in the first place, a National Security Letter would have been of no use: the developers would be no more help de-crypting something than anyone else. So in the usual context, a NSL has no point whatever.

        (2) A demand for other records, say about the developers, would also not invalidate the CODE of Truecrypt in any way.

        So that only leaves a couple of possibilities as legitimate reason for a canary: (3) Possible coercion by the government to somehow weaken their crypto.

        (4) Discovery of some prior "backdoor" that had somehow been inserted in the past.

        (5) Maybe some of the developers wanted to remain strictly anonymous and so any overtures made by the government at all created panic.

        Since the people doing the security audit have announced that it will continue, if it turned out to be (4) it will be discovered soon. Which it seems to me leaves only (3) and (5) as any kind of government "threats" that make any sense.

        Any other ideas?

        • by Shawndeisi (839070) on Sunday June 01, 2014 @06:16PM (#47143363)

          I would guess that they were NSL'd for their signing keys; that would make it less secure in the future so the correct option is to burn the brand now. Reports said that both signing keys signed the new (crippled/canaried) executable, and that the keys had been re-uploaded with the same content on sourceforge. Their legit URL points to their sourceforge site. Instances of "U.S." in their source code were replaced with "United States".

          It looks to me like they went through a lot of trouble to burn the brand down before any damage could be done with the NSA's new-found signing keys. It's a very, very bad sign that this happened to TrueCrypt. Good on them for being brave enough to inform us, despite the real risks they faced in doing so. If this project is forked, we can only hope the new maintainers are brave enough to do the same when the NSA goes after them. It also raises the question: how much other infrastructure has been compromised while the maintainers have stood silently by?

          • I would guess that they were NSL'd for their signing keys; that would make it less secure in the future so the correct option is to burn the brand now.

            I know that it sometimes doesn't mean much given today's Federal government, but an NSL would not cover this eventuality. A NSL only gives the government authority to grab information without a warrant that would otherwise be grabbable with a warrant.

            Their signing keys do not qualify. There is no law in this country authorizing the seizure of this kind of information. It is a "trade secret", nothing else. The ONLY thing the government could want signing keys for is nefarious purposes.

            • by Jason Levine (196982) on Sunday June 01, 2014 @11:47PM (#47144695)

              Let's assume that the government would be breaking the law by NSLing the signing keys. (As opposed to the law being so mucked up that such an action is entirely legal.)

              1) What lawyer is going to be able to fight this battle against the US Government and win? Let me narrow that list down a bit. What lawyer that the TrueCrypt developers would hire would be able to fight this battle against the US Government and win?

              2) Would the TrueCrypt developers even be allowed to see a trial or would they be arrested on "unrelated" charges and sent to prison? Or worse. (There is plenty that a power hungry governmental agency can do to someone that says "no" to them that makes "being arrested on unrelated charges" preferable.)

          • by fnj (64210)

            Mod up. This is exactly the explanation. There can be no doubt whatsoever. No proof, but no doubt. You can interpret the whole message of the suicide note to be the following, in the form of a veiled suggestion of course:

            "We were NSL'ed and would face the vengeance of the grandaddy of all police states if we said that here, or if we told you in plain language to just keep using 7.1a as acquired cleanly before this thuggery, or henceforward compiled from source which you can convince yourself is a clean copy

        • by AHuxley (892839)
          The gov gets the server, the staff to step away with a NSL and the ability to become the 'staff'.
          At first you just get the build ability. Then a safe, expected build with the surrounding jargon and skill set is tried.
          If the community did not notice the change to the staff or build or site then a project can be turned.
          The new tame staff are slowly rolled out to the wider community with a full 'crypto' history on the web to be found.
          If the community did not notice then a project can be altered to ensur
  • Speculation (Score:5, Insightful)

    by borcharc (56372) * on Sunday June 01, 2014 @03:30PM (#47142491)

    There is no concrete information that the NSA or a national security letter was involved. When did we start linking to random blogs for speculation presented as fact? May as well just posted a link to reddit thread about this.

    • That's probably where they got this anyway.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Ever since actual news stopped mattering and what everyone cares about is clicks (read as money).

    • Re:Speculation (Score:5, Insightful)

      by Anonymous Coward on Sunday June 01, 2014 @03:50PM (#47142603)

      We do not need concrete information.
      When a major encryption project like this closes shop, without any explanation, duress should be assumed.
      The current climate requires it.

      • by aaaaaaargh! (1150173) on Sunday June 01, 2014 @04:21PM (#47142781)

        That's exactly what I thought first. But then it came to my mind that Bitlocker is much more secure than Truecrypt, because it has been developed and carefully audited by a corporation with a proven track record in cyber security. That fact makes it practically 100% certain that the developers of Truecrypt just thought "nah, fuck it, we now have Bitlocker, which uses military-grade encryption against all kinds of criminals and cyber-threads, and there are minor to medium potential problems with our code, so we just throw the towel and give up all the work on Truecrypt."

        That's obvious, right?

        • by lsllll (830002) on Sunday June 01, 2014 @05:57PM (#47143247)
          Amen brother! I switched to Bitlocker a while ago and never even looked back at LUKS or TrueCrypt. The problem I had, though, was that I run only Linux on my machine. No worries. I installed VirtualBox, created a VM and installed Windows on it. That way I could make /home/lsllll as a private share available in the VM and have Bitlocker go at it. That is the ONLY reason why I run Windows. God praise the Bitlocker developers. They saved me from the NSA.
    • Speculation (Score:3, Insightful)

      by Anonymous Coward

      This is Slashdot. No one cares whether something is true or not as long as it is negative towards the government. Sad really, since it diminishes any sort of real discussion about actual concerns about the government rather than made up fantasy.

    • Re: (Score:2, Insightful)

      by jopsen (885607)

      There is no concrete information that the NSA or a national security letter was involved.

      Before Snowden we used to say the same thing about NSA messing with encryption standard bodies, or NSA conductive widespread warrant-less surveillance of everybody.

      We used to think people wasn't subjected to secret trails in the US. That's no longer the case, we now know by fact that the US doesn't honor basic human rights, not for it's citizens or anybody else.

      Do we really need more proof. This isn't the worst thing the NSA have attempted yet.

  • by Anonymous Coward on Sunday June 01, 2014 @03:36PM (#47142529)

    Fyi Truecrypt, with its dubious code provenance, has been suspect for a long time anyway, regardless of these developments. S there already is a re-implementation of Truecrypt from the ground up for Linux and BSD by non-anonymous(?) developers: https://github.com/bwalex/tc-play

    Also, cryptsetup-LUKS (recent versions only) can mount truecrypt containers under Linux.

  • It has to be an NSL. What should be the other explanation? The truecrypt accounts hacked? I don't think so.
    However, it is too early for a story "The Sudden Policy Change In Truecrypt Explained". There is no proof of this speculation yet.

    • Re:What else? (Score:5, Informative)

      by rahvin112 (446269) on Sunday June 01, 2014 @04:31PM (#47142841)

      The simplest explanation is that the developers simply got tired of the project and decided to abandon it. It's been years since any update and it's certainly plausible that those developers remaining simply decided it wasn't worth it to keep the project alive when no one was maintaining it. .

      • Re:What else? (Score:4, Insightful)

        by dcollins117 (1267462) on Sunday June 01, 2014 @06:12PM (#47143347)

        The simplest explanation is that the developers simply got tired of the project and decided to abandon it. It's been years since any update and it's certainly plausible that those developers remaining simply decided it wasn't worth it to keep the project alive when no one was maintaining it.

        Fine. The simplest way to do that is to put a clear and unambiguous message on their webpage staing that development is frozen at version 7.1a, and the project will no longer be maintained. Instead they gave no explanations, but very bizzare set of statements that raise more questions than they answer.

        This has the flavor of a practical joke or an unstable mind. Certainly not someone you would trust to protect your data.

        It's a shame. I really liked the application.

  • by hsmith (818216) on Sunday June 01, 2014 @03:43PM (#47142569)
    U.S. changed to "United States" - "use bitlocker," "use any crypto package in Linux," when setting up an OS X disk image no encryption...

    The message is clear what happened.
  • still speculation (Score:5, Informative)

    by tero (39203) on Sunday June 01, 2014 @03:52PM (#47142619)

    According to this page - someone e-mailed a dev contact and claims they called it quits due to lack of interest

    https://www.grc.com/misc/truec... [grc.com]

    (Scroll to the bottom, the green box).

    The only real "confirmation" we have is the info on the TrueCrypt page. It's over (no matter what the reason is), best to move on.

    • Re: (Score:3, Funny)

      Rightr because everything that Steve Gibson does is completely accurate. Right?

      • by tero (39203)

        It's just his page, read the actual quote I referenced, it's nothing to do with Steve Gibson - he is just quoting two people on twitter.

        Bottom line - we have no evidence of warrant canary or "dev rage quit".

        Also: https://twitter.com/0xabad1dea... [twitter.com]

        Personally I'm more inclined to believe the devs calling it than any NSA scheme, but again.

        No. Evidence.

    • by nurb432 (527695)

      I tend to agree, we will never really know why . Even if someone comes up and clearly says 'hey i was with the team and we did it due to xyz', since the team was anonymous how can you be sure hes with the team, and even he was, if hes telling the truth?

      No matter what the reason, or even if there is a legit reason the game is over and it really doesn't matter why, other than curiosity. The code ( or group ) can no longer be trusted, and who knows how far back this breach goes.

      Time to move on to something els

  • Literally give the source code and rights to continue development to anyone and everyone.

    A new project will pick it up and continue development without breaking the law. And at that point its unlikely the NSA will be able to do anything to it.

  • by NotSanguine (1917456) on Sunday June 01, 2014 @03:55PM (#47142641) Journal

    No evidence is presented. The reference to a "canary" is suspect, as it isn't discussed what that canary was.

    Some semi-random tweeter is reposted on some random blog? I don't think so.

    It's possible that this is accurate, but without evidence, why bother? As I asked in the original discussion about the shuttering of TrueCrypt, who stands to benefit?

    • by Prune (557140)

      In fact, Alyssa Rowan (quoted in TFA and a known persona in the crypto community) detailed the canary in the previous ./ article, posting as an AC: http://it.slashdot.org/comment... [slashdot.org]

      • In fact, Alyssa Rowan (quoted in TFA and a known persona in the crypto community) detailed the canary in the previous ./ article, posting as an AC: http://it.slashdot.org/comment... [slashdot.org]

        Mayhap it is, and mayhap it isn't. Either way, TrueCrypt is dead. Anything else, without documentary evidence (and that means independently verifiable evidence, not mysterious tweets and AC posts) is just speculation, IMHO. Feel free to disagree with me, I don't mind.

  • by Anonymous Coward on Sunday June 01, 2014 @03:57PM (#47142649)

    An anonymous coward in the last thread said that a known warrant canary was seen:

    http://it.slashdot.org/comments.pl?sid=5212985&cid=47117051

  • Not only is this mercurial and virtually unknown Alyssa Rowan spotted a canaryu, but so has PeeWee Herman! He just tweeted.

  • by DERoss (1919496) on Sunday June 01, 2014 @04:10PM (#47142733)

    I never use cloud resources. Too many users have been severely inconvenienced if not outright burned by cloud services that have been hacked, suppressed by some government, gone out of business, or gone down for several hours. I keep all my data where I can access it, either on my PC or on a removable hard drive that I store remotely from my PC but easily reached.

    I encrypt my most sensitive data. No, I do not rely on some corporation's declaration: "Trust us. We are good. We will protect you." Instead, I use an OpenPGP application that has been reviewed by outside experts and that I have installed on my PC. The data on my removable hard drive are encrypted. Some of my PC files are also encrypted. My pass-phrase, without which my private key is useless for decryption, exists only in my head and in an envelope in my safe deposit box at a bank. My private key is on my PC in a non-standard location. If somehow someone else were to access my private key, I have a much greater problem than the compromise of my sensitive data.

    See my http://www.rossde.com/PGP [rossde.com]

    • Interesting:

      envelope in my safe deposit box at a bank

      That the government can legally get a search warrant for.
      However the one your head it's protected by the 5th amendment.

      Think about it.

  • by westlake (615356) on Sunday June 01, 2014 @04:14PM (#47142757)
    There is nothing I think worth adding to "Marlor's" post to Ars:

    I can't comprehend the conspiracy theories flying around about this.

    [TrueCyrpt] is a barely-maintained Open Source project (no updates in the past two years), with an outdated, messy code-base, serious build dependency problems, and lacking in full support for the newest Windows release. It likely only has a small development team - perhaps only one or two people.

    The developers are absurdly secretive, and when they do come out of hiding to make a statement, they are confrontational (take, for example, their response to Fedora's queries over the clause in their license that reserves the right to sue for copyright infringement).

    If this was any other project, we'd all just assume the developers had decided to call it a day. However, because of the nature of the software, everyone assumes security agencies or reptilians are involved.

    Maybe the developer was a security researcher who has decided to retire to a tropical island. Or maybe there were two developers, and they have had a dispute. Maybe the primary developer took a job offer at a security firm, with a clause prohibiting him from working on external projects. There are an almost infinite range of possibilities... assuming that the cause was the devious acts of state-sponsored actors is leaping to a pretty big conclusion.

    If I developed a piece of security software, and wanted to cease development, I'd make a similar statement.

    "Don't use this anymore. It's not maintained, and should therefore be considered insecure".

    Otherwise, if a vulnerability is discovered, everyone will scream: "Fix it now! Nobody told us to stop using it!"

    ''TrueCrypt is not secure,'' official SourceForge page abruptly warns [arstechnica.com]

    [Ars stats for Marlor: 1279 posts > registered Oct 3, 2003 > 0.01% of all posts > 0.33 posts per day]

    • This all makes sense to me, until you add in a few strange parts:

      1) Why did they nuke all previous versions of the software? The disclaimer is there. There's was no need to nuke the old versions.
      2) Why neuter v7.2 so it can't encrypt? Heck, why even release a neutered version? The disclaimer is there. If I was ending my work on a project, I wouldn't end it on 'here's a broken version, and I erased all the good versions.'
      2) Why the unprofessional webpage, with screen shots? Screen shots take time to ge

  • More speculation (Score:4, Interesting)

    by Lost Race (681080) on Sunday June 01, 2014 @04:42PM (#47142881)

    There's nothing in TFA that hasn't been speculated in great detail already.

    No explanation totally makes sense. Here's my working model of what happened (all speculation of course):

    The project has been gradually disintegrating over the last few years -- developers leaving and not being replaced, remaining developers having less time to spend on the project for whatever reason, and the perceived reward for fixing increasingly difficult bugs is not enough to keep people interested. It's just not fun any more.

    The to-do list has some really nasty bugs that are difficult to fix and could potentially compromise all TC containers. The remaining developers in the project have been grinding away at these bugs, but haven't made much progress for reasons outlined above. They realized that the project was going to fizzle out before they got anything fixed. A cursory look at the 7.2 code suggests that they had committed to some major rewriting of the code, and bit off more than they could chew.

    At this point, what can they do? Reporting the vulnerabilities would be irresponsible since no fixes are forthcoming. Lives depend on some of the secrets their software keeps. Best to push people gently away from TC until the problems can be fixed, if ever, while keeping the details of the vulnerabilities as secret as possible, and giving people realistic expectations about the future of TC development (i.e. none).

    They probably had a plan for creating a migration plan that actually made sense, but ran out of resources before finishing, and decided to go with what they had on hand. At this point they were probably down to one very part-time developer and maybe a few unreliable volunteers. ("Hey Jim, where's that page you were writing about Linux FDE? Jim? Hello? Anybody there?")

    There was really no good way forward with the resources remaining, so they did the best they could.

    Why didn't they find someone else to take over the project? I guess they tried, but couldn't find anyone in their immediate circle of trust who was willing and able. Perhaps they felt that expanding their circle of trust would jeopardize their anonymity.

    On the other hand....

    "WARNING: Using TrueCrypt is *not *secure *as ..."

  • by swb (14022) on Sunday June 01, 2014 @04:52PM (#47142927)

    I'm surprised there hasn't been a Kickstarter setup to re-implement TrueCrypt from the ground up.

    What would be the dollar cost to hire a team of developers to do it?

    • by westlake (615356)

      I'm surprised there hasn't been a Kickstarter setup to re-implement TrueCrypt from the ground up. What would be the dollar cost to hire a team of developers to do it?

      We know the cost of the audit:

      Since September 2013, a handful of cryptographers have been discussing new problems and alternatives to the popular security application. By February 2014, the Open Crypto Audit Project---a new organization based in North Carolina that seeks formal 501(c)3 non-profit status---raised around $80,000 toward this goal on various online fundraising sites.

      TrueCrypt audit finds ''no evidence of backdoorsâ or malicious code.'' [arstechnica.com]

      It's reasonable to assume that any attempt to resurrect TrueCrypt would fail without an independent audit on the same scale.

      We don't know the size of the TrueCrypt team or the man-hours invested in its development, but we do know it took ten calendar years to take TrueCrypt to version 7.1,

  • by mysidia (191772) on Sunday June 01, 2014 @05:59PM (#47143261)

    It appears grc [grc.com] has created page where the last final version of TrueCrypt and all source code could be downloaded.

    My hope would be that someone will fork the project and continue development for Linux, and Windows XP/2003, at least, AND preferably work on new Version of Windows.

    Bitlocker is REALLY not good enough, for most users won't have access to it -- since it is only in the ENTERPRISE version of Windows 7; in particular... Windows 7 Standard and Professional do not have the feature.

    • by v1 (525388)

      I don't understand the confidence in bitlocker. If you assume TC got NSL'd, how would MS react in the same situation? Do you honestly believe that MS hasn't already been handed several NSL's over the years? And it's not open source, anything could be in there, including a back door. If you're paranoid about security, a closed-source product run by a big company based in the USA is the last place you'd be looking for a security product.

      I don't think an NSL can (legally) require you to actively DO anythin

      • by dave420 (699308)
        Don't assume just because something is open source that it doesn't have backdoors. That is terrible logic.
  • Interesting... (Score:4, Insightful)

    by Kythe (4779) on Sunday June 01, 2014 @07:33PM (#47143687)
    ...that everyone seems to assume the Truecrypt developer(s) were in the U.S.
  • by Zelucifer (740431) on Sunday June 01, 2014 @09:57PM (#47144315)

    Is there any proof that the contributors are even in the US and thus subject to a NSL? At least one of them seems to be from the Czech Republic (David Tesaík).

  • by duke_cheetah2003 (862933) on Sunday June 01, 2014 @10:09PM (#47144363) Homepage

    Given the anonymous nature of the TrueCrypt developers, would we even believe someone who claimed to be a dev and gave us an explanation?

    Not sure I would. I've read a lot of different articles and comments about this ordeal and I'm frankly not sure what to believe. I'm not sure if I'd believe someone if they said they were a dev.

    I know we'd all laugh if the NSA came out publicly and said "we had nothing to do with it."

  • by Todd Knarr (15451) on Sunday June 01, 2014 @11:57PM (#47144741) Homepage

    Unlike with Lavabit, there's no single master key for TrueCrypt that can be gotten from the developers that'll decrypt any TC partition. The best the NSA could get is the ability to create their own signed binary package with their own modifications and have it appear as the official package on TC's site. The problem with that is that the TC code's open so anybody can build from source and compare with the official build and see that they aren't the same. And any compromise of the source (eg. weakening the cryptography) would be instantly revealed in the diffs. The whole NSL thing sounds dodgy, and doesn't quite fit. It seems more likely that, with Win7 and later moving to supporting only GPT disks, the TC developers found they can't add that support and decided to throw in the towel.

    In any case, the version of TC from before this change is still available and as far as anyone can tell is still secure. I'd be leery of switching to other encryption software that's known to be less secure until someone comes up with a definitive vulnerability in 0.71.

"It is better to have tried and failed than to have failed to try, but the result's the same." - Mike Dennison

Working...