Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Data Storage Encryption Open Source Your Rights Online

TrueCrypt To Go Through a Crowdfunded, Public Security Audit 104

An anonymous reader writes "After all the revelations about NSA's spying efforts, and especially after the disclosure of details about its Bullrun program aimed at subverting encryption standards and efforts around the world, the question has been raised of whether any encryption software can be trusted. Security experts have repeatedly said that it you want to trust this type of software, your best bet is to choose software that is open source. But, in order to be entirely sure, a security audit of the code by independent experts sounds like a definitive answer to that issue. And that it exactly what Matthew Green, cryptographer and research professor at Johns Hopkins University, and Kenneth White, co-founder of hosted healthcare services provider BAO Systems, have set out to do. The software that will be audited is the famous file and disk encryption software package TrueCrypt. Green and White have started fundraising at FundFill and IndieGoGo, and have so far raised over $50,000 in total." (Mentioned earlier on Slashdot; the now-funded endeavor is also covered at Slash DataCenter.)
This discussion has been archived. No new comments can be posted.

TrueCrypt To Go Through a Crowdfunded, Public Security Audit

Comments Filter:
  • by Anonymous Coward

    Slash DataCenter? Do not want!!

  • Hmmm... (Score:5, Interesting)

    by Anonymous Coward on Thursday November 07, 2013 @06:04PM (#45362061)

    But who will audit the auditors?

    • Re:Hmmm... (Score:5, Insightful)

      by lgw ( 121541 ) on Thursday November 07, 2013 @06:12PM (#45362157) Journal

      But who will audit the auditors?

      Gorillas!

      Seriously, a fully public audit is the best possible approach. You can never be 100% sure, but you can get close enough if the audit attracts enough talent. This is the true promise of open source: moving from "in theory, you could look at the source", yahright, to "here's the crowdfunding for experts to openly audit the open source". That's something.

      • This is still an important question. While yes, the money will attract some talent, the money also will attract scammers and just random people who want to make a quick buck. And I don't see $50k attracting enough talent.

        • by lgw ( 121541 )

          In this case you won't need much money, as TrueCrypt is so high profile and lots of security experts use it personally. If this approach catches on, and the novelty wears off, then you'd need more money to be sure.

        • by Lennie ( 16154 )

          If you think this is about attracting random talent, you are so wrong.

          This is about compensating known experts for their time spent on doing the audit.

          It takes a lot of time to do an audit.

          • If the experts are already known, then I definitely don't see a point in not disclosing their names before the fund raiser.

            I think the idea is really cool, but the process is also very important.

      • Re:Hmmm... (Score:5, Interesting)

        by adolf ( 21054 ) <flodadolf@gmail.com> on Thursday November 07, 2013 @08:09PM (#45363331) Journal

        Phone call to encryption expert: "Yes, thank you Truecrypt. I will gleefully accept your money and publish an audit."

        Next phone call to encryption expert: "Yes, thank you NSA. I will gleefully accept your money and write whatever you tell me to write in my published audit."

        (Oh, encryption experts are immune to subterfuge, greed, bottomless debt, double-dipping, and generally being nafarious? I thought that they were just human like the rest of us!)

        (And for the record, once one "independent" party accepts money from another party with a dog in the race, they cease being "independent" about the matter at-hand.)

        (See also: Whitewash [wikipedia.org].)

        • by lgw ( 121541 )

          But then we'll know. If Bruce Schneier is an NSA plant, and he and at least one smart non-NSA plant routinely audit software, the pattern will emerge.

          Like I said, nothing is perfect, but this is pretty good.

          • by adolf ( 21054 )

            But I don't know Bruce Schneier from a hole in the ground, and the only thing I know about Truecrypt is that the folks who make it say it is secure (or, perhaps in the future, pay for audits, wherein it is proclaimed secure).

            The circle of trust is very, very short here.

            Studies have shown that studies are easily skewed by money.

            • by Yvanhoe ( 564877 )
              Dor what it is worth, the version 6.0a of Truecrypt has been found clean by the ANSSI, the French public agency of computer security (which have a good reputation in cryptography, but who may set the paranoia cursor a bit too low) in 2009.

              It was considered adequate for military use. Depending on your political opinions, this may be a laughable audit or a solid claim.

              A famous French blogger made a binary comparison between the sources and the windows binaries given by Truecrypt and deduced that (unless t
        • Next phone call to encryption expert: "Yes, thank you NSA. I will gleefully accept your money and write whatever you tell me to write in my published audit."

          Let's not forget the probable stick that would come along with the carrot. 'National security...open your mouth about what you find and (insert threats here).

        • by AmiMoJo ( 196126 ) *

          It's not the Truecrypt people organizing the audit, it's an independent group. Of course they might be the same person as the authors of Truecrypt are not known for certain, but since the audit will be public any deliberate failures are likely to be spotted. If you were a security researcher doing a public audit it would be unwise for you to accept money to botch it, since your professional reputation is on the line.

          • by adolf ( 21054 )

            Which brings us back to the original question:

            Who watches the watchers?

            How would we even know if it was botched?

    • by Alarash ( 746254 )
      Richard Stallman should be all over this. I mean, he keeps saying all over the place how software needs to be open for people to review what it does, and if there's ever been a time where this was needed, it's now.
  • by retech ( 1228598 ) on Thursday November 07, 2013 @06:06PM (#45362085)
    So they're getting crowd-funded money to do all their testing to ensure no one can see the NSA's back doors they have in place.
    • Re:Free testing (Score:5, Insightful)

      by rudy_wayne ( 414635 ) on Thursday November 07, 2013 @06:19PM (#45362223)

      If you think better, stronger encryption is the answer, then you don't understand the problem.

      In 2011 the Foreign Intelligence Surveillance Court issued a ruling that many of the NSA's activities were illegal and unconstitutional. You'll notice that this had no effect on the NSA's spying because (a) It was a secret order issued by a secret court and nobody knew about it until just recently and (b) There is essentially no oversight of the NSA which means they are free to do whatever they want.

      So, even if you have some super-duper unbreakable encryption, which has been audited and you can guarantee that it contains no NSA backdoors, so what? If the NSA can't break your encryption they'll simply yell "National Security" and get a secret order from a secret court compelling to do decrypt your stuff or face prosecution -- prosecution which will be carried out in secret, making it impossible to defend yourself.

      If you've been paying attention, you see what the real problem is.

      • There is one small silver lining to this otherwise ugly cloud... if of course there's a way to hide any trace of TrueCrypt on a machine that's using it?

      • by Anonymous Coward

        So, even if you have some super-duper unbreakable encryption, which has been audited and you can guarantee that it contains no NSA backdoors, so what? If the NSA can't break your encryption they'll simply yell "National Security" and get a secret order from a secret court compelling to do decrypt your stuff or face prosecution -- prosecution which will be carried out in secret, making it impossible to defend yourself.

        I'm very curious about this as I use truecrypt volumes of various types and sizes to fill my freespace with random data so free space wipes take less time. When I need some more room I delete a volume. The thing is when I make these I just grab a snippet of text from whatever I have open at the time. They are just junk files that truly can't be opened, does this mean I would sit in contempt of court for decades? Seems likely at this point.

        • I think the bigger question here is, why do you need to wipe your free space? are you hiding something from the NSA?

          • For the same reason I shred my old bank statements and cut up my old credit cards.

            I didn't read the parent to your comment, so I'm taking your comment as worded. This information is valuable to other people, whether they can use it to imitate you to get further information from a trusted source or to access your finances or medical history. I wipe the free space because the end point (my PC) isn't secure. The remote server is supposed to be secure, as is the connection to my PC, but once decrypted on my co
            • i guess the joke went over your head(see parent comment)....but thats ok, your right though, wiping data is a good idea. You could always just encrypt your entire drive as well, making wiping unnecessary.

              • I would argue that you should also wipe at least the start and end of the drive (for TrueCrypt encrypted volumes) to destroy the (yes, also encrypted) key.

                TrueCrypt, as an example, uses the "user key" you provide (weak) to encrypt the "volume key" generated from the various RNGs and entropy pools available (strong), like wiggling the mouse.This is used to actually encrypt the data. This way, you can change the "user key" without having to decrypt and re-encrypt the entire volume; Only the "volume key" need
      • Well put it in a hidden container and put stupid shit inside your normal container and give them that password. Throw a bunch of tax returns and shit in there and say you where only following your IT friends advice on protecting your finance documents, or if your IT, say you practice what you preach.

        Also, assume they will find this post and use it to prove you have a secret container, so you'll want to change your name, SSN, DOB and possibly a face change(at least your hair), in fact, why where you stupid e

      • by rvw ( 755107 )

        If you've been paying attention, you see what the real problem is.

        The real problem here is that you're living in the USA. And another problem is your thinking.

        Many of us don't live in the US. And even if we live in the EU, in a country who's secret service cooperates with the NSA, we still don't have a Patriot Act and I don't think that people here are abducted to the US or some stinking country without human rights for something like this.

        Then your thinking. Most of us are just normal people, who want to protect documents for various reasons, and we want to use stronger

    • So they're getting crowd-funded money to do all their testing to ensure no one can see the NSA's back doors they have in place.

      So what's your answer? Everyone just does their own code review?

  • by Anonymous Coward on Thursday November 07, 2013 @06:07PM (#45362093)

    Alright, I'll volunteer. Once the money has cleared my account, consider it "validated."

    • by Anonymous Coward

      Look, validating software is quite important as well. Its not as if validating truecrypt is something you can easily do in your free time. You need people that understand encryption and software to be able to get somewhere.
      I am sure they won't just give any jackass the money and not demand reproducible steps and clear verification of the source code.

      Its not because validating that everything works like they say it does without adding any code, that validating is a valueless job. There is great value for any

  • .. would the people of the United States have trust issues with the NSA?
  • by kbg ( 241421 ) on Thursday November 07, 2013 @06:24PM (#45362285)

    The Windows version is compiled with MSVC, which almost certainly has a NSA backdoor that gets compiled into the TrueCrypt binary.

    • Please vote this up..

      Indeed, the vectors for adding back doors is not as simple as looking at source code.

      • by vux984 ( 928602 ) on Thursday November 07, 2013 @06:54PM (#45362589)

        Sure, vote it up as a point that the the toolchain is always suspect, but saying MSVC is injecting backdoors into everything it compiles is just plain idiotic.

        • Absolutely, I'm no conspiracy theorist. I just agreed that the source code is not the only vector for injecting backdoors.

        • by sconeu ( 64226 ) on Thursday November 07, 2013 @07:19PM (#45362803) Homepage Journal

          * We know that the distributed source generates the distributed binaries. There was an article on this (I'm too lazy to search for it).

          * This audit will vet the source so that there are no *CODED* back doors.

          * The code is still vulnerable to a Ken Thompson style attack.

          • The code is still vulnerable to a Ken Thompson style attack.

            Is it possible to build the Windows version of TrueCrypt with GCC, or the Intel compiler? If so, then the Thompson attack can be worked around.

            • by Desler ( 1608317 )

              Unless one is planted into GCC.

              • We know that the current version of GCC doesn't have the "Ken Thompson" trojan. The original version could have, theoretically a but it couldn't survive so many versions. Also, gdb would have revealed it long ago.
                Maybe gcc also trojans gdb? And ptrace, and ...
                You have to imagine that the author wrote specialized trojans for a bunch of programs that hadn't been created yet, and hid them all in a few kilobytes. That's beyond impossible, even for the best programmer in the world.

              • Unless one is planted into GCC.

                Easy to eliminate. There are plenty of other open source compilers.

                http://arxiv.org/pdf/1004.5548.pdf

        • by steelfood ( 895457 ) on Thursday November 07, 2013 @09:40PM (#45364213)

          No, but certain differences between the TrueCrypt volumes generated by Windows and the TrueCrypt volumes generated by Linux point to there being a strong possibility of a backdoor in the Windows-only version.

          I'd be interested to see if there's actually code that writes out those random bytes in the header for Windows only, or if something else (API, MSVC, etc.) is causing the randomness. Because if it's the latter, then the chance of it being a backdoor goes way, way up.

        • by kbg ( 241421 )

          Not injecting backdoor into everything, just into the TrueCrypt binary. What is the easiest way to inject a backdoor into TrueCrypt? By asking Microsoft to add a backdoor to the MSVC compiler.

          • by vux984 ( 928602 )

            So ... if "solution name" = truecrypt, and source-code file = xyz.cpp then replace x with y?

            How plausible is that really?

            What is the easiest way to inject a backdoor into TrueCrypt? By asking Microsoft to add a backdoor to the MSVC compiler.

            I think there's lots of easier, more reliable, less detectable ways than that.

            • by kbg ( 241421 )

              Of course it isn't something simple like if "solution name" = truecrypt, that is just stupid. It's more like detecting specific encryption algorithms in TrueCrypt and injecting code that makes the encryption weaker by either modifying the encryption slightly or storing maybe part of the key somewhere in the data. So for the right people who know about the back door, decrypting becomes an easy task.

              How plausible is that? Well I guess you haven't read about the Ken Thompson hack for the C compiler. Doing some

              • by vux984 ( 928602 )

                Of course it isn't something simple like if "solution name" = truecrypt, that is just stupid.

                Yes.

                It's more like detecting specific encryption algorithms in TrueCrypt and injecting code that makes the encryption weaker by either modifying the encryption slightly or storing maybe part of the key somewhere in the data.

                That's a non-trivial hack, how do you propose it "detect specific enryption algorithms in truecrypt" to detect that its compiling truecrypt, and then modify it. How many bytes of code do you thi

                • by kbg ( 241421 )

                  That's a non-trivial hack, how do you propose it "detect specific enryption algorithms in truecrypt" to detect that its compiling truecrypt, and then modify it. How many bytes of code do you think it would take to program that?

                  You say it like it is complicated. This is just programming, Microsoft and the NSA has billions of dollars to throw at the problem. It doesn't matter how much space it takes it can be done.

                  Yes it has to be hidden, but you can have self modifying code and you can have code that looks l

                  • by vux984 ( 928602 )

                    You say it like it is complicated

                    Because it is.

                    Yes it has to be hidden, but you can have self modifying code and you can have code that looks like it does something innocent but actually does something else.

                    Has anybody actually audited the MSVC binary? Didn't think so.

                    Really you just have to audit the output. And you can start with 1 line of C and build up from there iteratively. Its work, and its tedious but its not nearly as hard as you think.

                    It doesn't matter how much space it takes it can be done.

                    Of co

                    • by kbg ( 241421 )

                      No you can't just audit the output by starting with 1 line of C code and move up from there, because you don't know what is the actual trigger for the back door. It can be any number of specific lines of code, includes modules or at least some output size of the binary.

                      It doesn't have to be tiny, you can hide the code in data or other code. But even so just take a look at how tiny some programs are in the demoscene, you can build incredibly small code that does a lot. Also take a lookt at how some viruses a

                    • by vux984 ( 928602 )

                      No you can't just audit the output by starting with 1 line of C code and move up from there, because you don't know what is the actual trigger for the back door. It can be any number of specific lines of code, includes modules or at least some output size of the binary.

                      Your assertion was that it was the truecrypt source code. So how about we use that. It's not terribly large.

                      It doesn't have to be tiny, you can hide the code in data or other code.

                      You can hide a small bit of code, you can't hide large amounts

      • www.techarp.com/showarticle.aspx?artno=770&pgno=3

        Hmmm...

    • Which is why, if you read the info on the IndieGoGo blurb, they talk about a validated Windows build that is signed.

      Unfortunately it's not realistic to ask every Windows user to compile Truecrypt themselves. Our proposal is to adapt the deterministic build process that Tor is now using, so we can know the binaries are safe and untampered.

      • by gl4ss ( 559668 )

        some guy replicated building the released tc binaries already though.

        so unless the compiler is attaching a tc specific backdoor to everything..

        • by kbg ( 241421 )

          Yes and he used the MSVC compiler which could include the NSA backdoor.

          The compiler doesn't have to attach the backdoor to everything, only when the TrueCrypt binary is being created.

      • by kbg ( 241421 )

        You missed my point. As long as the MSVC compiler is used you can't be sure the binary is correct, even thought the source is audited. The only way to do a validated Windows binary build is to use an open source C++ compiler that has been audited to compile the Windows version of TrueCrypt.

  • by badasawsomeness ( 3025411 ) on Thursday November 07, 2013 @06:55PM (#45362599)

    I feel like this has been reported on 5 times by now. Yes we know they are raising money, please no more updates until the findings from the audit are in.

    In the mean time is there any actual point to this? While TrueCrypt can be one of the best methods for a typical home user or even tech savy business person to encrypt that naughty folder. But it honestly isn't as widely used as they make it out to be. Most softwares or businesses use their own encryption. Not to mention the nature of TrueCrypt means its most often used to secure locals files or drives, meaning unless the NSA has direct control over your computer they really cant get at your stuff.

    Also would this resolve anything? As soon as the audit is done people will either, question the findings for one reason or another. When in the end all the audit can say is if there is an intentional backdoor or if there is an obvious flaw in the code that would leave it vulnerable. Even if neither of these turn up there is still a very real chance the NSA found their own unintentional flaw in the code that allows them to greatly reduce the time required to decrypt the drive.

    • by AHuxley ( 892839 ) on Thursday November 07, 2013 @11:33PM (#45364955) Journal
      Its more for people moving around the world. But the main risk is having your media looked at and someone seeing your need for the use of encryption.
      You could have all other data quickly captured and end up on a few gov lists with your computer returned.
      The NSA mostly seems to like to track all net use globally and then zoom in on users, their OS, files reviewing their digital lives.
      Tame OS, telcos and software seem to help the NSA with the final steps i.e. the end users encryption and saving the keystrokes for easy very decryption.
      But just the act of requesting an audit does make 'easy' past with some software more difficult.
  • Sadly, though, there is only one party offering to take a huge sum of money to crawl through code for a few weeks or possibly months. And it seems to me that the parties offering to do the work have a vested interest in the results coming out "negative for NSA bugs".

    This means ( as others here have pointed out ) that there cannot truly be independent verification. As someone else points out, the money would be better spent on bug hunts.

    The approach bears the mark of vigilantism. I say that, because encrypti

  • We need to turn this into a perminant comittee to rountinely test all open source encryption software, popular kernels (linux, freebsd, etc...), webbrowsers(firefox,chromium), webservers(apache, nginx), and other essential bits of free software we depend on (mariadb, php, python, etc...)

Technology is dominated by those who manage what they do not understand.

Working...