Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

TrueCrypt 6.0 Released

kdawson posted more than 6 years ago | from the plausible-deniability dept.

Encryption 448

ruphus13 writes "While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend. The new version touts two major upgrades. 'First, TrueCrypt now performs parallel encryption and decryption operations on multi-core systems, giving you a phenomenal speedup if you have more than one processor available. Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.' The software has been released under the 'TrueCrypt License,' which is not OSI approved."

Sorry! There are no comments related to the filter you selected.

first (5, Funny)

Anonymous Coward | more than 6 years ago | (#24097265)

svefg cbfg

Re:first (4, Informative)

evanjfraser (1007315) | more than 6 years ago | (#24097613)

Thats not off topic, thats kth substitution encryption!

More filesystems (4, Insightful)

toQDuj (806112) | more than 6 years ago | (#24097269)

Well, I hope that it now supports more filesystems, because mucking about with FAT on MacOS X didn't appeal to me last time.

Re:More filesystems (5, Informative)

Anonymous Coward | more than 6 years ago | (#24097361)

It still only creates FAT file systems, but you can reformat to whatever you want afterwards. I tried it with both HFS+ and ZFS and it seemed to work fine.

Re:More filesystems (4, Informative)

Anonymous Coward | more than 6 years ago | (#24097371)

Or you can create your own filesystem? I don't know how it works on the mac, but on windows & linux truecrypt just creates an encrypted disk which you can format with any filesystem you like. Just create the container file filesystem type 'none' and format it yourself.

That might betray the presence of a hidden volume (5, Interesting)

Anonymous Coward | more than 6 years ago | (#24097539)

- depending upon the file system.

For instance, if you used ext3 then mkfs.ext3 is going to put backup super blocks all over your disk. If you then setup a hidden volume later on, some of those backup super blocks are going to get over written. An attacker - to whom you've been forced to reveal your outer volume password - could easily discover that the backup super blocks aren't the same as the real super block and deduce that you're using a hidden volume that you didn't tell them about. You could, when formating, tell mkfs.ext3 not to use any backup super blocks - but that also might look a bit suspicious. Just food for thought.

Re:That might betray the presence of a hidden volu (-1, Flamebait)

larry bagina (561269) | more than 6 years ago | (#24097929)

anybody using ext3 deserves to be horribly beaten and tortured.

Re:More filesystems (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#24097447)

Buy a real computer. Problem solved.

Local admin rights on Windows (4, Insightful)

millwall (622730) | more than 6 years ago | (#24097271)

I work as a consultant and often use Truecrypt on my USB key in traveller mode on sites where I work. The top thing on my wishlist is to be able to run/install Truecrypt on a Windows machine without admin rights.

The issue is described in full here [truecrypt.org] :

[..] In Windows, a user who does not have administrator privileges can use TrueCrypt, but only after a system administrator installs TrueCrypt on the system. [...]

Full release notes can be found here [truecrypt.org] .

Re:Local admin rights on Windows (4, Insightful)

TheLink (130905) | more than 6 years ago | (#24097321)

You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

You should copy the files that you don't mind exposing, to the unencrypted partition of the USB key or a different no crypto USB drive.

Re:Local admin rights on Windows (0)

Anonymous Coward | more than 6 years ago | (#24097547)

Personally, I wouldn't mind a standalone "Winzip-esque" file manager, for use on machines that don't have TrueCrypt installed. The main reason I'd use TrueCrypt is just in case I lost one of my USB drives, rather than keeping anything majorly secret on it.

If there's unencrypted remnants on the host PC then that's not too much of an issue for me, but if I lost one of the drives then I'd rather someone had to erase it to use it than being able to see all my stuff in unencrypted form.

Re:Local admin rights on Windows (4, Insightful)

Jah-Wren Ryel (80510) | more than 6 years ago | (#24097551)

You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

You should copy the files that you don't mind exposing, to the unencrypted partition of the USB key or a different no crypto USB drive.

Obviously his specific use for truecrypt is to protect data in transit, should he lose the USB drive.
I think that's a very common scenario.
Your 'solution' completely negates the value of that use of truecrypt.

Low powered PC (3, Interesting)

DrYak (748999) | more than 6 years ago | (#24097619)

A not very powerfull small factor PC (some subnotebook barely good enough to run Linux - no need for the latest über-UMPC able to withstand Vista), with which to decrypt the content on arrival seems to be the only current solution.

At least, as an over-powerful laptop isn't needed, at least this isn't very expensive.

Also, has TrueCrypt been ported to PDAs ?
A PDA running TrueCrypt and dual SD+USB hybrids cards (Sandisk and OCZ produce such beasts) seems another even cheaper solution.
If the data can't be decrypted on the target machine when plugged with the card's USB connector, then plug it into the SD port of the PDA and decrypt data from there.

Re:Local admin rights on Windows (5, Insightful)

EvanED (569694) | more than 6 years ago | (#24097573)

You don't mind exposing your secrets to a machine you don't have control over (and thus should not trust)? I don't recommend it.

I'm not the OP, but this is being sillily unreasonable.

For instance, I don't have admin rights on the computer in my office. So maybe I don't want to trust this computer entirely. But if I'm walking back and forth with my USB key most days, the major threat is me leaving the key sitting on the bus seat or something like that, not information being stolen while I'm on the work computer.

It's not like just because you don't control a computer you don't trust it at all, or that just because something is in a TrueCrypt volume it's extremely sensitive.

Re:Local admin rights on Windows (4, Insightful)

Atti K. (1169503) | more than 6 years ago | (#24097739)

For instance, I don't have admin rights on the computer in my office. So maybe I don't want to trust this computer entirely.

I do have admin rights to my computer at the office, but I don't trust it 100%. Why? Because any network admin in the company also has admin rights on it. And of course it was not installed by me, and runs some of their custom stuff...

Re:Local admin rights on Windows (-1, Flamebait)

gazbo (517111) | more than 6 years ago | (#24097829)

Which is why you don't view your encrypted child porn on your work computer. But you may want to view your encrypted work data on that same machine.

Re:Local admin rights on Windows (-1, Offtopic)

Klaus_1250 (987230) | more than 6 years ago | (#24097921)

What the hell does Child Pornography has to do with this?

Re:Local admin rights on Windows (3, Insightful)

subreality (157447) | more than 6 years ago | (#24097933)

I'm not the OP, but this is being sillily unreasonable.

Not necessarily. Do you consider your data safe in the hands of everyone who has admin rights to the machine? Do they keep the machine patched and secured to a level appropriate for your secrets?

The answers to these questions depend on your threat model.

Re:Local admin rights on Windows (1)

Jah-Wren Ryel (80510) | more than 6 years ago | (#24097523)

I work as a consultant and often use Truecrypt on my USB key in traveller mode on sites where I work. The top thing on my wishlist is to be able to run/install Truecrypt on a Windows machine without admin rights.

I'm surprised no one has come up with a stand-alone gui 'archive utility' for truecrypt volumes that works like winzip and the like - just treat the encrypted volume as one big archive file. It would probably have to be limited to FAT filesystems, but I suppose that would be OK for most USB applications.

Re:Local admin rights on Windows (5, Informative)

Anonymous Coward | more than 6 years ago | (#24097555)

I work as a consultant and often use Truecrypt on my USB key in traveller mode on sites where I work. The top thing on my wishlist is to be able to run/install Truecrypt on a Windows machine without admin rights.

The issue is described in full here [truecrypt.org] :

[..] In Windows, a user who does not have administrator privileges can use TrueCrypt, but only after a system administrator installs TrueCrypt on the system. [...]

Full release notes can be found here [truecrypt.org] .

You dont need Admin rights with TCexplorer
Ideal for USB key
http://www.codeproject.com/KB/files/TCExplorer.aspx

Re:Local admin rights on Windows (1)

millwall (622730) | more than 6 years ago | (#24097591)

You dont need Admin rights with TCexplorer Ideal for USB key

I think you hit the nail on the head with your link to TCexplorer. Just what I was looking for indeed:

"A portable software to import, export, delete, rename, view, edit and execute files in TrueCrypt containers without requiring administrative privileges."

Would be even better if a similar tool was integrated into Truecrypt natively, but until that happens I will try this tool.

Re:Local admin rights on Windows (1)

xtracto (837672) | more than 6 years ago | (#24097633)

I am waiting for the same thing on Linux. It would be specially useful in my case, where the file system of my university is managed from a central server (which is in charge of backing up and whatnot), and we do not have root access to our clients.

It would be really useful being able to use truecrypt without having to install it in Linux.

Re:Local admin rights on Windows (1, Informative)

Atti K. (1169503) | more than 6 years ago | (#24097711)

Not possible IMHO, because truecrypt loads a kernel mode driver (truecrypt.sys), what a nonadmin user can't do on Windows.

Re:Local admin rights on Windows (0)

Anonymous Coward | more than 6 years ago | (#24097869)

Which ironically is what the Mac OS X port suffers from as well (for some normal reasons, and for some that are nothing short of lousy development). Bottom line is that it's doable without requiring admin access on Mac OS X.

Only works if it's default install (4, Insightful)

TheLink (130905) | more than 6 years ago | (#24097283)

All this crypto stuff only works well if it's part of the default install and config.

Otherwise users get exposed to "rubberhose cryptography".

Basically if all users even Joe Sixpack get an encrypted partition by default, then people using crypto will be safe - they have plausible deniability.

Re:Only works if it's default install (5, Informative)

apathy maybe (922212) | more than 6 years ago | (#24097339)

Yeah, but Truecrypt has a defence against that. It is called "hidden volumes". Basically, you create a container, use it for porn or financial records (something that you have a legitimate reason to want to hide, from the wife or identities thieves for example), something that you access often. Then you create a hidden volume that is put at the end of that volume, which to access requires a second password.

There is no way of knowing if that second hidden volume exists unless you have both passwords.

If you access the first volume without both passwords, then you can just wipe over whatever information you have stored in the hidden volume.

Oh yeah, I love TrueCrypt. It's groovy.

Re:Only works if it's default install (4, Funny)

eiapoce (1049910) | more than 6 years ago | (#24097369)

;) That is to say that you carelessly watch and upload too much porn without both password and you loose all those important TPS reports....

Re:Only works if it's default install (5, Insightful)

TheLink (130905) | more than 6 years ago | (#24097451)

Get a clue.

Does Joe Sixpack's computer come with Truecrypt? Does it come with a truecrypt container preinstalled?

The answer is NO.

So if the wrong people find Truecrypt on your computer guess what happens to you. If you say "Nothing" well: "Wrong answer!". They may give up after a few days of giving you the treatment, but it still means you get the treatment.

Whereas if everybody had truecrypt AND an encrypted partition, they could a) try to waterboard everyone, b) wait till they have more evidence.

And that is why I reported this bug/feature request: https://bugs.launchpad.net/ubuntu/+bug/148440 [launchpad.net]

Encryption must appear to be in _use_ by default by all users, then you get safety in numbers. When even your grandma using Ubuntu has a crypto partition, things are better for the people actually using it.

Re:Only works if it's default install (5, Insightful)

auric_dude (610172) | more than 6 years ago | (#24097697)

I followed this back to the Ubuntu bug report 148440 and see that a comment has been added https://bugs.launchpad.net/ubuntu/+bug/148440/comments/4 [launchpad.net] that I think says it all.

Re:Only works if it's default install (3, Insightful)

TheLink (130905) | more than 6 years ago | (#24097901)

Just change 1) in the original bug report from:

" Have crypto tools installed by default (if the user does not select the "use of encryption is illegal in my country" checkbox)."

to

" Have crypto tools installed by default (if the user does not select the "don't install encryption" checkbox)."

If the UK courts are going to jail your grandma just because she has an Ubuntu install with a container she has no key too, then I think grandma is living in the wrong country - in the old days the UK courts had the "Reasonable Man" thing, maybe now things have changed.

I see it more as a bug in the UK law than a bug in my proposal.

Re:Only works if it's default install (4, Informative)

Splab (574204) | more than 6 years ago | (#24097701)

Think you totally missed the point.

You put plausible data into the encrypted volume, when they ask for your password you give it up, they access the encrypted volume and see you got porn/financial stuff/what nots you don't want others to see. What they can't see is the fact that there is another volume hidden inside this, which there is no way of knowing unless you got the second password. Waterboarding the person makes no sense since he has already given up the password giving you access to the "entire" volume.

Re:Only works if it's default install (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24097747)

Get a clue.

Take your own advice.

Re:Only works if it's default install (1)

Jah-Wren Ryel (80510) | more than 6 years ago | (#24097499)

Yeah, but Truecrypt has a defence against that. It is called "hidden volumes".

Last I heard, you could only have one hidden volume. That significantly reduces plausible deniability, if you are interrogated they can rubber-hose you until give it up and then your interrogators will know they got it all.

Has that changed? Does truecrypt support unlimited hidden volumes now?

Re:Only works if it's default install (2, Interesting)

meringuoid (568297) | more than 6 years ago | (#24097651)

Last I heard, you could only have one hidden volume. That significantly reduces plausible deniability, if you are interrogated they can rubber-hose you until give it up and then your interrogators will know they got it all.

I never heard that. Reading through the documentation, it appears that any TrueCrypt volume can contain one hidden volume. Which means that your hidden volume can itself contain another hidden volume, and that can contain yet another.

If you think your adversary will torture you a second time in order to get your first-order hidden volume, then that's fine. Put the financial stuff in the non-hidden volume, the porn in the first hidden volume, and the Evil Master Plan in the second hidden volume.

The point is that you can have arbitrarily many layers of nesting. The enemy can never be certain he has them all, and most users probably don't even bother using a hidden volume in the first place.

Re:Only works if it's default install (-1)

Zocalo (252965) | more than 6 years ago | (#24097505)

Yeah, but Truecrypt has a defence against that. It is called "hidden volumes".

Unless it has a password that will *securely* wipe the hidden volume when entered, then it only has an illusion of a defence against that which is in reality no more than another example of security by obscurity. Other than the less IT savvy members of law enforcement, the TSA etc., that's not really going to help you at all if you find yourself in a situation where you are being forced to give up your TrueCrypt passwords.

It doesn't exactly take an IT guru to check the free disk space reported by the OS against the expected capacity for a given drive model and wonder why there's a discrepancy, especially if you've been trained to look for that kind of thing. I'd also expect that would be the kind of person that's going to take a low-level copy of a seized HDD before going anywhere near the power switch too, which essentially negates the automatic data erasure too. "Nope, that password erased the secure partition as well; strap him back down onto the board and get some more water and towels while I restore the image again, will you?"

Re:Only works if it's default install (4, Insightful)

|DeN|niS (58325) | more than 6 years ago | (#24097527)

Stop being an idiot and read up on it. You can *not* tell. And it certainly does not show up as free space. You can *not* prove OR disprove the existence of another hidden partition. Period. "Trained to look for it", oh please.

Re:Only works if it's default install (0, Interesting)

Anonymous Coward | more than 6 years ago | (#24097881)

Unless you keep backups.

The hidden volume is stored in a 'randomised' area of the main volume that appears to be unused, as such its contents should not change over time. Comparison of the TC volume with any backups may reveal changes to the area of the file corresponding to a hidden volume, indicating its presence.

Add to that halo data, filesystem journals, MRU lists, etc. and the chances are something on your disc will give you away.

TrueCrypt is good enough to hide your data from most types of scrutiny, but don't expect TrueCrypt to protect you from the attentions of a computer forensics laboratory.

Re:Only works if it's default install (1)

HungryHobo (1314109) | more than 6 years ago | (#24097537)

I have no hidden volume. I use truecrypt as a simple and easy way to keep my clients personal data secure.

Re:Only works if it's default install (5, Insightful)

Minwee (522556) | more than 6 years ago | (#24097785)

I have no hidden volume. I use truecrypt as a simple and easy way to keep my clients personal data secure.

No, I'm quite positive that you do have a hidden volume. It's where you're storing all of your terrorist secrets, and unless you reveal the password then this ballpeen hammer has a date with your fingers.

Still don't want to talk? Maybe you just need a little more electricity.

We'll stop when you are able to prove to the nice men who are protecting your country that you _don't_ have a hidden encrypted partition, and then they will let you go.

Re:Only works if it's default install (3, Insightful)

vux984 (928602) | more than 6 years ago | (#24097839)

Unless it has a password that will *securely* wipe the hidden volume when entered, then it only has an illusion of a defence against that which is in reality no more than another example of security by obscurity.

Worse thant that, anyone with half a clue will be working on a clone of the original drive. No point in needlessly potentially damaging evidence. So if your dealing with someone competent, and who has time on their hands to do things right, a secure erase panic password will buy you nothing.

Re:Only works if it's default install (1, Insightful)

patro (104336) | more than 6 years ago | (#24097579)

"There is no way of knowing if that second hidden volume exists unless you have both passwords."

Plausible deniability is not really working here, since it is one of TrueCrypt's main features, so if one has TC installed then it's pretty obvious he wants to hide something.

If one installs TC by choice then he surely doesn't do it just to have it eat up some unused harddisk space.

Re:Only works if it's default install (1)

apathy maybe (922212) | more than 6 years ago | (#24097757)

Actually, I use TC all the time without hidden volumes. I have porn in one, pics of the GF in another, passwords in a third, financial in a fourth. Plus a bunch of "random number" files, which I don't actually have a password for (I forgot them, deliberately).

I don't actually have any hidden volumes though, because I have no real need for it. Of course, if I were to ever travel to the US or some other similar country, I would create a couple and dump all my passwords and financial information in them. (Along with all my anarchist literature and bomb making instructions.)

So yeah, I don't have hidden volumes, but I do have TC installed and I use it.

Re:Only works if it's default install (1)

DarkOx (621550) | more than 6 years ago | (#24097741)

That is not really a solution for most. I suppose its great if you want to hide some criminal activity like you bookie operation you are running, but most people like me the only thing we do want to protect are old tax records, other financials, a personal journal, you get the idea. Are you saying I should produce an entire set of convincing mock financial information just through ppl off the trail. Who has time for that. What would be much more interesting is a good stenography system. I would love to be able to stash that stuff in a 4 hour video of my family reunion or something.

Re:Only works if it's default install (1)

MMC Monster (602931) | more than 6 years ago | (#24097831)

I always wondered how the hidden volume-within-a-volume worked.

Wouldn't the free space in the container volume show that there was something hidden within?

Re:Only works if it's default install (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24097441)

The answer is hidden partition + shemale porn.

Give out the key to the shemale porn partition. No one would blame you for keeping that under encryption...unless of course, you are in a country where having shemale porn is punishable by death.If you have a girl friend (big if) take some semi nude photos of you and her. Very private stuff. Reasonable to keep encrypted..

and so on.

It's simply a matter of coming up with a good excuse in advance and preparing for it.

If you *really* are worried about a prison/torture/interrogation situation, just add layers. Like a terrorist who expects to be tortured for information, make up several plausible stories with lots of detail.

Initially, while you still have your strength you hand out layer after layer of well rehearsed bullshit. When you break, if the internal consistency is good enough the interrogators will have serious trouble determining if you have broken and is now telling the truth, or if you have broken, and is telling them what they want to hear.. or you may not have broken and is feeding another layer of bullshit.

The drawback of this approach is that you will be tortured even more, but your secrets can remain obscured if not hidden.

Re:Only works if it's default install (5, Funny)

houghi (78078) | more than 6 years ago | (#24097763)

Great!. Now everybody will think I have a hidden partition, because I have she-male porn. Uh I mean, never mind.

A good defense... (1)

azuredrake (1069906) | more than 6 years ago | (#24097289)

...against this? [slashdot.org] Or will it just get you in more trouble? What's the community's take on it?

Re:A good defense... (3, Informative)

apathy maybe (922212) | more than 6 years ago | (#24097363)

Yes it is a good defence against that. Border guards aren't going to have enough time to find your encrypted containers while you are there, and if you have to give up your laptop, or if they take a copy of the HD, then they can't access the information because they don't have the password (and they can't force the password out of you, because you have already re-entered the country (assuming you are a yank)).

And if they do find a container, and force you to give up the password http://it.slashdot.org/comments.pl?sid=606473&cid=24097339 [slashdot.org] hidden volumes as described in that post.

"plausible decoy" operating system... (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24097301)

What, like windows?

OK (2, Interesting)

Anonymous Coward | more than 6 years ago | (#24097313)

even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable

In what case would this be useful? If you have an adversary that can force you to give a password, I'm sure they can force you to boot up the correct operating system as well. And if they are in a position to force you to give up the password, it might not be wise to try to play a switcharoo on them.

In the cases where this would actually be useful (with your boss or the government inspections), they will probably have the ability to detect that you are not being entirely truthful. You can hide an operating system in your encryption, but you can't hide gigabytes of hard disk space that is mysteriously missing on probes.

Re:OK (2, Informative)

apathy maybe (922212) | more than 6 years ago | (#24097387)

From the release notes:

Ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed). For more information, see the section Hidden Operating System [truecrypt.org] . (Windows Vista/XP/2008/2003)

It appears to work just like a hidden volume [truecrypt.org] (also described in this post [slashdot.org] ).

In other words, you worry to much, these guys are really really smart.

Re:OK (0)

Anonymous Coward | more than 6 years ago | (#24097393)

Theoretically, the decoy OS could see all of your data as empty space. As long as the encryption program knows enough about the decoy FS, it can leave the decoy portions alone and only write into "empty" spaces.

Of course, running the decoy could overwrite your data. But if you're going to be paranoid, you may as well go all the way.

*I don't know if TrueCrypt works this way or if it even addresses this really obvious problem. But I would hope so.

Re:OK (2, Informative)

leuk_he (194174) | more than 6 years ago | (#24097457)

No..

The decoy OS is not a outer, non hidden volume, it is a seperate partition. You must run the decoy OS regulary so it becomes obvouus it is a used OS. YOu can do safely

Re:OK (1)

meringuoid (568297) | more than 6 years ago | (#24097673)

Of course, running the decoy could overwrite your data. But if you're going to be paranoid, you may as well go all the way.

If you have data of such importance as to require this kind of security, you have backups of it. You don't care if your hidden volume gets overwritten while the secret police are searching your regular volume, because once they're done you can just restore.

Re:OK (0)

Anonymous Coward | more than 6 years ago | (#24097401)

well as far as i know this would work the same way as it would if it were the standard file based encryption.

meaning if someone were to log in using the decoy passcode, it shows as if the rest of the system is free, while in actuality the hidden partiton lies there and can be overwritten if it isn't protected...

Re:OK (1)

hviezda14 (580875) | more than 6 years ago | (#24097413)

The gigabytes of space are not missing, they are presented as empty space. They can only admit that there is too much empty space at the end of filesystem.

Re:OK (1)

linzeal (197905) | more than 6 years ago | (#24097427)

Any sufficiently advanced intelligence agency would have a copy of the laptop hard drive before they even begin to ask questions. the hidden volume presumes they will use your hardware, that is not a well-founded assumption.

Re:OK (2, Informative)

HungryHobo (1314109) | more than 6 years ago | (#24097509)

Not hidden like a physical object. hidden in the "noise" that makes up the empty space on the disk. and there is no way to tell the difference between empty, unused space and a hidden volume.

Re:OK (5, Informative)

HungryHobo (1314109) | more than 6 years ago | (#24097487)

actually you can. with truecrypt I can create an encrypted volume which is just a file on my hard disk. say it's 1 gigabyte. To access it I have to type in my password "secretpass" I see a 1 gigabyte volume. now I can stop there. it's encrypted strongly enough to protect my files. I throw 200 MB of porn/corporate data/personal emails/photos of my girlfriend on there. it shows as 800MB free. Now I create a hidden volume 800 MB in size. In there I put my plans for how to kill every politician, the details of my drugrunning opperation, the plans for a nuclear weapon. etc etc etc. to access this I have to type in my second password "password2" So I boot up truecrypt, select the 1 gig file which is my virtual drive, type in "secretpass". What I then see is a 1 gig drive with 800mb free space and lots of semi-important files. if I open that same file with "password2" I'll see an 800MB drive almost full with highly important documents. There is no missing hard drive space, no hint at all that there is anything but the first drive unless I enter the second password. (side note, if you add files to the first drive then there's a chance that you'll overwrite files on the hidden drive since unless you enter that password as well then truecrypt can't see that it's there.)

Re:OK (1)

MichaelSmith (789609) | more than 6 years ago | (#24097571)

Okay but now I know to look out for people running truecrypt and to ask to see their encrypted volume (rubber hose held behind back at that point) so they show me their partly used 800mb encrypted volume, I image it and start a dictionary attack to get the rest of the info.

Re:OK (3, Informative)

HungryHobo (1314109) | more than 6 years ago | (#24097665)

you seem to have missed the point in a big way. You see a truecrypt container. You hold back the rubber hose or start with the thumbscrews. after much screaming they give you a password. You see a 1 gig volume with 200mb of confidential and mildly valuable files and 800mb of free space. It's is utterly plausible that this is all there is. there are no more files. you've got all you're gonna get. no hidden volume. Now you might try some more torture but your victim is also aware that there is no proof at all that there is any more to find. Perhaps I have a 1 gig volume with 998MB used on the outside with a 2 MB hidden volume where I keep my plans to kill the president. as for a dictionary attack, you haven't ever tried this have you? if there's a decent password then it will take you about a million years(or more) to brute force it using every computer on earth.

Re:OK (4, Informative)

vidarh (309115) | more than 6 years ago | (#24097859)

You miss the point. Anyone who truly has something to hide to the extent of worrying about torture will have an utterly plausible explanation or ten prepared. That won't stop someone who is willing to use torture from continuing until they get more or you have resisted for so long that they believe you are telling the truth when you're saying there is no more.

So when they get the first password, they continue until they get another or they decide there's no way you could have withstood that much. And when they get your second password, they'll still go on in the hope of a third, unless the data they find would totally fill the disk.

Each time you give up something, they'll assume there may be more until they've kept torturing you for a long time without getting any more information.

Re:OK (1)

EvanED (569694) | more than 6 years ago | (#24097719)

I image it and start a dictionary attack to get the rest of the info.

That'll only work if you're using a weak password. This may be the common case, but I doubt it's the common case among people paranoid enough to set up TrueCrypt hidden volumes. For instance, you can't dictionary attack a 12 character, randomly-generated password drawn from a 95-character alphabet (alphanumeric + 33 symbols; ascii 32-126), maybe unless you run a big botnet or work at the NSA.

Re:OK (1)

MichaelSmith (789609) | more than 6 years ago | (#24097765)

Its really the NSA I am talking about.

Re:OK (4, Informative)

ps236 (965675) | more than 6 years ago | (#24097913)

Even the NSA would have to devote a significant part of their resources. 95^12 is over 500 sextillion combinations. So, say you've got a really really fast CPU that can do 1 billion test decrypts a second (which is unfeasibly fast at the current time). It would take that computer over 17 million years to find the password.

So, let's say that the NSA has a million CPUs at their disposal, it would still take over 17 years to decrypt. So, they'd have to be pretty sure that you have some seriously cool porn on your PC before they start devoting 100,000,000 impossibly fast CPUs to the task of cracking your password in a couple of months.

The Storm Botnet would take centuries to hack a random 12 character password (it would cut down on spam though).

Of course, if you choose 'password' as your password it might not take quite as long.

Re:OK (1)

dainichi (1181931) | more than 6 years ago | (#24097587)

...but you can't hide gigabytes of hard disk space that is mysteriously missing on probes.

I dunno. I had a weird bug that made windows think I had a multi peta-byte HDD. an extention on that, and you should be good to go.

Re:OK (1)

houghi (78078) | more than 6 years ago | (#24097793)

I had the same thing happening on a Linux box. File of several Peta bytes. Took a few days until I noticed that the backup was still running making an MD5SUM of the file.

Re:OK (1, Informative)

Anonymous Coward | more than 6 years ago | (#24097925)

Truecrypt will automatically fill the entire hard disk with random encrypted data, so there is no way to tell what is (if anything) contained in unused disk space. From the TrueCrypt documentation Note: When you enter a pre-boot authentication password, the TrueCrypt Boot Loader first attempts to decrypt (using the entered password) the last 512 bytes of the first logical track of the system drive (where encrypted master key data for non-hidden encrypted system partitions/drives are normally stored). If it fails and if there is a partition behind the boot partition, the TrueCrypt Boot Loader (even if there is actually no hidden volume on the drive) automatically tries to decrypt (using the same entered password again) the area of the first partition behind the boot partition where the encrypted header of a possible hidden volume might be stored. Note that TrueCrypt never knows if there is a hidden volume in advance (the hidden volume header cannot be identified, as it appears to consist entirely of random data). If the header is successfully decrypted (for information on how TrueCrypt determines that it was successfully decrypted, see the section Encryption Scheme), the information about the size of the hidden volume is retrieved from the decrypted header (which is still stored in RAM), and the hidden volume is mounted (its size also determines its offset). For further technical details, see the section Encryption Scheme in the chapter Technical Details.

Great - I'll keep my geek-cred (5, Funny)

Chrisq (894406) | more than 6 years ago | (#24097357)

It now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.

Great, I can now maintain my geek-cred by hiding the fact that I sometimes have to boot into Windows to run things like a GPS map updater. No more microsoft on the boot menu.

Sad (5, Insightful)

ebonum (830686) | more than 6 years ago | (#24097385)

It's sad. I often travel between the US and China on business ( I live on the China side ). I've always been careful with sensitive data, but now I'm absolutely fascist. Why? I have no fear of the Chinese government. Besides, I work for a Chinese company. I fear my own country illegally accessing files to which they have absolutely no rights whatsoever.

Honestly. If someone works for the US government, pulls some CEO's laptop at the boarder for "inspection" and gets free access to all the company financials, would they do the right thing? How many semi-intelligent people wouldn't be tempted to start buying stock options or call their best friend with a really good "tip"? Even if they SEC investigated, they would never find the link.

Over the last several years, I've always been treated very respectfully inside China and going to and from. It is in the US, my own country, where I'm treated as if I'm already guilty.

Back to the topic at hand. TrueCrypt is a wonderful product. Everyone should be using it.

Re:Sad (5, Interesting)

slyguy135 (844866) | more than 6 years ago | (#24097871)

I have no fear of the Chinese government.

Wow, what Kool-aid have you been drinking? I've been to China many times too, and love the place, but I'm afraid you're being seriously delusional if you think it's safe to be that blasé around the Chinese authorities. The American search procedures at the US border would indeed be unconstitutional were they conducted in the country, but at least you know up front what the rules are. In China, your rights are vague at best and your recourse to law is minimal. If next time you enter China the border officers did decide they are going to take your laptop away, what could you do about it? Oh, but if they're polite, then that's OK, right?

Fanboyism of China is not helpful to the country and unattractive, so please stop it; it's embarrassing, and even potentially dangerous.

Re:Sad (5, Interesting)

bhima (46039) | more than 6 years ago | (#24097873)

This absolutely mirrors my own experience. I live in the EU and I travel mostly around the EU and Africa. When I get to the US I'm treated as a convicted criminal and I'm a US citizen. I am routinely hassled and threatened by petty dictators of nano-dictorships. Which I find completely bizarre... Hell the security & customs agents in Zimbabwe are more polite than the ones in Atlanta.

Another thing I find complete asinine is that little form you fill out saying where you are going stay while you are in the US. I've been staying at 1600 Pennsylvania ave. for going on 6 years and no one has so much a blinked.

You FAI4L it... (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24097433)

Which is better? (0)

Anonymous Coward | more than 6 years ago | (#24097435)

Truecrypt or rubberhose [iq.org] ?

This message will self destruct in 5 seconds... (0, Troll)

kentrel (526003) | more than 6 years ago | (#24097445)

Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.

I hate when my adversaries force me to reveal my pre-boot password. I'm glad there are geeks out there putting together solutions for all us Secret Agents.
If they could release a version I could use on my watch, it would be perfect

Re:This message will self destruct in 5 seconds... (1)

HungryHobo (1314109) | more than 6 years ago | (#24097549)

does it run linux? If yes they you already can! :D

Re:This message will self destruct in 5 seconds... (2, Insightful)

Capt. Skinny (969540) | more than 6 years ago | (#24097835)

True, a lot of comments here refer to hypothetical situations using over-generalized terminology. But worrying about being forced to give out your password is indeed a legitimate concern.

ebonum describes one example in his "Sad" comment, although his specific concerns probably don't apply to very many of us. A more likely example, however, is if you become the target of a civil suit or a suspect in a criminal case; if (in the US) your computer equipment is seized by law enforcement and they ask for your encryption password, you could face additional criminal charges if you don't give it to them. Now, suppose that you're innocent, or don't feel like rolling over for a tort claim made with malicious intent. Do you really want to hand over all your private data to some cop or investigator who has no business accessing it? It's not as unlikely as you may think.

So yeah, "adversary" is probably a bad word choice, and those who made references to waterboarding are probably fair targets for sarcasm, but the geeks out there are putting together solutions to meet the valid and reasonable needs of the community.

GNAA Penis Rocket To The Moon Project (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24097493)

NiggerMuffin writes
"While most of the US was weeping over Our Lady of Shell's gas prices, and praying to Baby Jesus for Our Lady of Shell to drop her robes and let the juices flow a little cheaper, the overlords at Clowns In Anus released version 1.0 of "Raise The Gas Prices To Make Americans Mad And Accept A Future Iran Invasion" over the long weekend. The new version touts two major upgrades. 'First, RTGPTMAMAAAFII now is easier than ever since this was the tactic used prior to the Iraq war and it just works, and the people are so dumb they're waiting for anything to entertain them, giving you a phenomenal speedup if you have more than one news channel on at the same time.Second, it now has the ability to hide all of your civil liberties, so even if you're forced to reveal your lack of freedoms to an adversary, you can give them one that remains, the right to enjoy the few lethal legal substances such as alcohol and nicotine, among others, while safer alternatives like marijuana remain illegal. Your lack of civil liberties are completely undetectable, thanks to the media mindfuck.' The software has been released under the 'Good Citizen License,' which is not LSD approved."

GNAA Penis Rocket To The Moon:
http://www.gnaa.us/penis-rocket-to-the-moon-project/ [www.gnaa.us]

GNAA Clown Head Love Gloves 'Tongue Painted By Retarded Gay Niggers For Hours of Fisting':
http://www.gnaa.us/fourmoreyears/clownhead.html [www.gnaa.us]

Re-elect mayor penis bird!

  Mayor! I like the sound of that!

  Oh, McFly! Your Anus is untied!

TrueCrypt License (0)

Anonymous Coward | more than 6 years ago | (#24097495)

The summary says it's not OSI approved, for everyone who's not a lawyer and can't be bothered to read all their license page how does it compare to the likes of GPL and others? Is this why it's not on Ubuntu repos?

One question (5, Funny)

Anonymous Coward | more than 6 years ago | (#24097533)

True crypt is fabulous. But is it good enough to hide a body?

Hans

Suggestion: Truecrypt LiveCD -Stealth- Install (0)

Anonymous Coward | more than 6 years ago | (#24097553)

John installs Truecrypt on Windows XP
Jane installs Truecrypt on Linux

Bad guy obtains both John and Jane's hard drives.

What's the first thing the Bad guy's going to notice if he snoops?

Could it be that he'll find the installation of Truecrypt listed on WinXP or Linux? Or the setup or package installation files somewhere on the drive, whether or not they were deleted or not? And how about the Linux package manager, won't they just see it listed as installed and figure, "Hmm... Truecrypt!"

The rise in popularity of Truecrypt will now motivate, if it hasn't already, ways to determine whether or not Truecrypt has been installed or was ever present on the drive as a possible indication of being installed. Even a bookmark for Truecrypt in the browser's bookmarks file, if not encrypted, could flag a potential bad guy to the possibility of Truecrypt being installed.

So what, you say?

My point is, how about a LiveCD of some sort aimed at installing Truecrypt without leaving any pre-installation or current installation traces? Is this possible? Otherwise, there will always be some traces pointing to Truecrypt for most Truecrypt users.

Re:Suggestion: Truecrypt LiveCD -Stealth- Install (3, Informative)

0xygen (595606) | more than 6 years ago | (#24097629)

This is discussed in the "plausible deniability" section of the TrueCrypt docs.

The recommended solution is to ensure you have a plausible use for the existing installation of TrueCrypt, for example some porn or customer records in a separate container, allowing you to deny the existence of the real container.

This means you do not have to put yourself in a situation where you are denying using TC and one tiny mistake could indicate that you have used TrueCrypt when no visible TC volume is present.

On the other hand, I'm sure most of the bootable Linux LiveCDs will continue to include TrueCrypt.
If you want to do it with Windows, use BartPE as discussed in the TrueCrypt FAQ.

Re:Suggestion: Truecrypt LiveCD -Stealth- Install (1)

meringuoid (568297) | more than 6 years ago | (#24097733)

My point is, how about a LiveCD of some sort aimed at installing Truecrypt without leaving any pre-installation or current installation traces? Is this possible?

I suppose so, but is it desirable? You could certainly build a Linux boot image which would mount all disks and make encryption tools available. But normally, the fact that you're using crypto isn't the secret. The adversary has probably already pulled your email records from Echelon, or issued national security letters to your ISP. They know about your use of cryptography. They just don't know your key.

At this point they come around to your house at 3am and drag you off somewhere secret for robust interrogation. They'll probably find your crypto-tools CD anyway. They'll definitely find encrypted data on your hard disk. So you might as well install TrueCrypt wholesale and save yourself some inconvenience.

Re:Suggestion: Truecrypt LiveCD -Stealth- Install (1)

Minwee (522556) | more than 6 years ago | (#24097815)

You could always read about exactly that in the TrueCrypt FAQ [truecrypt.org] , or jump directly to the documentation on Traveller Mode [truecrypt.org] . Other people have thought of this sort of thing before, you know.

Re:Suggestion: Truecrypt LiveCD -Stealth- Install (0)

Anonymous Coward | more than 6 years ago | (#24097899)

dont listen to em, man, they're probably tied to LE and dont want you makin their job harder

I love TruCrypt (1)

EmagGeek (574360) | more than 6 years ago | (#24097577)

But... on one machine, the encryption process hangs frequently, and one time I had to restore from a backup. Other than that, it is pretty much flawless. I can get through a few % each time I reboot before it hangs, so eventually I'll have the whole disk encrypted, but it's going to be a pain..

Anyone know if I can update the version in the middle of a disk encryption? Maybe that'll fix it...

"true fellow geeks" (0, Troll)

blind biker (1066130) | more than 6 years ago | (#24097645)

Heh.

While I guess I can feel some fellowship with other geeks, the Reiser story put a big hunking dent into those ideals. And not because of Reiser's actions, but because of the mindless dolts that defended him in light of all the evidence.

But to the point: I think I'll be installing TrueCrypt on my Eee PC. If I want to just surf the net or play some games with it, or watch a movie, I can alwas boot from an unencrypted USB drive which will run a bit faster. The little laptop has been traveling with me everywhere lately, and I'd hate to have it stolen, but if it is, it's at least a consolation that my files will be safe from indiscrete views.

Breaking volumes (1)

Shadow-isoHunt (1014539) | more than 6 years ago | (#24097657)

If you've got a 30gb volume with a "hidden" volume inside of it, but 10mb of files in it, can't you tell it's got something there by just dumping 30710mb in it(and it'll fail if it does?)? http://www.truecrypt.org/docs/hidden-volume.php [truecrypt.org] makes that seem unlikely, it looks like you'd just totally fuck up your hidden partition if you wrote to the volume... which makes you wonder how long it'll be until a tool is developed for law enforcement specifically designed to fuck up these volumes.

Re:Breaking volumes (1)

HungryHobo (1314109) | more than 6 years ago | (#24097713)

yes you can kill the hidden volume but once law enforcement is dumping files onto your PC you have bigger problems. if that starts happening then I put my data in truecrypt hidden volumes, hide those in the least significant bit of each pixel of my family photos and take my info to La Resistance.

Re:Breaking volumes (5, Insightful)

Splab (574204) | more than 6 years ago | (#24097737)

You know, if law enforcement "fucked up your volume" as you so nicely put it, they have just destroyed whatever evidence you where trying to hide. So why would anyone using true crypt have a problem with that?

Re:Breaking volumes (5, Insightful)

mrvan (973822) | more than 6 years ago | (#24097773)

AFAIK, yes, if you fill the decoy volume it will kill your hidden volume.

which makes you wonder how long it'll be until a tool is developed for law enforcement specifically designed to fuck up these volumes.

They can only do that if they've confiscated your laptop *and* acquired your 'decoy' password. At that point, your only concerns are they not getting your data and you being able to deny the data is there in the first place.

Somebody deleting all your sensitive files is not a bad thing to happen at that point.

Re:Breaking volumes (1)

leuk_he (194174) | more than 6 years ago | (#24097857)

read Hidden OS

You can use the decoy OS without fear of destroying data in the hidden os.

F*CK up hidden volumes still is possible, if done on purpose. For that you need a backup anyway looking at the rate laptops are "lost" on airports.

By the way, a analogy would be that the border police (!) will shoot though the double bottom of your suitcase because you might have something hidden in it.

Independence day? (5, Insightful)

Atti K. (1169503) | more than 6 years ago | (#24097683)

While most of the US was celebrating Independence Day, the true fellow geeks over at TrueCrypt released version 6.0 of TrueCrypt over the long weekend.

That might not be just a coincidence.

NSA backdoor? (5, Funny)

Cur8or (1220818) | more than 6 years ago | (#24097705)

Does anyone know if the backdoor has been made a little more user friendly? The current one takes like 3 minutes to decrypt without the password.

It's not a silver bullet but it's good enough... (4, Insightful)

mrboyd (1211932) | more than 6 years ago | (#24097865)

I have started using TrueCrypt a few months back after my laptop got stolen. I keep two encrypted files on my laptop, one contains my personal stuff like passport scan, bank information etc. and the other the work related important documents such as internal&confidential documents, client information etc. I have buried those files in the system folder and given them name that could pass for system temp files.

I keep a copy of both on a USB key drive and on an external hard drive which never leave my home. As well as a non-encrypted copy because I'm still wondering what happens to that encrypted file if I happen to have a fucked up cluster on the drive at some point.

The rational for using encryption is not that I am afraid of the local authorities, there is nothing on my computer that would cause me any long lasting trouble, despite the fact that I live and work in a limited freedom area (Middle East), but simply to avoid opportunity theft.

For example I can't recall how many time one of my clients or partner handed me a usb key drive containing all his companies financial statement, bank account number, internal price list with profit margin, internal memo, personal info and the wifey's naked picture so that I could copy them a few documents and then forgot about the keydrive because we kept chatting.

Sometime I too need to get some files from them and I don't want to look like I'm watching them while they dig around my keydrive. I now know that everything a casual observer should not see is encrypted so I don't mind throwing my key drive over the table to someone I don't know.

I don't understand the paranoid people here who believes in plausible deniability, decoy drive and other such thing. I also wonder if the same people only use their computers in safe room with controlled EM environment and bullet proof shade.
I didn't know either that so many people carried state secrets around international airports. To those I will say that if the NSA/FSB/Interpol/MI4/Mossad/Mafia or even the local police wants the content of your drive they will get it. period. It doesn't matter what you do. Unless of course you also work for one of the aforementioned in which case you might have been trained to accept that your life is worth less than the content of said drive.

I have never been subjected to physical or psychological torture (aside from clients and some ex-gf of course) but I am not Jack Bauer and I would "come clean" very quickly. I would give the real password, not the decoy, because I believe consequences would certainly worsen my situation if my interrogators were not convinced.

I am also pretty sure that the simple sentence: "The accused has so far always refused to give his encrypted drive password." would certainly help convincing a jury beyond "reasonable doubt" (In countries where such thing even exists).
Some people here should start to seriously look at themselves and wonder if what they are trying to hide is really worth it or if it's just about mommy not finding their downloadable girlfriend picture collection.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?