bit-tech.net

Go Back   bit-tech.net Forums > bit-tech.net > Article Discussion

Reply
 
Thread Tools
Old 29th May 2014, 11:38   #1
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,271
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
TrueCrypt downed by alleged insecurities

Snowden's favourite holed.
http://www.bit-tech.net/news/bits/20...uecrypt-down/1
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter | keybase.io
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is offline   Reply With Quote
Old 29th May 2014, 12:34   #2
Umbra
Supermodder
 
Umbra's Avatar
 
Join Date: Nov 2013
Location: Beneath a steel sky
Posts: 555
Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.
Quote:
This is echoed by a tutorial on the official website detailing how to migrate to Microsoft's BitLocker encryption platform.
Bitlocker, that's real safe. no back-door access there
__________________
“Success is 99 percent failure” Soichiro Honda

Skulduggery - case mod

Motorcycle Action Group. The Right to Ride.
Umbra is offline   Reply With Quote
Old 29th May 2014, 12:40   #3
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,271
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
Quote:
Originally Posted by Umbra View Post
Bitlocker, that's real safe. no back-door access there
That's one of the clues that might point to an NSL. "Hey, why not use this proprietary software which almost certainly has a back-door in it. IT'S DEFINITELY MORE SECURE THAN THIS ONE. Nudge nudge, wink wink, say no more."

There's a tactic which relies on a loophole in the law: post a message saying "WE HAVE NOT BEEN SUBJECT TO A NATIONAL SECURITY LETTER." If you get an NSL, take the message down. Technically you're not breaching the gag order: you haven't told anyone you've received an NSL. 'Course, it's not something I'd fancy trying myself - reckon a judge would probably find you've broken the spirit of the law, even if you've abided by its precise wording...
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter | keybase.io
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is offline   Reply With Quote
Old 29th May 2014, 13:21   #4
Umbra
Supermodder
 
Umbra's Avatar
 
Join Date: Nov 2013
Location: Beneath a steel sky
Posts: 555
Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.
It must be very hard to stand up against the likes of the NSA if they have made a multi-pronged attack on you, if the developers have discovered an existing back door, inserted into the code by a government agent pretending to be a valued contributor and the project has been hijacked and finally they received a NSL that's a lot to deal with, I'm only surprised it has not happened before or maybe they ignored previous threats and this time the NSA have ramped up the pressure, and as you say, the law would inevitably come down against you.
__________________
“Success is 99 percent failure” Soichiro Honda

Skulduggery - case mod

Motorcycle Action Group. The Right to Ride.
Umbra is offline   Reply With Quote
Old 29th May 2014, 19:33   #5
RTT
#parp
 
RTT's Avatar
 
Join Date: Mar 2001
Location: London
Posts: 14,029
RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.RTT is the Cheesecake. Relix smiles down upon them.
Quote:
Originally Posted by Gareth Halfacree View Post
That's one of the clues that might point to an NSL. "Hey, why not use this proprietary software which almost certainly has a back-door in it. IT'S DEFINITELY MORE SECURE THAN THIS ONE. Nudge nudge, wink wink, say no more."

There's a tactic which relies on a loophole in the law: post a message saying "WE HAVE NOT BEEN SUBJECT TO A NATIONAL SECURITY LETTER." If you get an NSL, take the message down. Technically you're not breaching the gag order: you haven't told anyone you've received an NSL. 'Course, it's not something I'd fancy trying myself - reckon a judge would probably find you've broken the spirit of the law, even if you've abided by its precise wording...
Indeed, basically this. Those were my first thoughts too.
__________________
This post is non-negotiable. All terms and conditions apply.
Free UK Motorcycle classifieds - Buy a Motorbike
RTT is offline   Reply With Quote
Old 30th May 2014, 07:19   #6
forum_user
forum_title
 
Join Date: Jan 2012
Posts: 240
forum_user has yet to learn the way of the Dremel
It's ironic that an agency expected to provide people with security and safety is rendering the IT world insecure and unsafe.
forum_user is offline   Reply With Quote
Old 30th May 2014, 09:29   #7
Corky42
I Mod, Therefore I Own
 
Join Date: Oct 2012
Posts: 3,104
Corky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming SaiyanCorky42 is a Super Spamming Saiyan
I'm not so sure about some secret government agency forcing them to shut up shop, it's not like someone couldn't fork TrueCrypt like these guys in Sweden.

TBH i just think the TrueCrypt guys got fed up with it after 10 years and decided to call it a day.

EDIT: Not sure how much to trust the source of the following...

And then the TrueCrypt developers were heard from!
https://www.grc.com/misc/truecrypt/truecrypt.htm
Quote:
Steven Barnhart (@stevebarnhart) wrote to an eMail address he had used before and received several replies from “David.” The following snippets were taken from a twitter conversation which then took place between Steven Barnhart (@stevebarnhart) and Matthew Green (@matthew_d_green):

TrueCrypt Developer “David”: “We were happy with the audit, it didn't spark anything. We worked hard on this for 10 years, nothing lasts forever.”
Steven Barnhart: (Paraphrasing) Developer “personally” feels that fork is harmful: “The source is still available as a reference though.”
Steven Barnhart: “I asked and it was clear from the reply that "he" believes forking's harmful because only they are really familiar w/code.”
Steven Barnhart: “Also said no government contact except one time inquiring about a ‘support contract.’ ”
TrueCrypt Developer “David”: Said “Bitlocker is ‘good enough’ and Windows was original ‘goal of the project.’ ”
Quoting TrueCrypt Developer David: “There is no longer interest.”

Last edited by Corky42; 30th May 2014 at 09:34. Reason: Adding Info
Corky42 is online now   Reply With Quote
Old 31st May 2014, 05:24   #8
brave758
Ultramodder
 
brave758's Avatar
 
Join Date: Apr 2009
Location: all over
Posts: 1,139
brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.brave758 is definitely a rep cheat.
Tinfoil hat at the ready
__________________
The PC : X99 Deluxe = Crucial 16gig@2400= i7 5820K EKWB = PA 120.3 Rad = EKWB EVGA 780 ti classified SLI = Corsair AX1200i PSU = Mountain Mods U2-UFO= 2 x M4 SSD raid 0
Laptop : Alienware M17XR3, 2960xm, 16g corsair vengeance 1600, crucial M4 256, GTX680M 4gig, 3D, Killer networks wifi card.
Our lives begin to end the day we become silent about things that matter. (Martin Luther King)
brave758 is offline   Reply With Quote
Old 31st May 2014, 13:37   #9
Umbra
Supermodder
 
Umbra's Avatar
 
Join Date: Nov 2013
Location: Beneath a steel sky
Posts: 555
Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.Umbra is definitely a rep cheat.
Time to panic?

No. The TrueCrypt development team's deliberately alarming and unexpected “goodbye and you'd better stop using TrueCrypt” posting stating that TrueCrypt is suddenly insecure (for no stated reason) appears only to mean that if any problems were to be subsequently found, they would no longer be fixed by the original TrueCrypt developer team . . . much like Windows XP after May of 2014. In other words, we're on our own.

But that's okay, since we now know that TrueCrypt is regarded as important enough (see tweets above from the Open Crypto Audit and Linux Foundation projects) to be kept alive by the Internet community as a whole.

So, thanks guys . . . we'll take it from here.


The original devs may not like it but it looks like the code will be forked, the current licensing restrictions removed, and it will evolve. The name will be changed because the developers wish to preserve the integrity of the name they have built. They won't allow their name to continue without them. But the world will get some future version, that runs on future operating systems, and future mass storage systems.

There will be continuity . . . as an interesting new chapter of Internet lore is born.
__________________
“Success is 99 percent failure” Soichiro Honda

Skulduggery - case mod

Motorcycle Action Group. The Right to Ride.
Umbra is offline   Reply With Quote
Reply

Tags
back door, bitlocker, cipher, cryptography, edward snowden, encryption, insecurity, nsa, nsl, open source, privacy, security, truecrypt, us government

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 18:18.
Powered by: vBulletin Version 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.