Truecrypt Update

I figured it would be pertinent to update everyone on the Truecrypt situation. Ultimately, very little has changed and we don’t know all that much. Matthew Green had an exchange with Steven Barnhart on Twitter essentially stating that the development team simply got tired of updating the software and that this action was unrelated to the audit.

My belief that this shutdown was at the request of a government agency persists despite information flowing through to the contrary, and there are a few anecdotal indications that seem to indicate that the page posted to the website was a canary, remembering that directly stating that development has been discontinued due to the receipt of a NSL would violate the order’s secrecy provision and the likely result would be the party responsible would face a secret court. So, one can understand why double talk and innuendo are required when so much is at stake.

Posters on Bruce Schneier’s blog have pointed out the strange wording of the statement, “using Truecrypt is not secure as it may contain unfixed security issues”; perhaps they were specifically ordered not to fix a certain vulnerability in the code and instead wound up the project. Perhaps the statement on their website (emphasis mine) is a warning of such interference.

The other curious thing is that requests to resources on truecrypt.org return a 410 (Credit: Andy). The 410, according to the hypertext RFC is used “if the server knows …. that an old resource is permanently unavailable … This status code is commonly used when the server does not wish to reveal exactly why the request has been refused”

Of course we are all just speculating. If the developers of the project truly wished to wind up their operations and everything was otherwise okay they would not have acted in this manner. Advising users of Windows to migrate to Bitlocker is anathema to the majority of TC’s userbase. A simple note on the website that the project has been discontinued due to a lack of funds/time/support/devs/etc. would have been far better and leave less questions surrounding the true circumstances of their abrupt exit from the market. Indeed, despite the fact that old and unmaintained software can have unpatched vulnerabilities, most would leave their full project page and download area active, albeit with the above caveat attached. A statement to the effect that they are abandoning the source code into the public domain or relicensing the code code with a FOSS-friendly license would have also been the responsible thing to do – allowing others to fork and build on the work that you started. Indeed, even if they did all of the above a fork may not be the best idea given the source code may be encumbered with non-free components (those unaware of the E4M controversy that occurred early in the life of TC should view the History section of the project’s Wikipedia page for a brief primer).

The smartest thing – moving forward – would be for a new project to begin. This project would aim to create a functional replacement for Truecrypt whilst not necessarily using TC code nor providing backward compatibility will provide a modern full disk encryption suite primarily for Windows systems.

The project should:

  1. support GPT/UEFI
  2. have an on-disk format compatible with LUKS or dm-crypt
  3. use a crypto accelerator if the motherboard has one fitted
  4. have a simple user interface and comprehensive help where options are unclear

Essentially all of the above (with the exception of points 1 and 3) were implemented in FreeOTFE almost ten years ago. The latter has also become abandonware but its source code – along with the Linux kernel source for LUKS and its associated modules – would be useful for someone attempting a (near) clean room re-implementation.

For the moment – the average Windows user has three choices. They can continue to use the deprecated v7.1a of Truecrypt despite the ominous warning, they can migrate over to a commercial solution like Bitlocker or PGPdisk or they can switch to a platform that has decent and open source FDE such as Linux or FreeBSD. The use of file based encryption tools is also a possibility but one fraught with danger on Windows, which is liable to leave unencrypted copies of your data everywhere (e.g. thumbnail caches, browser cache for viewed hypertext files, filenames at the very least stored in recent document lists, etc.).

As I said earlier, when the Snowden disclosures were brand new and still leaking out in a piecemeal fashion from the Guardian et. al. – the NSA have started something big, and the cumulative results of what amounted to them shaking the crypto-tree hard enough for some apples to fall out will be felt for a long time and result in definite changes to the way we conduct business and confidential transactions online. I believe that we are perhaps witnessing the opening salvos of a war between the government agencies and privacy advocates and the hackers who make privacy software happen. The EFF probably needs our support and funding, so if anyone has a spare few dollars and wants to donate to a good cause, the EFF is certainly a worthy foundation.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s