WARNING: Using TrueCrypt is not secure

>>42165014
>The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.
The fuck is this shit?

File: tumblr_lgzmdwzXAz1qfq7td.gif (486KB, 200x123px) Image search: [Google]

486KB, 200x123px

>>42165042
You have GOT to be shitting me

Also relevant: http://istruecryptauditedyet.com/

who gives a shit unless you're a pedophile

oh wait, did I struck a nerve OP?

This is a joke, right?

File: 1401208512380.jpg (61KB, 444x325px) Image search: [Google]

61KB, 444x325px

>>42165073
>assuming

dafuq happened

File: .jpg (54KB, 484x519px) Image search: [Google]

54KB, 484x519px

>nsa probed software is not safe

>>42165103
NSA got to the TrueCrypt devs

File: Screen Shot 2014-05-28 at 15.18.54.png (492KB, 703x6152px) Image search: [Google]

492KB, 703x6152px

Is this real life?

>>42165014
>http://truecrypt.org/
holy shit?

are we getting shilled?

>>42165073
Nothing wrong with being a pedo. Fuck off.

Encrypting your data is soooo 1980.

File: Screen Shot 2014-05-28 at 15.20.42.png (264KB, 703x1833px) Image search: [Google]

264KB, 703x1833px

This looks sketchy as fuck. Why would windows XP support ending be a reason to discontinue the project?

Thank God the source is available, hopefully somebody continues the project.

>>42165127
i bet your uncle abused you at family meetings

Uhh guys, I have truecrypt encryption, what do?

>>42165151
Site probably got hijacked.

>>42165173
Nothing.

>that Microsoft advertisement
MAXIMUM VIRAL MARKETING

What the fuck is happening, has their website just been hacked and defaced and this is some meta-joke rite?

>>42165173

hand yourself to the authorities now, save them some gas.

>>42165173
Decrypt it and migrate to Bitlocker

>>42165173
Install Gentoo.

d

>>42165173
>tripfag
>pedo
Why am I not surprised?

>WARNING: Using TrueCrypt is not secure

Protip: Nothing is secure.

Wait...
They want us to migrate from a potential NSA corrupted disk encryption technique to a 100% NSA corrupted disk encryption technique?

you'd have to be stupid to use bitlocker if you live in the US

>>42165196
That's the suspicious part, how do we know this isn't a scam? Bit Locker is closed source and practically guaranteed to have a backdoor in there. Is this a ruse?

>>42165203
>if you use truecrypt, your an pedophile!!!

Nice logic, dummy

>>42165203
They don't count if they're 2d, anon.

>>42165230
What else would someone on /g/ be using it for?

WHAT THE FUCK?

http://truecrypt.sourceforge.net/OtherPlatforms.html
http://truecrypt.sourceforge.net/OtherPlatforms.html
http://truecrypt.sourceforge.net/OtherPlatforms.html
http://truecrypt.sourceforge.net/OtherPlatforms.html
http://truecrypt.sourceforge.net/OtherPlatforms.html
http://truecrypt.sourceforge.net/OtherPlatforms.html

>>42165242
Tell that to a judge.

>>42165227
>Bit Locker is closed source and practically guaranteed to have a backdoor in there

So is Microsoft Windows. If you're using a proprietary OS, then you're already fucked.

>>42165245
400gb of rms images

It's over you guys, it's over.

>>42165263
I was joking but okay.
There's no laws against drawn pornography in the US anyways.

File: thefuckdidyoujustsaytome.png (2MB, 1280x720px) Image search: [Google]

2MB, 1280x720px

>>42165014
What.

Are they seriously telling us to switch to "encryption" by Microsoft which is 100% guaranteed to given a master key to the NSA which will decrypt any bitlocker encrypted files/disks?

I must be getting trolled right now. Please tell me I'm being rused.

DO NOT DOWNLOAD THE INSTALLER
IT COULD BE ANYTHING

>warning: our audit has revealed that the NSA are truecrypt, but we can't say that
>warning: our audit has revealed that the NSA are truecrypt, but we can't say that
>warning: our audit has revealed that the NSA are truecrypt, but we can't say that
>warning: our audit has revealed that the NSA are truecrypt, but we can't say that

File: laughing-005.gif (2MB, 320x180px) Image search: [Google]

2MB, 320x180px

>>42165279
>There's no laws against drawn pornography in the US anyways.

>>42165294
link

File: 1365049506188.gif (1MB, 720x480px) Image search: [Google]

1MB, 720x480px

F U C K

>>42165302
Are you retarded?

>>42165294
Fucking this. It's Lavabit all over again.

File: 1381929990027.jpg (6KB, 344x240px) Image search: [Google]

6KB, 344x240px

>>42165265
>rms nudes

>>42165302
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

>The key used to encrypt the TrueCrypt Volume Header is derived using PBKDF2, a standard key derivation algorithm5. Developers are responsible for specifying an iteration count that influences the computational cost of deriving a key from a password. The iteration count used by TrueCrypt is either 1000 or 2000, depending on the hash function and use case. In both cases, this iteration count is too small to prevent password guessing attacks for even moderately complex passwords. The paper that introduces scrypt6, an alternate key derivation function, demonstrates the challenge of using PBKDF2 even with a very high iteration count – brute-forcing key derivation is easily parallelized and becomes more efficient each year with ad- vances in CPU performance. The use of a small iteration count in TrueCrypt permits efficient brute-force attacks against its header key.

>>42165297
>so lazy they couldn't even be bothered to reverse the blue haired girl's spit take

>http://truecrypt.org/

>truecrypt is kill
>no

File: 1393724981077.png (292KB, 576x432px) Image search: [Google]

292KB, 576x432px

This has to be a hack on their site and sourceforge, right?

R-right?

>mfw Truecrypt has been sending keys to the NSA for years

File: Maximum-Edge-with-Logo-033112.png (147KB, 858x236px) Image search: [Google]

147KB, 858x236px

>>42165187

>>42165273
IT's all Ogre now!!

>>42165014
FUCKFUCKFUCK

This better be a bad joke or a hack.

BitLocker is a backdoored joke. What happenedd to truecypt ? I thought the Audit didn't find any gamebreaking flaws ?

File: 1262930814339.jpg (5KB, 251x189px) Image search: [Google]

5KB, 251x189px

>>42165343
>>mfw Truecrypt has been sending keys to the NSA for years


Please don't say that.

>>42165014

who the fuck cares, if the feds wanna look they can look, I just need to keep my saucier fetishes away from my family and friends.

File: fuuuck.gif (1004KB, 360x359px) Image search: [Google]

1004KB, 360x359px

>>42165306
IT'S HAPPENING
>>42165332
IT'S ALL OGRE

any freetard alternatives?

Holy fuck what happened? Either:

1. Microsoft hijacked the site
2. Truecrypt devs have been found by authorities and are telling us to not use it
3. Script kiddies hijacked the site

>>42165369
GNU with Linux added

>>42165369
luks, dm-crypt

>>42165360
The audit revealed intentional vulnerabilities, but they don't dare say anything about it, so they're simply going to abandon it rather than risk being tried for treason like Snowden was accused of.

>If you have files encrypted by TrueCrypt on Linux:

>Use any integrated support for encryption. Search available installation packages for words encryption and crypt, install any of the packages found and follow its documentation.

It's not unlikely the main developer(s) got pressured on by NSA/Secret Intelligence Agencies to encourage its users to switch to a much less secure encryption method. It's like Sabu, he either works with the FBI or gets massive jail time:

>Hey, your software is used by pedos and terrorists, you are either enabling them and supporting them (we will see you in court) or you discourage users from using your software ever again. FYI: we have a case and you will see jail time for at least thirty years in a maximum security facility. One hour of fresh air a week.
>O-ok NSA-san

>>42165372
>2. Truecrypt devs have been found by authorities
You are now only allowed to use encryption approved by the NSA.

File: 1401124285094.png (191KB, 1248x1284px) Image search: [Google]

191KB, 1248x1284px

>you will never move your mouse randomly in the window again

>>42165014
Just checked the sig on the binaries on that page.

They were signed with the same key that was used to sign all the previous versions.

gpg: Signature made Tue 27 May 2014 12:58:45 PM EDT using DSA key ID F0D6B1E0
gpg: Good signature from "TrueCrypt Foundation <[email protected]>"
gpg:                 aka "TrueCrypt Foundation <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: C5F4 BAC4 A7B2 2DB8 B8F8  5538 E3BA 73CA F0D6 B1E0

It looks legit.

>>42165249


they apparently have a new trucrypt version, but why?

>>42165403

dm crypt + luks

>>42165369
www.getsafe.org

>>42165332
Well fuck, if I set up a dual boot and have luks encrypt the entire drive will it be able to load Windows from grub?

What the fuck, I thought the TC dev could protect their anonimity. Looks like the Govt found them.

>>42165411
The key may have been compromised.

>not using luks
how stupid are you?

>>42165411
TrueCrypt devs obviously gave the keys to NSA-sama

>>42165332
This is from February.

>>42165430
Yeah because LUKS can do hidden volumes right?

File: 1394560002537.png (34KB, 715x224px) Image search: [Google]

34KB, 715x224px

That sucks for people that have sensitive info. There's no better time then right now to look for FOSS shit.

Anyway, all I ever used Truecrypt for was to secure my tax info and porn that I used to wank off too.

>>42165324
Rule 34, create the first RMS porno.

Featuring a GNU fucking RMS.

>>42165455

It's better than being backdoored.

File: sadbird.png (59KB, 249x276px) Image search: [Google]

59KB, 249x276px

http://sourceforge.net/projects/truecrypt/files/TrueCrypt/

> All previous versions has been deleted
> Only version 7.2 available
> Uploaded less than 2 hours ago

Oh god what is going on.
Surely this has to be some kind of scriptkiddie buttcoin botnet shit.

Surely the actual TC devs CAN NOT be telling everyone to use NSAlocker.

>>42165455
>muh hidden volumes

>>42165455
hidden volumes are a gimmick

>>42165466
Where's the proof of truecrypt backdoors?

>>42165073
>if you have nothing to hide then you don't need privacy
lel

>>42165470
see:
>>42165411

>>42165455
If what you have is that sensitive, then it needs to be on an airgapped laptop that you bought specifically for that purpose and keep hidden somewhere until it needs to be accessed

File: 007_edward_snowden_winning.jpg (472KB, 1000x1000px) Image search: [Google]

472KB, 1000x1000px

DO NOT INSTALL IT
O

N
O
T

I
N
S
T
A
L
L

I
T

>>42165474
>>42165473
How are they a gimmick?
You realize you can be detained indefinitely by not giving up keys, right?
http://www.techdirt.com/articles/20120124/17260917532/judge-says-americans-can-be-forced-to-decrypt-laptops.shtml

>>42165481
what are you hiding?

>>42165455
Cool, forensic software analyzes the disk you fucking idiot.
OnTrack and nCase can find anything you hide no matter how well you think you have hidden it.

TrueCrypt = Honeypot confirmed.

Enjoy your life long prison sentences you fucking pedos.

>>42165477
They are guilty unless the contrary is proven. And don't link me to that viral marketed public audit executed with the help of NSA funds.

>>42165489
You realize you will be detained indefinitely if the gubmint thinks you a terror?

>>42165332
That's old and not a critical flaw. It's just the header's key and it's just a bruteforce, it doesn't work on long complex passwords.

If that's just the problem, then patch the header to use scrypt and the problem is solved, that's not a reason to ditch the whole truecrypt project.

There's a reason to this. Wait and see, but DO NOT DOWNLOAD ANYTHING NOW. NOT TRUECRYPT AND CERTAINLY NOT BITLOCKER.

>>42165489
You can be detained indefinitely for any reason or no reason. It doesn't matter in the Socialist Republic of America.

>>42165489
http://www.techdirt.com/articles/20130425/08171522834/judge-says-giving-up-your-password-may-be-5th-amendment-violation.shtml

>>42165483
Yes, because you're either a super secret spy who needs extremely hardened security or you don't need security at all.

>>42165477

http://truecrypt.org

>WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

Also, see >>42165470

> All previous versions has been deleted
> Only version 7.2 available
> Uploaded less than 2 hours ago

If you can't use deductive reasoning to see that something weird is going on, then go ahead and keep using truecrypt.

>>42165497
It can find a truecrypt volume, but not a hidden volume.

>>42165490

my tax information, personal info, passwords, private family photos, work related things, etc

if i lose my laptop I would rather not a thief have access to that info

now pls go away shill

>>42165530
Incorrect.
It scans for binary data present on the disk itself.
Just because it can't be seen on an operating system doesn't mean the 1s and 0s are invisible when its analyzed.

Data doesn't work that way.

File: 1397126548107.jpg (18KB, 407x379px) Image search: [Google]

18KB, 407x379px

are passworded zip files professional?

>>42165525
As far as we know they are being bullied by the NSA to trick users into using what is almost certainly backdoored methods of encryption, at least in the case of their OS X and Windows suggestions.
The only right thing you suggested is being wary about TC.

https://www.indiegogo.com/projects/the-truecrypt-audit#activity

>8 hours ago
>p.s. We hope to have some *big* announcements this week, so stay tuned.
>8 hours later
>WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

T O P K E K

Pedophile status
[x] blown the fuck out
[_] told
[_] not told

>>42165549
>It scans for binary data present on the disk itself.
And how does it do that when it's encrypted multiple times?

>Just because it can't be seen on an operating system doesn't mean the 1s and 0s are invisible when its analyzed.
Learn how encryption works, holy fucking shit.

>>42165411
Does ANYONE have the old 7.1a sources so we can do a diff with the new ones? This may be interesting

File: 1_1vhnbd.jpg (64KB, 591x770px) Image search: [Google]

64KB, 591x770px

>>42165014
>http://truecrypt.org/
FUCK i don't have 7.1a installer and these niggers deleted it

https://twitter.com/search?q=%23truecrypt

https://www.indiegogo.com/projects/the-truecrypt-audit#activity
>p.s. We hope to have some *big* announcements this week, so stay tuned.


Holy shit.

>>42165549
That's not how TC hidden volumes work, anon.
I know my shit and you're wrong, really.

The normal volume and hidden volume share the SAME data on disk. You can't tell if there is a hidden volume on top of the regular volume without bad heuristics.

>>42165582
https://github.com/DrWhax/truecrypt-archive

File: tc.png (72KB, 624x476px) Image search: [Google]

72KB, 624x476px

the new utorrent 2.2.1?

File: you_will_never_live_in_a_free_world.png (589KB, 640x702px) Image search: [Google]

589KB, 640x702px

It wasn't free enough...

>>42165608

>lel, fuck NSA
>uses a tripcode on 4chan

wow

>>42165014
>trusting your data with a proprietary system like Bitlocker

dm-crypt masterace reporting in

>>42165605
>>42165605
http://online.wsj.com/article/PR-CO-20130520-908344.html

http://www.forensicswiki.org/wiki/TrueCrypt

http://betanews.com/2013/07/17/tchunt-can-uncover-hidden-truecrypt-volumes-on-your-drives/

Theres loads more but I have to remove them because of spam filter.


etc etc
Its easy to find. Running though free space in OnTrack can even find it and that software is garbage.

Legit elite haxor here.

I'm downloading the new TC 7.2 and doing a quick analysis of the binary to check for potential obvious backdoors/big changes.

Please DO NOT trust the new binairies until we have more info. Even if the source looks harmless, the binary is not guaranteed to match the source anymore.

>>42165672
in the meantime can someone run a diff on the source code?

>>42165542
>tax information
hiding the information your goverment already has. Brilliant.
>personal info
not everyone cares when your mother's birthday is or where you're drinking with friends next week
>passwords
slightly valid, but don't you need a password for your encrypted drive too? That makes it redundant
>family photos
who the fuck would be interested in your mother's birthday photos, again?
>work related things
do you work in NASA or something? Or is that just some lifetime statistic of burgers you flipped at McDonald's?

>if i lose my laptop I would rather not a thief have access to that info

>implying a thief gives a shit about data and not the device itself to sell for crack
kek

my tinfoil hat literally just tipped itself from the enlightenment coming from you

>Finally start to use firefox + privacy addons and whatnot
>start using Linux on my laptop
>Encrypt my data with truecrypt
>all the encrypting is now useless.

What should I use now? (On windows)

>>42165605
>>42165605
>Previous versions of encrypted containers may be found in the journaling filesystems. It is important to track any changes within the free space of the outer container to detect presence of a hidden container.

Again, EnCase and FTK can detect these with ease by scanning access data.

>>42165689
>hiding the information your goverment already has.
Not everything is about fighting the government.

>>42165692
kill yourself

>>42165692
dm-crypt/LUKS

It was actually audited and it's a kernel module.

So

>TrueCrypt has been compromised by the NSA as of this version and the current/future version has a backdoor

>TrueCrypt has been compromised by the NSA and has been discontinued

>TrueCrypt has been compromised by the NSA and all versions, past and future, are no longer safe

Which is it?

>>42165660
The term they use are misleading.

They identify "Truecrypt volumes" that are hidden. Not "Hidden truecrypt volumes" just "Truecrypt volumes". That happen to be hidden, even outside a partition if you want, the soft will find it. But it can't tell if it's a regular volume or a hidden volume.

>This project has been temporarily blocked for exceeding its bandwidth threshold
>This project has been temporarily blocked for exceeding its bandwidth threshold

HAHAHAHAHAHA FINALLY THE COVER FALLS

YEARS AGO I TOLD YOU BUT YOU WOULDN'T BELIEVE ME

ANYONE USING TRUECRYPT RIGHT NOW ITS BEST BET IS TO LEAVE THE COUNTRY AND GO TO CONGO OR SOMETHING

BECAUSE THEY ARE COMING FOR YOU
AND THEY WILL GET YOU

>>42165711
YOU CAN'T USE THAT ON WINDOWS. CAN YOU NOT READ?

>>42165711
Is there really nothing else?
What if dm-crypt/LUKS 'fails' so to speak, and is no longer safe?

>>42165722
>>>/v/
>>42165723
>Is there really nothing else?
no

>>42165689

>what is identity theft

you think a laptop thief doesnt care about the data on a computer? what are you retarded? way more money can be made selling personal info than selling stolen hardware. selling a stolen laptop is fucking retarded unless you want to go to jail

File: GNU+Linux.jpg (122KB, 600x600px) Image search: [Google]

122KB, 600x600px

>>42165692
>windows
Come, it is time.

>>42165718
I'm sorry, I couldn't understand you with all that tin foil. What are you saying exactly?

>>42165660
Nothing in those links says any software can find HIDDEN volumes.
Hidden volumes are basically true crypt volumes inside of a truecrypt volume.

>>42165697
>>Previous versions of encrypted containers may be found in the journaling filesystems
Well, yes. If you're journaling a hidden volume, you're really asking for it. The point of hidden volumes is plausible deniability, if you're actively shooting yourself in the foot, of course it doesn't work.

You're supposed to use the regular volume regularly to make analysis night impossible. And no journaling.

ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING ITS HAPPENING

>>42165752
muh games
muh photoshop / Lightroom
I'm sorry. I would love a full GNU/Linux setup but I just can't miss those things.

>Everyone suggesting LUKS when it can't even do hidden volumes.

>>42165722
you'd have to run it in a vm, but still seems risky if the key can get swapped into the page file

>>42165778
>muh games
buy a ps4
>muh photoshop / lightroom
your not an prof. photography. you can get by with gimp

>>42165778
Wine.
Wine and Wine.

You'll be fine.

>>42165782
>muh hidden volumes
what do you need that gimmick for?

>>42165750
>implying niggers or russian immigrants are capable of doing anything like that
once they get your thing it's gonna take them approximately 5 minutes to sell it in a pawn shop

>tfw no babby easy encryption anymore
>I now have to figure out dm-crypt

Any place where I can start?

>>42165801
Go learn what plausible deniability is, retard.

File: 1325371744051.jpg (57KB, 528x384px) Image search: [Google]

57KB, 528x384px

>bitlocker

It's true that TrueCrypt has a backdoor. Of course they won't admit it on their website, because they have been asked not to... Long story short, I have a friend who knows somebody that works in high places.

>>42165689

you're a fucking retard

https://www.alchemistowl.org/arrigo/truecrypt-7.1a-7.2.diff.gz
https://www.alchemistowl.org/arrigo/truecrypt-7.1a-7.2.diff.gz
https://www.alchemistowl.org/arrigo/truecrypt-7.1a-7.2.diff.gz

>CTRL + F
>nsa
>162 results

It's over, Truecrypt is finished.

so is version 7.2 and onwards not safe?

>>42165832
finally, someone we can definitely trust

>the source diff actually looks legit
https://gist.github.com/anonymous/e5791d5703325b9cf6d1

Well, guys... TryeCrypt was secure, I'm sure. There was a case where a guy denied the hard drive contained anything, and got away with it because forensics can't confirm a drive actually contains encrypted data if whatever encrypted it doesn't leave a signature... which TC doesn't. Plausible deniability.

If you guys followed those guidelines to be able to use plausible deniability in your favor, then even if they catch you, you'll be fine... of course, people like Snowden, Assange and so on are not being perused by law, but by butthurt states of murrica.

Unless you're Assange or something, being pedo or pirate stuff, as long as you followed the aforementioned guidelines, you're fine.

Also, BitLocker is probably better than nothing. Even if they released the source code, you would not be able to spot a fucking backdoor even if it was under your fucking nose; less than half of you actually know shit about cryptography, let alone programming.

>>42165782
It's the next best thing.

Truecrypt is the best. Except it just lost all credibility for the next 10 years.

Anyone using TrueCrypt from now on is really asking for trouble, unless they have a VERY good explanation for this.

>>42165796
Not him but
>your not an prof. photography. you can get by with gimp
You've obviously never used GIMP. It can't open RAW photos and doesn't support 16bpc.
You need to use something like ufraw which is VASTLY inferior to lightroom.

>>42165836
what a meaningful argument :^)

>>42165818
>implying plausible deniability is of any use when the gubmint wants your data
get a load of this goy

>>42165849
see >>42165294

File: 3661935974_bb9936b006_o.jpg (304KB, 1024x768px) Image search: [Google]

304KB, 1024x768px

TrueCrypt is non-free software. This is what happens when you trust non-free software for encryption.

You guys should have used free software equivalents like GnuPG instead, but you guys wouldn't listen. You only had to listen!

https://www.gnupg.org/

Can we just discuss hidden volumes without ebin agressive shitposting from both sides?

Is it possible to do hidden volumes on linux? Even with some hacky solution or a 3rd party piece of software?

I want a hidden volume in case I get held up at a border and someone demands I decrypt my laptop, I do a lot a of overseas traveling

>>42165615
That should be fun. I'm not on my PC, but please post results.

>>42165722
I know you haven't been reading the news, but Windows itself is backdoored to the NSA. If you use Windows, you do not care about your privacy at all. Keep on using TC.

>>42165837
Can anyone be more useless at diffing than this person? The diff contains literally the whole source twice.

Snowden had a party in Hawaii a while back where he gave a lesson on how to use Tor and Truecrypt

http://boingboing.net/2014/05/21/edward-snowden-hosted-a-crypto.html

>>42165804

>implying all laptop thiefs are niggers and russian immigrants

go away nsa shill. using 4chan words like nigger doesnt make it any easier to see through your shilling

if we use your logic, websites shouldnt use SSL because what are they hiding?

>>42165882
Yeah, I pretty much agree with you at this point.

It could be the NSA or anything of this magnitude, I wouldn't be surprised.

Their site was probably hacked by the NSA.

Is there any nation left on the planet which won't force you to give up a key?

inb4 USA

https://en.wikipedia.org/wiki/In_re_Boucher

http://www.wired.com/2012/01/judge-orders-laptop-decryption/

File: 1356311555462.png (25KB, 1069x613px) Image search: [Google]

25KB, 1069x613px

>sudden update after 2 years just to stop development

File: surprise.png (42KB, 629x373px) Image search: [Google]

42KB, 629x373px

>>42165564

>>42165917
Pretty much every country in Europe.

>>42165929

not uk though

>>42165883

i know gnu's not unix but what does it stand for
why is gnu's name backdoored it could stand for anything and we wouldnt know it
i dont believe its 'a fun clever hack'
imagine if microsoft said something like that
they would be hellbanned.
why are backdoors bad unless its from gnu
such hypocrisy

>>42165937
UK isn't part of Europe...

>>42165907

meant to say doesnt make it any harder

>>42165937
r u avin a giggle m8.
You get 2 years in a jail for not giving up they key you tit.
Even if you have forgotten it or they think you have a hidden one you still end up in jail.

>>42165917
>The laptop was powered-up when the border was crossed, which allowed its contents to be browsed. Images containing child pornography were allegedly seen by Immigration and Customs Enforcement (ICE) border agents who seized the laptop

They had proof he had illegal material on there. If they don't have evidence or cause, they can't force you. The fifth amendment still applies.

>>42165933
Right from >>42165846

>Print ("WARNING: Using TrueCrypt is not secure");

both sources compared were signed with the same key.

>>42165689
jesus, what a worthless post. By the way if you work for the governmnet you are an oathbreaker which should be punishable like death as it has been for the last several thousand years

tl;dr kill yourself. Also please post a picture of you taking a dump

>>42165832
>Long story short, I have a friend who knows somebody that works in high places.

>"I know a guy"
Seems legit.

>>42165846
>https://gist.github.com/anonymous/e5791d5703325b9cf6d1

Perfect, thank you. So clearly this is a new binary, and since the sig is good, we're left with only two options:

1) TrueCrypt developers' release key has been compromised
2) This is legitimate.

Sucks either way.

>>42165946
Yes it is. Are you on crack?

>>42165073
>2014
>not being a pedo
get with the times, anon

File: am I dead yet.jpg (9KB, 354x199px) Image search: [Google]

9KB, 354x199px

>>42165410

At what point (and why) did encryption go from protecting professional documents against criminals to neckbeards hiding anime from the NSA?

So what's wrong with bitlocker?

File: image.jpg (57KB, 502x469px) Image search: [Google]

57KB, 502x469px

Reversefag here.

There are a *LOT* of changes, it's going to take some time to look throught.

So far I'm not seeing anything obviously wrong in the installer itself.

>>42166011
Since they decided to outlaw anime little children.

>>42166011
Around the same time governments started prosecuting people for fapping to imaginary cartoon children who never will exist in reality.

>>42165883
but gnupg isn't for encrypting data, it's so you can "prove" that you are who you say you are in things like email

>>42166011
When computers started being using for something else than decryption and scientific usage/computation?

>>42165984

The encryption routined seem to have deactivated so it can only be used to decrypt existing drives.

AbortProcess ("INSECURE_APP");

If there wasn't this advice to use closed source encryption software (ha) I would say that they closed it because the US made them do something (give out keys) and they aren't allowed to talk about it - so their only way would be to close the project. This has happened before to a different provider in the same way.

>>42166018
Microsoft bend over backwards for the NSA, if there is one company most likely to comply whole heatedly with them it is Microsoft.

>>42166018
What's not wrong with bitlocker?

You can be sure as hell it's backdoored by NSA

>>42166011
When NSA shills started attacking straw men.

>>42166042
> citation needed

>>42165014

I'm going to fuck you in the ass.

>>42166033
Intredasting...
Look through for a remote connection/http push/ftp etc to see if people are stealing keys.

>>42166042
So ONLY NSA, but not local authorities, can decrypt my data?

>>42166058
June 2013 you retard.

they removed encryption feature, stick with 7.1a

i guess it worked too well and they made them an offer they could not refuse.

>>42166031
>gnupg isn't for encrypting data
Please refrain from further posting.

>>42166051
Black box security, not to be trusted.

You might as well roll your own XOR encryption scheme, it's on the same level.

File: 1390362796270.jpg (45KB, 612x612px) Image search: [Google]

45KB, 612x612px

>>42165714
all 3

>>42165961
Plus thay guy was fucking stupid, TSA and border bitches just need to see the laptop is working to ensure you're not trying to hide crack ir bombs or whatever inside it

>>42166058
http://www.bbc.co.uk/news/technology-23285642

The documents show that the NSA had access to most of Microsoft's flagship products including Hotmail, Outlook.com, Skydrive and Skype. In the case of Outlook.com, Microsoft reportedly worked with the NSA to help it get around its own data-scrambling scheme that would have concealed messages from the agency.


Why wouldn't they help them with bitlocker?

>>42166058
more stupidity. If you are going to fucking shill moron at least familiarize yourself with the basics. Everyone here has seen top secret government slides with microshit's name on it so being a fucking retard won't work, you can try reddit though.

>>42166072
XOR is perfectly safe when the key is as long as the data to encrypt.

>>42166018
>proprietary
>developed by a close NSA partner
>no way to audit it since Microsoft won't allow third-parties to view the code

>>42166058
https://www.eff.org/document/20140513-greenwald-noplacetohidedocuments

>>42165769
http://ripronpaul.com/

>>42166018
These guys say that because they can't have the source, then it's backdoored to let NSA get to your data with a master key.

File: ogre.jpg (33KB, 450x304px) Image search: [Google]

33KB, 450x304px

>>42165014
HOLY SHIT

FIRST THE SARAH DEAN ( THE GIRL BEHIND FREEOTF) IS LOOKED FOR BY FBI AND "DISAPPEARS"

NOW TRUECRYPT GOES FULL LAVABIT

ITS OGRE FOR YOU WINDOWS GUYS

WE HAVE WARNED YOU

>>42166084
Yep, it is in theory.

But if your key is as long as your data, then you have to store the key somewhere, wich tends to be unsafe. If you can memorize the key, you could memorize the data in the first place.

Seriously though, what would be the best botnet solution for Windows if TC were to go bad?

Muh dm-crypt is fine for some, but windows does have it's uses

>>42166078
> they had access to all of fucking Google in the *exact* same way.

Also, spoiler: Backdooring the kernel is as easy to moving a single character. You could bet your top fucking dollar the kernel is rooted to hell and back.

Can´t one of you guys fork it onto github or bitbucket or something? I mean, truecrypt isn't just a windows program so this isn't fair at all.

>>42166018
http://pdf.yt/d/h5fcyazPNkhWGqFg

File: theo-sized.jpg (20KB, 196x268px) Image search: [Google]

20KB, 196x268px

If bitlocker is backdoored this means windows is backdoored. If windows is backdoored, running truecrypt will not save you any better than bitlocker could.

Either you trust Windows and run its encryption or you don't trust Windows and then hopefully you're not using windows. You can't make the OS more trustworthy by adding a third party program.

>>42166115
Your Windows is backdoored already.

File: Image-Map.gif (73KB, 700x525px) Image search: [Google]

73KB, 700x525px

>>42165961
>The fifth amendment still applies.
Not when you're in a constitution-free zone.

>>42166031
this... do you even know how ir even works?

>>42166115
>best
least*

>>42166130
>If windows is backdoored, running truecrypt will not save you any better than bitlocker could
I have news for you...

>>42166141
That applies to border patrol, which operates outside the US border according to law.
The judicial system still must go by the constitution.

>>42166011
>protecting professional documents against criminals

I still use it for this purpose. The only difference now is that government-sponsored white-collar crime (whether from China, Israel, or America) is more prevalent than ever, so the NSA might as well be lumped with the rest of the criminals.

>>42166141
http://blog.constitutioncenter.org/2013/02/does-a-constitution-free-zone-really-exist-in-america/

gpg would be nice if i could edit the contents

THANKS GNU

>>42166124
>WE STILL NEED THE PASSWORD!!!
So authorities can decrpyt my files, IF I tell my password. Oh no!

No updates on le tweeter?

>>42165268
where are you?
what i got is the shitty site. How are you ended up with this (good old) download page?

>>42166201
Its on their official sourceforge page.
Registered 2004, updated 11 times.

Its either them or someone got the site and their sourceforge.

I really doubt they have been hacked, do you really think someone that makes encryption software would have simple passwords?

>>42165411
key must have been compromised

>>42165420
Is this usable/good? Does it work well for the same files on multiple platforms (Win+Mac)?

Is it a good replacement for TrueCrypt-encryped partition on an external HDD?

>>42166170
by all means, start telling me.

File: hmmmm.png (40KB, 1134x627px) Image search: [Google]

40KB, 1134x627px

Check the history on the wikipedia page. Some account called truecrypt-end copypasted the site's warning onto wikipedia, where upon it was reverted. Something about all this seems pretty fishy, especially the (this is no hoax) warning.

>not throwing your gadgets into a fire and heading to south america

This is fucking legit. Look at the diff. No way you are going to put all that effort into it if you merely want to deface the page.

Truecrypt is finished. Feels like a good old middle finger to all these people who distrusted them in the first place (all these audits, like 100K in donations for that shit).

>Hey faggots, you don't trust us? Well fuck you to the finger, we are abandoning ship. You hated us? Use proprietary bitlocker instead LOL, see how that serves you

It all makes sense now. The project struggled to survive on donations yet a public bash/audit got almost 100K and applaud of the crowd.

File: hair.dryer.gif (1MB, 265x247px) Image search: [Google]

1MB, 265x247px

WTF where are the sources
are somebody here so dumb to download binaries without sources (especially this software?)?

>>42166270
>implying some douche here didn't do that

File: Captura de pantalla - 280514 - 15:25:08.png (228KB, 992x689px) Image search: [Google]

228KB, 992x689px

>>42166198

>>42165818
well in us if you give your password to a 40GB truecrypt volume and it has 100MB data in it that is all you need as a proof that there is a hidden volume.
Even if there isnt hidden volume there is no way to disprove it, you are fucked

Truecrypt compromised, confirmed :
https://github.com/warewolf/truecrypt/compare/master...7.2

>>42166031
Dude

>>42165832
you dont need to know a guy to see that lavabit pattern

>>42166302
Thats only if you enable on of the options in the menu.
You can have a 6gb file which is 6gb with a hidden volume in it but overwriting of data is a serious issue and can brick the file so you wouldn't want to use it on a hard drive you use often.

>>42165883
source of the pic

>>42166023
>mfw American

they do that here, there's gonna be some trabble (crap states don't count, they aren't part of America)

>>42166302

So does the burden of proof fall on the defendant in the burgerland?

>>42165937
http://www.alertboot.com/blog/blogs/endpoint_security/archive/2009/11/30/data-encryption-software-leads-to-jail-time-for-uk-schizophrenic.aspx

File: 2014-05-28_23-27-02.png (187KB, 1199x894px) Image search: [Google]

187KB, 1199x894px

>>42166299
You can decrypt mounted drive with password, like on TrueCrypt?

File: 20120129021639!Man_yelling.jpg (9KB, 350x268px) Image search: [Google]

9KB, 350x268px

MODS MODS MODS

STICKY STICKY STICKY

>>42165937
UK is not part of Europe
>at least I wish

>>42165929
>What is Switzerland

>>42166115
PGP encryption on individual files maybe

>>42166317
>you dont need to know a guy to see that lavabit pattern
THIS! stick to 7.1a people and wait for audit to be over.

File: Tb7pwPu.jpg (1MB, 1900x4500px) Image search: [Google]

1MB, 1900x4500px

Why do people care so much about a potential backdoor in Bitlocker?
Yes, it's propietary, closed-source and developed by a company involved in PRISM. So is THE WHOLE FUCKING OS you're using it on. Which is insanely more complex that Bitlocker, it would be so much easier to hide a backdoor in it than in the Bitlocker components alone. The OS is such a huge problem, how can you use it and avoid Bitlocker while using arguments that also apply to the OS?

>>42166395

what backdoors are in windows 7

File: _.png (354KB, 626x683px) Image search: [Google]

354KB, 626x683px

>>42165686
https://github.com/warewolf/truecrypt/compare/master...7.2

>>42166084
which is surely the case with NSA_KEY company

>>42166368
I second this anon. Seems we'll have a long discussion.

>>42166394
I hope thats a grill

File: 1809387475.png (58KB, 448x392px) Image search: [Google]

58KB, 448x392px

>>42165689
Can't tell if you're a troll or just really really retarded.

*** DIFF BETWEEN 7.1 AND 7.2 ***

http://pastebin.com/kr12aUyc

Have fun.
>>42165582
>>42165686

>>42165392
>The audit revealed intentional vulnerabilities

From the audit,

>Finally, iSEC found no evidence of backdoors or otherwise intentionally malicious code in the
assessed areas. The vulnerabilities described later in this document all appear to be unintentional, introduced as the result of bugs rather than malice.

File: 1360538240345.gif (610KB, 300x163px) Image search: [Google]

610KB, 300x163px

sudo srm -r /

>>42166306

Well, somebody fucked it up very well.
But, why?

THIS IS LEGIT

I REPEAT THIS IS LEGIT

LOOK AT THE SOURCE CODE

THEY DISABLED ALL ENCRYPTION AND THE NEWEST VERSION CAN ONLY BE USED TO DECRYPT

AKA A MIGRATION TOOL

TRUECRYPT IS OVER
FINISHED
DONE

File: Capture.png (10KB, 993x89px) Image search: [Google]

10KB, 993x89px

>>42166421
Doesn't this directly contradict the site?

Unless the world gives up on truecrypt containers entierly because of this now, there is always the BSD licenced tc-play implementation of truecrypt instead

Reversefag here.

It looks like theis TrueCrypt release was compiled by the usual devteam.

This pdb is in "c:\\truecrypt-7.2\\driver\\obj_driver_release\\i386\\truecrypt.pdb", like the old one, and the metadata looks correct.

Lots of things are missing, and lots of code has changed, so there could be new vulnerabilities or subtle bugs.
It looks like the encryption/volume creation is gone (?) too now.

No obvious backdoor so far in the driver, but I just did a quick analysis.

>>42166458
Looks like they only want you to decrypt and move to other software.

File: 1398337404633.jpg (83KB, 612x612px) Image search: [Google]

83KB, 612x612px

>>42166395
>>42166130
This, /g/men confirmed for security illiterate.

>>42166306
>Truecrypt compromised, confirmed :
NO IT"S NOT "compromised, confirmed", they just removed ability to encrypt new shit from new version

>>42165816
I'd like some hints too

>>42166332
Flickr. There is an entire universe of photos of him there.

https://secure.flickr.com/photos/paulohenriquenet/3661935974/in/photostream/

File: 2014-05-28-223536_317x230_scrot.png (24KB, 317x230px) Image search: [Google]

24KB, 317x230px

>>42166336
when it is about terrorists... yes

Some pretty interesting comments here : https://twitter.com/search?q=truecrypt&src=typd

MODS : Please sticky this thread.

>>42166449
>TRUECRYPT IS OVER
>FINISHED
>DONE

what is truecrypt 7.1a?

>>42166368
thirded

File: highlanderimage01.jpg (204KB, 500x400px) Image search: [Google]

204KB, 500x400px

>>42165650
Hey buddy!

LVM+dm-crypt+LUKS master race here too!

>>42166498
compromised by the look of things

>>42166498
what are vulnerabilities ?

it doesn't even matter if this is a prank, nobody will trust tc anymore

>>42166394
would wife

File: deception_p48.png (181KB, 1280x960px) Image search: [Google]

181KB, 1280x960px

>>42166521
as planned

Give the nature of the "archival site" (truecrypt.org redirects to truecrypt.sourceforge.net) I suspect that TrueCrypt's website may have been compromised and this is a clever attempt to hack into people's machine. I say we wait for official word other than the website before claiming it's discontinued. —f3ndot (TALK) (EMAIL) (PGP) 19:29, 28 May 2014 (UTC)

Hum, don't think it was hacked somehow. First, most of the page teaches how to migrate data. Second, the only available download is a "new" version, 7.2, that only allows you to decrypt data. Installing and running it on your computer won't open any kind of network connection. It doesn't create any new files, hidden files, nor modifies your registry. And don't think there'll be a official communication other than the official website, since the authors weren't known. Don't think there'll be a way to check if anyone claiming "I'm the TC author" will be provable. I'd take the official announcement as serious. Noonnee (talk)

Noonnee, there are many reasons to consider this suspect: (1) the URL redirects to truecrypt.sourceforge.net. (2) The SIGs provided in the new binaries do not validate. (3) The keys provided do not validate under Web of Trust. (4) The timing is bizzare since there's an initiative to audit truecrypt and this is counter to the developers' Modus Operandi. (5) No other official information anywhere else? No. This is highly suspicious. We should wait for additional sources.

>>42166521
well yes, sadly we will never know when the "true" tc group posts a "true" update, Truecrypt is officially done for.

>>42166479
replying to m$ shills
are you this new ?

>>42166487
Thanks, but i meant the context. Why is he desperate ?

NEED TO STICKY STICKY STICKY STICKY STICKY STICKY STICKY STICKY STICKY STICKY MODS !

File: 1.png (181KB, 991x738px) Image search: [Google]

181KB, 991x738px

>>42166367

File: VjOM1.gif (471KB, 335x288px) Image search: [Google]

471KB, 335x288px

>>42166368
pooped

File: 1396268794441.jpg (358KB, 3500x3222px) Image search: [Google]

358KB, 3500x3222px

>>42166394
>yfw dban is backdoored too

>>42166565

New thread

>2014
>Trucrypt not PGP

File: 2.png (507KB, 994x730px) Image search: [Google]

507KB, 994x730px

>>42166367
2/4

>>42166551
Dude, they hacked their site.
It's impossible from now on to wait for "official word" by TC, because we can't say for sure it's them.

>still not a stick

BRAVO MODS

>>42166511
name one of them.

>NSA menaces the programmers and binds them to secrecy
>takes over development using the keys of the former programmers
>operates with the assumption that TrueCrypt has no vulnerabilities, and therefore spends a week preparing a sudden update (after years of dormancy) that removes the ability to encrypt and tells people to move to a piece of proprietary software written by a company known to collaborate with the NSA
>removes all previous builds so you cannot ignore this 'advice'
>probably removes repositories and old tarballs of the source code
Mark my words.

File: 3.png (250KB, 994x752px) Image search: [Google]

250KB, 994x752px

>>42166367
3/4

No network traffic detected on the new installer.

https://twitter.com/runasand/status/471753033484103680

File: haha hehe.webm (96KB, 640x360px)

96KB, 640x360px

>mfw retards actually installed this backdoored garbage

you fell for the nsa shills, i bet you're using selinux, too.

>>42165014
bump limit has been hit

>>42165014
new

Why are people saying move to other sources for encryption? What's wrong with 7.1a? Did the isec team find something in their audit and can't tell us?

File: 4.png (177KB, 992x745px) Image search: [Google]

177KB, 992x745px

>>42166367
4/4

>>42166299

I already have Debian installed and I want to encrypt my install with dm-crypt and LUKS. Can't find a solid straightforward guide. Is the archwiki relevant enough?

>>42166614
If vulnerabilities on TrueCrypt are discovered in the future, they will not corrected.

>Ending development of a very popular gratis software
>Not making it completely open source

>enter the trashman.png

>>42166566
He probably saw people in the audience using non-free products that disrespected their freedom, such as iBads and iDrones, and WhackBooks.

>>42166671
The source is already on github, can't someone fork it?

After all that time and money spent on the audit, it'd be a waste.

>>42166662
so you agree that in 7.1a there are none as of this point, there is also an audit on that source right now. and besides is a bug is discovered - since it's open source, there will be a fix released by a 3rd party.

>>42166656
i know debian's alternative installer used to be able to do it automatically, and ubiquity can do it automatically

>>42166662
>corrected
umm, i think it's "fixed", shit, my english is very bad.

>not knowing when to abandon ship

So, does /g/ will also create a Tox-like encryption software ?

>>42166697
>The source is already on github, can't someone fork it?
Oh, didn't know, I thought it was one of those "You can get the source code if you request it and we are ok with it" kind of deals.

>>42166732
Truecrypt is only used for people who can't into Linux.

>>42166739
The source is available but the license has some limitations that might make it non-free.

>>42166745
Same for Tox.

This guy :
https://twitter.com/bjondersson/status/471754497719808002

File: old-man-laughing.jpg (22KB, 400x279px) Image search: [Google]

22KB, 400x279px

>>42166732
Tox-like

>>42166257
pls this

File: Madotsuki.jpg (110KB, 700x800px) Image search: [Google]

110KB, 700x800px

>>42166031
>gnupg isn't for encrypting data
TOPKEK

>>42166031
>but gnupg isn't for encrypting data
My sides.

>>42166576
With these you can detect encrpyted volume. Yes it's security issue (aka they have proof that you have something encrpyted), but not backdoor.
For truecrypt there's tools like TCHunt.

>>42166592
That recovery-file is feature on enterprise environment (and it's turned off as default), and very rarely used on home computers (because these doesn't belong Active Directory).
http://community.spiceworks.com/how_to/show/1991-locations-of-bitlocker-recovery-information-in-active-directory
Not backdoor either.

>>42166623
>>42166655
Mounting BitLocker drive when you know recovery key. Feature, not backdoor.

jews

> tfw gpg has been around for years but it's "too hard" so people use terrible insecure webapps like cryptoshat instead

File: 1354045542371.jpg (30KB, 605x328px) Image search: [Google]

30KB, 605x328px

>>42166911

File: Angry jew.jpg (8KB, 171x200px) Image search: [Google]

8KB, 171x200px

>http://www.youtubemultiplier.com/537beec890c71-happeningpls234y45237057y.php
It's happening.

>>42166857
it's ok, anon. i don't use any m$ product.
if you are using it is okay too.

i'm only saying bitlocker is only useful (if anything at all), when/if your pc is culturally enriched.

>>42166857
>bitlocker doesn't have a backdoor because the docs from MS say so

File: 319367_343162299094135_436343339_n.jpg (13KB, 200x254px) Image search: [Google]

13KB, 200x254px

>>42166857
>BitLocker
>Bought to you by NSA_KEY company

>>42166857
do you really rather trust a close source project than a open source ?

shills these days ... it seems you don't even try nowadays.

>>42166958
I am just saying that PDF doesn't show to how magically decrpyt every bitlocker volume.

>http://sourceforge.net/p/truecrypt/activity/?page=0&limit=10...
>Odd, 6 hours ago someone updated the TruCrypt-key.asc files, then 3 hours later posted all the new binaries.

Confirmed for defacing.