Truecrypt development stopped. Recommend changing to Bitlocker.

Recondite49

Fuzzy wrote: »

All the emails get copied, regardless of what keyword you put in it.

Are you sure about that? It's an awful lot of data. NSA and GCHQ must get sick of filtering all those cat videos.

On a more serious note, during my short but colourful time on the underground of the internet we sent gpg encrypted e-mails over Tor or better yet Torchat (which used OTR messaging) to keep in touch - it seems to me that's the best way to guard against interception.

Currently I use bitmessage's onion domain for ultra secret stuff, anyone else have a good e-mail provider they can recommend?

Gone West

Recondite49 wrote: »

Are you sure about that? It's an awful lot of data. NSA and GCHQ must get sick of filtering all those cat videos.

On a more serious note, during my short but colourful time on the underground of the internet we sent gpg encrypted e-mails over Tor or better yet Torchat (which used OTR messaging) to keep in touch - it seems to me that's the best way to guard against interception.

Currently I use bitmessage's onion domain for ultra secret stuff, anyone else have a good e-mail provider they can recommend?

It's best to assume that all data once it leaves systems under your control or audit is then copied.
Each cat video only gets stored once by the way.

The question now is not about whether your data is being copied and stored all over the place. The discussion has moved on to other questions, like...
What meta data is being used for what.
Who has access, and how prolific are queries of the database. Loveint etc.
What will happen to this data in the future?
Will it be public domain at some stage?
Will your grandkids get a chance to read your awkward emails from secondary school?

25 years ago if you suggested that IBM would be irrelevant in IT, you would have been fired.
10 years ago if you suggested that cellphone metadata alone would be used by flying robots to blow up wedding ceremonies on the other side of the world, you would be laughed at.
4 years ago if you suggested that secret US government embassy cables would be dumped online, you would have been called a conspiracy nut.

No, I think it's fair to say you must assume that everything you don't directly control is copied and has an uncertain future.

BTW, re: Truecrypt, my money is on "canary", although "Dev cracks under pressure and shuts down poorly" is a close second guess.

edanto

Truecrypt.ch got a takedown order, according to their twitter @TrueCryptNext

They said it might be fake but are asking for legal help.

In this topsy turvy story it's impossible to know if they're good guys or not. Do their public efforts to keep the TC flag flying outweigh any mis-steps they make?

If the original TC was a three letter takedown, could truecrypt.ch be some kind of front for the same agency? That does seem a bit far fetched!

Who can tell if the code is unaltered from the code being audited?

Are there changes that could introduce a vulnerability and leave the same checksum?

Recondite49

Fuzzy wrote: »

It's best to assume that all data once it leaves systems under your control or audit is then copied.
Each cat video only gets stored once by the way.

The question now is not about whether your data is being copied and stored all over the place. The discussion has moved on to other questions, like...
What meta data is being used for what.
Who has access, and how prolific are queries of the database. Loveint etc.
What will happen to this data in the future?
Will it be public domain at some stage?
Will your grandkids get a chance to read your awkward emails from secondary school?

25 years ago if you suggested that IBM would be irrelevant in IT, you would have been fired.
10 years ago if you suggested that cellphone metadata alone would be used by flying robots to blow up wedding ceremonies on the other side of the world, you would be laughed at.
4 years ago if you suggested that secret US government embassy cables would be dumped online, you would have been called a conspiracy nut.

No, I think it's fair to say you must assume that everything you don't directly control is copied and has an uncertain future.

BTW, re: Truecrypt, my money is on "canary", although "Dev cracks under pressure and shuts down poorly" is a close second guess.

Hi Fuzzy,

I think you make a very good point although I don't think the two perspectives are mutually exclusive.

Even with our current computing power, to actually monitor all electronic correspondence would be an unimaginably huge task - having said that if we proceed on the basis that our correspondence is being monitored then we can keep our data safe.

This is especially important I think for people concerned with privacy as there's some evidence to show that people who for instance connect to the Tor network are singled out for surveillance over their neighbours - of course if your traffic is encrypted end to end then it's a moot point but this is why I think it's great we have forums like these where people can learn to communicate safely.

syklops

bedlam wrote: »

It looks like Truecrypt.ch are taking up the mantle.

Why can't more people be like the Swiss. And the Dutch. With more Dutch people and more Swiss people, I think the world would be a better place.

Are there changes that could introduce a vulnerability and leave the same checksum?

No. Collisions do happen. That means it is possible for the data in a file to change and still match its checksum, but it usually happens with records. I saw it happening in signatures for malware, but it was accidental and very rare. The chances of someone creating backdoor code, and introducing it to existing code and the checksum remaining the same is astronomical.

What Im unsure about when it comes to checksums is, if an attacker has corrupted the source code of an application. As in, gotten in, downloaded the code, patched it with his exploit code, pushed upstream, and kept everyone unaware, what hurdle would have been too great for him(or her) to replace the checksums with the new ones?

Recondite49

syklops wrote: »

Why can't more people be like the Swiss. And the Dutch. With more Dutch people and more Swiss people, I think the world would be a better place.



No. Collisions do happen. That means it is possible for the data in a file to change and still match its checksum, but it usually happens with records. I saw it happening in signatures for malware, but it was accidental and very rare. The chances of someone creating backdoor code, and introducing it to existing code and the checksum remaining the same is astronomical.

What Im unsure about when it comes to checksums is, if an attacker has corrupted the source code of an application. As in, gotten in, downloaded the code, patched it with his exploit code, pushed upstream, and kept everyone unaware, what hurdle would have been too great for him(or her) to replace the checksums with the new ones?

Hi skylops,

Wasn't the issue that given the metadata involving time and dates in the source code that it was actually very difficult to compile a binary that matched that on the Truecrypt website, even if it didn't contain a backdoor?

Such a shame if the developers have been bagged and tagged but it's difficult to understand who would do this or why - isn't the cat out of the bag so to speak?

Khannie

Interesting - Hidden message from truecrypt devs?

beauf

I quess it depends what you are using it for. If its in case you're gear gets robbed by some scumbag, or so people don't have easy access to the data then its probably fine. If you are hiding stuff from the NSA and law enforcement then you've bigger problems, and you are probably using something a bit more complex.

Recondite49

beauf wrote: »

I quess it depends what you are using it for. If its in case you're gear gets robbed by some scumbag, or so people don't have easy access to the data then its probably fine. If you are hiding stuff from the NSA and law enforcement then you've bigger problems, and you are probably using something a bit more complex.

Well said beauf, I've already mentioned the open source alternative to Truecrypt tcplay in another thread which has all the same functionality if you're happy to use the Linux Command line. That said the Disk Utility in every Linux version I've seen so far allows you to format a drive with a password, which is quick and easy - I believe the default AES 128 bit encryption but if there are more tech savvy people out there, I'd love to hear from you.

Khannie

beauf wrote: »

I quess it depends what you are using it for. If its in case you're gear gets robbed by some scumbag, or so people don't have easy access to the data then its probably fine. If you are hiding stuff from the NSA and law enforcement then you've bigger problems, and you are probably using something a bit more complex.

I see your point, but I want to hide everything from everybody, just because fup you (not you, obviously). I very seriously value my privacy. I've nothing to hide, but I don't want back doors built into my security software so that someone can read emails between myself and my wife if they so choose, so I reject the notion that I shouldn't want software that is secure from the NSA. They're the ones most likely to abuse it IMO.

beauf

I know you are making a general point about data in general. But just to be pedantic. They can intercept your emails at a lot of other points outside of your network and systems. So the old adage of don't email anything you wouldn't want on the 9 O'Clock News still applies. I have found anyone really concious of security tends to do things over the phone, or face to face rather than email.

The other point about security is you have to use it. If its awkward you won't. Or you'll use it less often.

Recondite49

beauf wrote: »

I know you are making a general point about data in general. But just to be pedantic. They can intercept your emails at a lot of other points outside of your network and systems. So the old adage of don't email anything you wouldn't want on the 9 O'Clock News still applies. I have found anyone really concious of security tends to do things over the phone, or face to face rather than email.

The other point about security is you have to use it. If its awkward you won't. Or you'll use it less often.

Well said Khannie, security which is proof- against everyone except X is no good. Unless it's good against a competent attacker with large resources I don't want to know! :-)

Recondite49

beauf wrote: »

I know you are making a general point about data in general. But just to be pedantic. They can intercept your emails at a lot of other points outside of your network and systems. So the old adage of don't email anything you wouldn't want on the 9 O'Clock News still applies. I have found anyone really concious of security tends to do things over the phone, or face to face rather than email.

The other point about security is you have to use it. If its awkward you won't. Or you'll use it less often.

I agree with your point about the trade off between security and convenience but I don't think we need to give up on e-mail altogether - intercepting a message that for instance you've encrypted with a 4096 bit gpg key wouldn't do the NSA much good.

Also they still haven't found a way to compromise the overall structure of the tor network.

Of course if you're going to meet face to face with your contacts you could do this just the once every few years and exchange one time pads of random data - we certainly don't need to give up on e-mail altogether in my ever humble opinion! :-)

beauf

Are you using encrypted email across all your devices including mobiles etc. I've only seen it a handful of times.

Recondite49

beauf wrote: »

Are you using encrypted email across all your devices including mobiles etc. I've only seen it a handful of times.

Hi beauf,

That's an excellent question. I've an Android phone running K9 mail in addition to APG which can encrypt and decrypt e-mails but I'm too worried about, the device being stolen or seized to use it for very personal correspondence.

I use a live OS (TAILS) in combination with Bitmessage to send private e-mails. The e-mails are encrypted with gpg. I store my key and favourite program on a USB stick, encrypted with Linux disk utility.

This is by no means perfect as certain vulnerabilities exist within TAILS, plus the stick itself while encrypted could be taken by force, but I've no concerns about messages being intercepted - they never leave the tor network.

I don't mean to go off topic but I do think it is possible to NSA-proof your messages and data. Let's keep the faith.

howamidifferent

Recondite49 wrote: »

Hi beauf,

I've no concerns about messages being intercepted - they never leave the tor network.

I don't mean to go off topic but I do think it is possible to NSA-proof your messages and data. Let's keep the faith.

The below article seems to indicate that this may not be as secure as you assume....

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

Recondite49

howamidifferent wrote: »

The below article seems to indicate that this may not be as secure as you assume....

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

This attack has to do with traffic confirmation and seeks to undermine a user's anonymity - not their privacy.

In fact as the Tor blog itself states this is nothing new and there's not a shred of evidence that this can be used to reliably target specific users.

In my own case at any rate and e-mails sent over Tor have been encrypted so I won't be losing any sleep.

I have been wondering about what else we can do though to mitigate the risk. Using a dedicated private bridge and running a relay of your own would make it difficult for other compromised relays to intercept your traffic specifically surely?

beauf

The problems with technology, is there always someone/organization with better technology. So it would be naïve to think you are secure against everyone. Even in the pipe is secure, it has to enter and leave it at some point. Even if that through social engineering, or a person. A Maginot Line as it were. "strategically ineffective".

Most people concerned about such things don't commit any data to electronic means at all.

For most people their data they are sending isn't sensitive anyway.

Gone West

Tor just makes me uneasy.
I can't articulate properly why. It just does.
The protocol seems solid enough, but the people who are funding development to the tune of millions of $USD per year are suspect.

Dermot Illogical

Fuzzy wrote: »

Tor just makes me uneasy.
I can't articulate properly why. It just does.
The protocol seems solid enough, but the people who are funding development to the tune of millions of $USD per year are suspect.

Creation of a target-rich environment? It makes sense to get all your suspects into the one place so you can concentrate your efforts.

Recondite49

beauf wrote: »

The problems with technology, is there always someone/organization with better technology. So it would be naïve to think you are secure against everyone. Even in the pipe is secure, it has to enter and leave it at some point. Even if that through social engineering, or a person. A Maginot Line as it were. "strategically ineffective".

Most people concerned about such things don't commit any data to electronic means at all.

For most people their data they are sending isn't sensitive anyway.

It's a much greater act of naivete to believe you've nothing to hide, therefore never need to worry about it, indeed it's one of the more common fallacies when it comes to security.

Also I don't see the fact that 100% security isn't always achievable to be a reason to conclude that the only way to maintain your privacy is to go live in a cave and use finger painting to communicate.

Even a well resourced adversary has to be able to distinguish only your traffic - this is why the Maginot line is such a poor basis of comparison as it was obvious to any fool where it was - a better analogy might be one letter amongst millions at the post office - which has to be found before any cryptanalysis can begin. This is why the article on the Tor website doesn't bother me that much - it tells us very little we didn't know before and isn't practical for surveillance purposes, at least on this scale.

Recondite49

Dermot Illogical wrote: »

Creation of a target-rich environment? It makes sense to get all your suspects into the one place so you can concentrate your efforts.

I've seen the guys heading up the Tor project on Youtube, you really think they're government stooges? Must be a pretty good disguise...! :-D

Dermot Illogical

Recondite49 wrote: »

I've seen the guys heading up the Tor project on Youtube, you really think they're government stooges? Must be a pretty good disguise...! :-D

As I recall they are govt-funded, or were at any rate. But that doesn't matter as much as control of the nodes.

howamidifferent

Wasnt it originally if not still a US Navy project?

Recondite49

Dermot Illogical wrote: »

As I recall they are govt-funded, or were at any rate. But that doesn't matter as much as control of the nodes.

You're right they do receive funding from the US government, as the tor browser is used by the Navy, diplomats etc. of course the AES cipher was also the result of a government sponsored competition, I don't really smell a rat as it helps the country as a whole if we all keep our data safe.

beauf

Recondite49 wrote: »

It's a much greater act of naivete to believe you've nothing to hide, therefore never need to worry about it, indeed it's one of the more common fallacies when it comes to security..

I didn't say they didn't have data to protect. I said they don't expose it to certain types of risk.

Recondite49 wrote: »

Also I don't see the fact that 100% security isn't always achievable to be a reason to conclude that the only way to maintain your privacy is to go live in a cave and use finger painting to communicate..

There is a world outside of computers. People forget that. Its often far more practical/efficient than using a computer. You don't have to go all Sheldon on it.

Recondite49 wrote: »

Even a well resourced adversary has to be able to distinguish only your traffic - this is why the Maginot line is such a poor basis of comparison as it was obvious to any fool where it was - a better analogy might be one letter amongst millions at the post office - which has to be found before any cryptanalysis can begin. This is why the article on the Tor website doesn't bother me that much - it tells us very little we didn't know before and isn't practical for surveillance purposes, at least on this scale.

They don't need to look at all the letters. They only need to know the origin and the destination. Then they can refine that further outside of the post office.

The reason the Maginot line failed was not because they knew where it was. It was because they believed that was the only route. They didn't consider it could be bypassed. That's appropriate is because attacks on tor network haven't been directly at it. But at things around it.

beauf

Recondite49 wrote: »

You're right they do receive funding from the US government, as the tor browser is used by the Navy, diplomats etc. of course the AES cipher was also the result of a government sponsored competition, I don't really smell a rat as it helps the country as a whole if we all keep our data safe.

I don't think their objectives are as altruistic as that.

Recondite49

beauf wrote: »

I didn't say they didn't have data to protect. I said they don't expose it to certain types of risk.

All the same, I'd like to keep as much of my data private all of the time if it's all the same to you.

There is a world outside of computers. People forget that. Its often far more practical/efficient than using a computer. You don't have to go all Sheldon on it.

When it comes to cryptography, you might have noticed a computer is pretty handy.

Having said that if anyone wants to use an air gap to keep encrypted data safe or use a one time pad hand cipher, you'll have no argument from me. I just get ticked off by smug security researchers in pony tails saying that only face to face communication is secure.

They don't need to look at all the letters. They only need to know the origin and the destination. Then they can refine that further outside of the post office.

The reason the Maginot line failed was not because they knew where it was. It was because they believed that was the only route. They didn't consider it could be bypassed. That's appropriate is because attacks on tor network haven't been directly at it. But at things around it.

A passive adversary does indeed need to look at all the letters - of course if you want to intercept mail to a certain address the job is made easier but you still have to locate the letter at some stage in the system.

The reason the Maginot line failed was as you say that people who knew its location simply chose to walk around it. I agree that the basic structure of the tor network has yet to be compromised and that attacks have centred around the end points but as mentioned previously it's a moot point if you make use of the hidden services so that your traffic doesn't leave the network.

This latest attack looks good on a white paper but it couldn't be used in its current incarnation to actively monitor a specific user at all times, even if you knew from where they're connecting.

No harm in encrypting your messages as they go through tor mind you!

Recondite49

beauf wrote: »

I don't think their objectives are as altruistic as that.

Answer your own question though - why not develop their own cipher in house? The answer I think is that security through obscurity is much weaker than open source.

beauf

Recondite49 wrote: »

Answer your own question though - why not develop their own cipher in house? The answer I think is that security through obscurity is much weaker than open source.

Their involvement Open source I think its like planning a vegetarian meal with tiger.