Fwd: is truecrypt dead?
Is anyone aware of what is happening to truecrypt project? from their site: "The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." " -J
There is a thread on the twitters at the moment about this: https://twitter.com/runasand/status/471740622031032320 - The the signature of the .exe still verifies. - The key seems to be legit: https://www.google.nl/?gfe_rd=cr&ei=gUaGU_fmJ8eyOsvogYgF#q=c5f4+bac4+a7b2+2db8+b8f8+5538+e3ba+73ca+f0d6+F0D6+B1E0 On 28 May 2014, at 21:21, J. Tozo <juniorbsd@gmail.com> wrote:
Is anyone aware of what is happening to truecrypt project?
from their site:
"The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform."
" -J
On Wed, May 28, 2014, at 03:27 PM, Bernard Tyers wrote:
There is a thread on the twitters at the moment about this:
https://twitter.com/runasand/status/471740622031032320
- The the signature of the .exe still verifies. - The key seems to be legit: https://www.google.nl/?gfe_rd=cr&ei=gUaGU_fmJ8eyOsvogYgF#q=c5f4+bac4+a7b2+2db8+b8f8+5538+e3ba+73ca+f0d6+F0D6+B1E0
Truecrypt was cross-platform. BitLocker isn't. LUKS isn't. Whatever MacOS X uses isn't. Until and unless there are GPL/BSD licensed versions of BitLocker for MacOS X, GNU/Linux, etc then they aren't true replacements for Truecrypt. -- Shawn K. Quinn skquinn@rushpost.com
Also.. https://twitter.com/TheBlogPirate/status/471759810644283392 On 28/05/14 21:48, Shawn K. Quinn wrote:
On Wed, May 28, 2014, at 03:27 PM, Bernard Tyers wrote:
There is a thread on the twitters at the moment about this:
https://twitter.com/runasand/status/471740622031032320
- The the signature of the .exe still verifies. - The key seems to be legit: https://www.google.nl/?gfe_rd=cr&ei=gUaGU_fmJ8eyOsvogYgF#q=c5f4+bac4+a7b2+2db8+b8f8+5538+e3ba+73ca+f0d6+F0D6+B1E0
Truecrypt was cross-platform. BitLocker isn't. LUKS isn't. Whatever MacOS X uses isn't. Until and unless there are GPL/BSD licensed versions of BitLocker for MacOS X, GNU/Linux, etc then they aren't true replacements for Truecrypt.
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
Dnia środa, 28 maja 2014 22:14:53 Cathal Garvey pisze:
Also.. https://twitter.com/TheBlogPirate/status/471759810644283392
Could I suggest *QUOTING* the 140-char drops of gold from Twitter directly, along with giving a link? Would really appreciate it. :) -- Pozdr rysiek
Dnia czwartek, 29 maja 2014 09:07:13 rysiek pisze:
Dnia środa, 28 maja 2014 22:14:53 Cathal Garvey pisze:
Also.. https://twitter.com/TheBlogPirate/status/471759810644283392
Could I suggest *QUOTING* the 140-char drops of gold from Twitter directly, along with giving a link? Would really appreciate it. :)
Okay, there was an image there. And now I feel like a douche. Sorry. :) -- Pozdr rysiek
=image On 29 May 2014 08:07:13 GMT+01:00, rysiek <rysiek@hackerspace.pl> wrote:
Dnia środa, 28 maja 2014 22:14:53 Cathal Garvey pisze:
Also.. https://twitter.com/TheBlogPirate/status/471759810644283392
Could I suggest *QUOTING* the 140-char drops of gold from Twitter directly, along with giving a link? Would really appreciate it. :)
-- Pozdr rysiek
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Krebs has put a post about it: http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur... excerpt: "Doubters soon questioned whether the redirect was a hoax or the result of the TrueCrypt site being hacked. But a cursory review of the site’s historic hosting, WHOIS and DNS records shows no substantive changes recently. What’s more, the last version of TrueCrypt uploaded to the site on May 27 (still available at this link) shows that the key used to sign the executable installer file is the same one that was used to sign the program back in January 2014 (hat tip to @runasand and @pyllyukko). Taken together, these two facts suggest that the message is legitimate, and that TrueCrypt is officially being retired. That was the same conclusion reached by Matthew Green, a cryptographer and research professor at the Johns Hopkins University Information Security Institute and a longtime skeptic of TrueCrypt — which has been developed for the past 10 years by a team of anonymous coders who appear to have worked diligently to keep their identities hidden. “I think the TrueCrypt team did this,” Green said in a phone interview. “They decided to quit and this is their signature way of doing it.”
My suspicion is that either they were hacked (and had their key stolen), or that they were ordered to shutdown and recommend Microsoft's (presumably backdoored) BitLocker as a replacement. BitLocker's enterprise documentation makes me *incredibly* suspicious that it is susceptible to monitoring by third-parties. Even being embarrassed by whatever bugs the second phase audit uncovered wouldn't explain the sudden recommendation. And why not ecryptfs or ~literally anything else~ ? Pardon my tinfoil hat. ~Griffin
On Wed, May 28, 2014 at 07:45:06PM -0400, Griffin Boyce wrote:
Even being embarrassed by whatever bugs the second phase audit uncovered wouldn't explain the sudden recommendation. And why not ecryptfs or ~literally anything else~ ?
ecryptfs is a complete joke. It intentionally does not encrypt *ANY* metadata execpt the filename, leaking modification times, filesizes (rounded to the block), write patterns, file ownership, permissions, etc. Because it's design is such a joke, it hasn't gotten any serious crypto review, so I'd be surprised if it doesn't have critical implementation bugs in the parts that aren't broken by design. Please don't use ecryptfs. It's not even better than nothing. -andy
Andy Isaacson wrote:
I'd be surprised if [ecryptfs] doesn't have critical implementation bugs in the parts that aren't broken by design.
Please don't use ecryptfs. It's not even better than nothing.
BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I remember correctly, ecryptfs was the default home directory encryption option for Ubuntu until recently. Why is it that these things that thousands of people rely on are not audited in any real way? I've used truecrypt with reservations and never in a serious situation. But lots of people are relying on this to keep their data safe while crossing borders, documenting human rights abuses, etc. A company like Canonical should insist on audits before making *anything* the default encryption scheme. These things tend to start as small projects and come to be ubiquitous without most users caring about audits (or being open-source). We need to have higher standards. ~Griffin * It's a joke because I use Debian... now......
Dnia środa, 28 maja 2014 22:07:40 Griffin Boyce pisze:
Andy Isaacson wrote:
I'd be surprised if [ecryptfs] doesn't have critical implementation bugs in the parts that aren't broken by design.
Please don't use ecryptfs. It's not even better than nothing.
BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I remember correctly, ecryptfs was the default home directory encryption option for Ubuntu until recently.
Why is it that these things that thousands of people rely on are not audited in any real way?
The right question is: Why do creators of things that are being used by thousands of people use solutions that are not audited in any real way?
I've used truecrypt with reservations and never in a serious situation. But lots of people are relying on this to keep their data safe while crossing borders, documenting human rights abuses, etc. A company like Canonical should insist on audits before making *anything* the default encryption scheme.
These things tend to start as small projects and come to be ubiquitous without most users caring about audits (or being open-source). We need to have higher standards.
Absolutely. -- Pozdr rysiek
Griffin Boyce <griffin@cryptolab.net> writes:
Why is it that these things that thousands of people rely on are not audited in any real way?
It's open-source, so there's the presumption of audit, "I couldn't be bothered looking at it, but since it's open source someone else must have". The odd thing is that it's some of the commercial vendors, who are doing it for money and can pay to have the code checked, for which you have at least some presumption of audit, but since they're closed-source you're not allowed to trust them. Peter.
For those with imminent interest: http://rpmfusion.org/Package/realcrypt cheers
-----Original Message----- From: cypherpunks [mailto:cypherpunks-bounces@cpunks.org] On Behalf Of Peter Gutmann Sent: Thursday, May 29, 2014 12:25 PM To: adi@hexapodia.org; griffin@cryptolab.net Cc: cypherpunks@cpunks.org Subject: Re: is truecrypt dead?
Griffin Boyce <griffin@cryptolab.net> writes:
>Why is it that these things that thousands of people rely on are not >audited in any real way?
It's open-source, so there's the presumption of audit, "I couldn't be bothered looking at it, but since it's open source someone else must have". The odd thing is that it's some of the commercial vendors, who are doing it for money and can pay to have the code checked, for which you have at least some presumption of audit, but since they're closed- source you're not allowed to trust them.
Peter.
On Wed, 28 May 2014 19:45:06 -0400 Griffin Boyce <griffin@cryptolab.net> wrote:
My suspicion is that either they were hacked (and had their key stolen), or that they were ordered to shutdown and recommend Microsoft's (presumably backdoored) BitLocker as a replacement.
truecrypt.org redirects to this http://truecrypt.sourceforge.net/ Pretty crazy. Whoever the developers may be, after spending a good deal of effort on their project, now are licking MS' boots? It doesn't make sense.
BitLocker's enterprise documentation makes me *incredibly* suspicious that it is susceptible to monitoring by third-parties.
Even being embarrassed by whatever bugs the second phase audit uncovered wouldn't explain the sudden recommendation. And why not ecryptfs or ~literally anything else~ ?
Pardon my tinfoil hat.
~Griffin
looks a little too russian in the last entry to pass as true http://pgp.mit.edu/pks/lookup?op=vindex&search=0xE3BA73CAF0D6B1E0 On Thu, May 29, 2014 at 1:33 AM, Juan <juan.g71@gmail.com> wrote:
On Wed, 28 May 2014 19:45:06 -0400 Griffin Boyce <griffin@cryptolab.net> wrote:
My suspicion is that either they were hacked (and had their key stolen), or that they were ordered to shutdown and recommend Microsoft's (presumably backdoored) BitLocker as a replacement.
truecrypt.org redirects to this http://truecrypt.sourceforge.net/
Pretty crazy. Whoever the developers may be, after spending a good deal of effort on their project, now are licking MS' boots? It doesn't make sense.
BitLocker's enterprise documentation makes me *incredibly* suspicious that it is susceptible to monitoring by third-parties.
Even being embarrassed by whatever bugs the second phase audit uncovered wouldn't explain the sudden recommendation. And why not ecryptfs or ~literally anything else~ ?
Pardon my tinfoil hat.
~Griffin
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
Message du 29/05/14 03:35 De : "Juan" A : cypherpunks@cpunks.org Copie à : Objet : Re: is truecrypt dead?
On Wed, 28 May 2014 19:45:06 -0400 Griffin Boyce wrote:
My suspicion is that either they were hacked (and had their key stolen), or that they were ordered to shutdown and recommend Microsoft's (presumably backdoored) BitLocker as a replacement.
truecrypt.org redirects to this http://truecrypt.sourceforge.net/
Pretty crazy. Whoever the developers may be, after spending a good deal of effort on their project, now are licking MS' boots? It doesn't make sense.
Haven't you thought about maybe, just maybe, someone that doesn't like truecrypt because it got in the way of their investigations too many times, put the effort to hack sourceforge to then hijack truecrypt and other "undesirable" projects?
Message du 29/05/14 01:50 De : "Griffin Boyce" A : cypherpunks@cpunks.org Copie à : Objet : Re: is truecrypt dead?
My suspicion is that either they were hacked (and had their key stolen), or that they were ordered to shutdown and recommend Microsoft's (presumably backdoored) BitLocker as a replacement. BitLocker's enterprise documentation makes me *incredibly* suspicious that it is susceptible to monitoring by third-parties.
Even being embarrassed by whatever bugs the second phase audit uncovered wouldn't explain the sudden recommendation. And why not ecryptfs or ~literally anything else~ ?
Pardon my tinfoil hat.
~Griffin
If you are still using proprietary software at this point, you deserve everything bad that will come to you, sorry.
Message du 28/05/14 22:26 De : "J. Tozo" A : cypherpunks@cpunks.org Copie à : Objet : Fwd: is truecrypt dead?
Is anyone aware of what is happening to truecrypt project?
from their site:
"The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform."
" -J
Some well-funded state actors first hijacked sourceforge and used what they dug up to stop some projects which they deemed problematic to their careers.
On 2014-05-29 06:21, J. Tozo wrote:
Is anyone aware of what is happening to truecrypt project?
from their site:
"The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform."
" -J
The trouble is, on past performance (Skype) Microsoft has put a back door in their encrypted disks.
Guys, dont you see? Тhis is pure provocation! Or the developer was caught by the NSA or... "Lavabit 2" .... But it does not mean that the previous versions are baaaad or that we should move on microsoft-NSA program bitlocker. Its a 100% backdored! And this is the biggest CLUE that either тхис message was written by the NSA guys, or there is a great pressure on the developer. And this is how he says that to us. Dont panic. Keep using the last version 7.1 and DONT switch to newer version of truecrypt, if it comes out now.
Hi, just for info, TrueCrypt is being audited, and phase 1 report is quite good. Phase 2 is being conducted right now, and it is on the formal cryptanalysis, which is actually more easy to check than phase 1. Please see: - http://istruecryptauditedyet.com/ - https://opencryptoaudit.org/reports/ Summary: During this engagement, the iSEC team identified eleven (11) issues in the assessed areas. Most issues were of severity Medium (four (4) found) or Low (four (4) found), with an additional three (3) issues having severity Informational (pertaining to Defense in Depth). Overall, the source code for both the bootloader and the Windows kernel driver did not meet expected standards for secure code. This includes issues such as lack of comments, use of insecure or deprecated functions, inconsistent variable types, and so forth. ... The team also found a potential weakness in the Volume Header integrity checks. Currently, integrity is provided using a string (“TRUE”) and two (2) CRC32s. The current version of True-Crypt utilizes XTS2 as the block cipher mode of operation, which lacks protection against modification; however, it is insufficiently malleable to be reliably attacked. The integrity protection can be bypassed, but XTS prevents a reliable attack, so it does not currently appear to be an issue. ... Finally, iSEC found no evidence of backdoors or otherwise intentionally malicious code in the assessed areas. The vulnerabilities described later in this document all appear to be unintentional, introduced as the result of bugs rather than malice. So I bet their website was hacked. Anyway, I would be very careful downloading any binary from their website and would not trust the signatures. Regards, Matej
Matej Kovacic <matej.kovacic@owca.info> writes:
just for info, TrueCrypt is being audited, and phase 1 report is quite good.
No, no it wasn't. Here's the report:
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_Tru...
Take a minute to read it, I'll wait. Pay particular attention to pages 11 and 12, where they define the severity classes. Having a "Medium" severity vulnerability means:
Individual user's information at risk, exploitation would be bad for client's reputation, moderate financial impact, possible legal implications for client
So when they state that there are no less than *four* vulnerabilities that they found in this class, that is *far from quite good*. Thankfully, three of them are classified as difficulty: high to exploit, but the "Weak Volume Header key derivation algorithm" is only difficulty: medium, which referring again to pages 11 and 12 is quite exploitable.
Message du 29/05/14 08:04 De : " Александр " A : cypherpunks@cpunks.org Copie à : Objet : Re: Fwd: is truecrypt dead?
Guys, dont you see? Тhis is pure provocation!
Or the developer was caught by the NSA or... "Lavabit 2" ....
But it does not mean that the previous versions are baaaad or that we should move on microsoft-NSA program bitlocker. Its a 100% backdored! And this is the biggest CLUE that either тхис message was written by the NSA guys, or there is a great pressure on the developer. And this is how he says that to us.
Dont panic. Keep using the last version 7.1 and DONT switch to newer version of truecrypt, if it comes out now.
If anybody has got the sources for version 7.1, he could post it to make a fork and continue developing. Given the number of people that use truecrypt, resurrecting the project seems a good thing.
A 7.1a fork: https://github.com/warewolf/truecrypt Att, - Gutem ------------------------------------------------------------------------------------------- Registered Linux User: 562142 2014-05-29 9:07 GMT-03:00 <tpb-crypto@laposte.net>:
Message du 29/05/14 08:04 De : " Александр " A : cypherpunks@cpunks.org Copie à : Objet : Re: Fwd: is truecrypt dead?
Guys, dont you see? Тhis is pure provocation!
Or the developer was caught by the NSA or... "Lavabit 2" ....
But it does not mean that the previous versions are baaaad or that we should move on microsoft-NSA program bitlocker. Its a 100% backdored! And this is the biggest CLUE that either тхис message was written by the NSA guys, or there is a great pressure on the developer. And this is how he says that to us.
Dont panic. Keep using the last version 7.1 and DONT switch to newer version of truecrypt, if it comes out now.
If anybody has got the sources for version 7.1, he could post it to make a fork and continue developing. Given the number of people that use truecrypt, resurrecting the project seems a good thing.
| | Could this non-notice be a Lavabit/Silent Circle type announcement/warning? | We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure. --dan
On May 30, 2014, at 4:56 AM, dan@geer.org wrote:
| | Could this non-notice be a Lavabit/Silent Circle type announcement/warning? |
We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure.
--dan
A deadman switch for NSL alerts would make for an interesting case. Would a judge rule that you had “spoken” about the NSL by failing to send the keep-alive messages, thus compelling you to continuously speak the lie that you have not received one? -- Lance Cottrell loki@obscura.com
I recall hearing of exactly that occurring, yes. The secret police can not only force you not to speak, but to publicly declare everything is fine. On 30 May 2014 14:44:32 GMT+01:00, Lance Cottrell <loki@obscura.com> wrote:
On May 30, 2014, at 4:56 AM, dan@geer.org wrote:
| | Could this non-notice be a Lavabit/Silent Circle type
announcement/warning?
|
We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure.
--dan
A deadman switch for NSL alerts would make for an interesting case. Would a judge rule that you had “spoken” about the NSL by failing to send the keep-alive messages, thus compelling you to continuously speak the lie that you have not received one?
-- Lance Cottrell loki@obscura.com
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Fri, May 30, 2014, at 11:44 PM, Lance Cottrell wrote:
A deadman switch for NSL alerts would make for an interesting case. Would a judge rule that you had “spoken” about the NSL by failing to send the keep-alive messages, thus compelling you to continuously speak the lie that you have not received one?
Have NSLs held up in court against the First Amendment? Alfie -- Alfie John alfiej@fastmail.fm
On Sat, 31 May 2014 00:05:19 +1000, Alfie John said:
Have NSLs held up in court against the First Amendment?
They've been ruled unconstitutional at least twice I know of (Doe v. Gonzales in 2008 which was overturned, and last year in the 9th Circuit but the judged then stayed her own ruling in anticipation of an appeal for either an en banc hearing in the 9th Circuit or to the Supreme Court). However, given the current makeup of the Supreme Court, we probably *don't* want it getting appealed there and a bad precedent ruling be issued.
From: Lance Cottrell <loki@obscura.com> On May 30, 2014, at 4:56 AM, dan@geer.org wrote:
| Could this non-notice be a Lavabit/Silent Circle type announcement/warning? We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure. --dan A deadman switch for NSL alerts would make for an interesting case. Would a judge rule that you had “spoken” >about the NSL by failing to send the keep-alive messages, thus compelling you to continuously speak the lie >that you have not received one? Lance Cottrell loki@obscura.com
It would be a very interesting test case. I would say it shouldn't happen, but a lot of outrages occur. Another version might be where an American company informs its foreign law firm of the status of the court order; the foreign law firm has a long-standing practice (contracted by the American company) of publishing the status of the NSL-status remotely. The (American) judge would not have any jurisdiction over the foreign law firm to order it to (falsely) claim that no NSL order had arrived at the American company. At that point, the question will be, "Can a judge order an American company to not inform its foreign law firm of relevant information (an NSL order), solely because if it did, the foreign law firm will adjust its publication of an announcement?" Jim Bell
On Fri, 30 May 2014 06:44:32 -0700 Lance Cottrell <loki@obscura.com> wrote:
On May 30, 2014, at 4:56 AM, dan@geer.org wrote:
| | Could this non-notice be a Lavabit/Silent Circle type announcement/warning? |
We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure.
--dan
A deadman switch for NSL alerts would make for an interesting case. Would a judge rule that you had “spoken” about the NSL by failing to send the keep-alive messages, thus compelling you
Why not? Compulsion is their business model.
to continuously speak the lie that you have not received one?
-- Lance Cottrell loki@obscura.com
sort of like the; “We have not received a NSL today” notice… /bill Neca eos omnes. Deus suos agnoscet. On 30May2014Friday, at 4:56, dan@geer.org wrote:
| | Could this non-notice be a Lavabit/Silent Circle type announcement/warning? |
We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure.
--dan
I think the closest you could come would be a publicised mail intercept to catch posted demands and prevent you from stopping yourself revealing the letter, but that would not stop personally issued orders unless you went full-on-offshore-backup glasshole and streamed your entire conscious experience..in which case they'll just NSL another dev or invent a new charge of "preemptive obstruction" to put you in prison. When discussing fascism, stop imagining that you can game the letter of the law. It's already constitutional that freedom of speech cannot be prevented except to prevent immediate, tangible harm to others. NSLs are already blatantly illegal, stop looking for loopholes and workarounds. If you want to challenge them, publish one on your blog and say "sue me, let's see what the supreme court says". Or, don't. Middle measures are doomed to fail or backfire in undefined ways. On 30 May 2014 15:22:24 GMT+01:00, manning bill <bmanning@isi.edu> wrote:
sort of like the; “We have not received a NSL today” notice…
/bill Neca eos omnes. Deus suos agnoscet.
On 30May2014Friday, at 4:56, dan@geer.org wrote:
| | Could this non-notice be a Lavabit/Silent Circle type
announcement/warning?
|
We need, somehow, a safe word for such projects. Presumably one that is triggered by a failed keep-alive. This has been discussed before variously, but it may be an idea whose time has come. Design will require choices between false alarms and silent failure.
--dan
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Dnia piątek, 30 maja 2014 07:22:24 manning bill pisze:
sort of like the; “We have not received a NSL today” notice…
Wait, this is actually much better than the standard canary "We have not received NSL yet". In the standard canary case, a court can supposedly order you to lie. But with such a short-lived (one-day) message of "We have not received an NSL during the last 24 hours", published via RSS, a third-party could set-up a monitoring website that automagically federates any such "canary feed", and as soon as any of them has a single day of lack of suck message just mark it as "possibly received NSL on <date>", or even "did not confirm that did not receive an NSL on <date>". The person that received the NSL can then be forced to keep publishing the "We have not received NSL today" message, but the signal has been sent already, and there would have to be a yet another NSL to the federation service operator. Bonus: the NSL can even make the original addressee publish "We have never received an NSL", which would be even a stronger signal. If there are several such operators, this becomes more and more non-trivial. Thoughts? -- Pozdr rysiek
On Fri, 2014-05-30 at 23:25 +0200, rysiek wrote:
Thoughts?
When are smart people going to realize there is nothing legal you can do to disclose receipt of an NSL, no matter how big your Rube Goldberg machine is, and act accordingly? -- Sent from Ubuntu
Ted Smith <tedks@riseup.net> writes:
When are smart people going to realize there is nothing legal you can do to disclose receipt of an NSL, no matter how big your Rube Goldberg machine is, and act accordingly?
The problem is that technically smart people aren't legally smart, and think that a court/judge can be stymied with a modexp operation. You can't really convince them that the law will get at them eventually, no matter how fancy they make their Rube Goldberg machine. Peter.
grarpamp writes: | > Thoughts? | | All moot. When someone walks into your office and hands | you a letter you have two choices... operate according to | their whim. Or publish the damn letter with whatever | redactions or lack thereof you feel are appropriate. Is it really your position that one's choice is to either emulate Mohamed Bouazizi or acquiesce? I will not do design off the cuff on a mailing list, but I'm certain that a steganographic keep alive is designable. If you (for all values of you) want to continue in the actual direction of design, I'll join with you in that. I have zero free time and I am not a crypto mathematician, but I can offer one tool (or so I think): http://geer.tinho.net/geer.yung.pdf wherein Moti and I show that it is possible to encode any arbitrary monotone logic in the structure of split keys. As always, I assume this list is monitored. Likewise, I assume that any technologic solution is both temporary and second best to the diminishment of government, per se. --dan
As people have said, there's no point in fancy contraptions. You either got the letter or you didn't. Whatever means you let that be known doesn't matter, the observed result has exactly the same meaning as holding it up on the street would.
Is it really your position that one's choice is to either emulate Mohamed Bouazizi or acquiesce?
The degree of redaction is up to you. But if your object is to test issues, you probably won't get far by just speaking 'yes or no you got one' on a soapbox. ie: The stupid rounded numbers self-reporting game yahoo, ms, gmail are playing with nsl counts.
The question is not whether or not you can securely disclose that you are under NSL. The question is whether you can do so without, when the word breaks, being in trouble for leaking that information. So yes, you can establish all sorts of wonderful contraptions that "get the word out", publicly or privately, on or off-shore, so that the people outside can disseminate warnings that you've been compromised. But in the end, the stasi will blame you, and no matter how much cooked-up legal convolution you wrap yourself in, they will nail you to a cross. My view is that engaging in such convolutions serves two counterproductive ends: 1) It makes it seem as if you acknowledge that you should not be disclosing the NSL; a Jury, if you were so lucky and were actually allowed to testify before them in your defence (lol Grand Jury) would be suspicious of your motives. Why all the cloak-and-dagger? It's easy for the prosecution to make you seem shady and suspicious for acting in that way. 2) It delays your disclosure and allows the stasi time and opportunity to preempt and prevent your disclosure entirely. Also, @Grarpamp; you're an optimist, clearly. The US may be exhausting political capital fast, but it has plenty of political capital, and plenty of economic capital to back that up when it fails. In the end, they'll get you unless you're big enough to occupy international attention and get a state-level ally to protect you. The only two people to even partially escape persecution so far are holed up under the protection of state-level adversaries of the US, and even they are still at significant risk. On 31/05/14 03:46, dan@geer.org wrote:
grarpamp writes: | > Thoughts? | | All moot. When someone walks into your office and hands | you a letter you have two choices... operate according to | their whim. Or publish the damn letter with whatever | redactions or lack thereof you feel are appropriate.
Is it really your position that one's choice is to either emulate Mohamed Bouazizi or acquiesce?
I will not do design off the cuff on a mailing list, but I'm certain that a steganographic keep alive is designable. If you (for all values of you) want to continue in the actual direction of design, I'll join with you in that. I have zero free time and I am not a crypto mathematician, but I can offer one tool (or so I think):
http://geer.tinho.net/geer.yung.pdf
wherein Moti and I show that it is possible to encode any arbitrary monotone logic in the structure of split keys.
As always, I assume this list is monitored. Likewise, I assume that any technologic solution is both temporary and second best to the diminishment of government, per se.
--dan
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
From: Cathal Garvey <cathalgarvey@cathalgarvey.me>
The question is not whether or not you can securely disclose that you are under NSL. The question is whether you can do so without, when the word breaks, being in trouble for leaking that information. So yes, you can establish all sorts of wonderful contraptions that "get the word out", publicly or privately, on or off-shore, so that the people outside can disseminate warnings that you've been compromised. But in the end, the stasi will blame you, and no matter how much cooked-up legal convolution you wrap yourself in, they will nail you to a cross.
Generally, legally agents of a corporation cannot conspire with each other. (Google: 'corporation cannot conspire with itself' https://www.google.com/#q=corporation+cannot+conspire+with+itself ) Therefore, one possible tactic for a corporation that receives an NSL is to deliver a copy of that NSL letter to each of its employees, including employees of all subsidiaries, naturally with a stern letter that they not disclose that to anyone else! Obviously, that news will leak. The government will 'know' that somebody, probably within the corporation, did the leak. But given the size of the typical telecommunications company (thousands of employees), the actual source(s) of the leak(s) will be unknown. Prosecution of any specific corporate employee will be difficult without very detailed evidence. The issue will arise: Can a corporation legally deliver a copy of that NSL to each employee? Well, each employee would probably be 'imputed' (legally assumed) to know of such an order, even if they did not actually know of it. Since they are legally obliged to comply with that order, it would be grotesque to not allow them to become actually aware of that specific order. I think in the end the courts would have to agree that a corporation is entitled to inform each of their employees of the existence and content of the NSL. Jim Bell
On Sat, May 31, 2014 at 2:53 PM, jim bell <jamesdbell9@yahoo.com> wrote:
https://www.google.com/#q=corporation+cannot+conspire+with+itself deliver a copy of that NSL letter to each of its employees Obviously, that news will leak. Prosecution of any specific corporate employee will be difficult without very detailed evidence.
As in the search results... whoever was leaking employee is irrelevant, the employee is the corp. If an employee cannot be found *and* successfully treated separately from the corp, the corp will take the fall for the leak. The leak is out there, but the corp dies of negligience or something, rather than from a stand up principled fight. That's not a win.
The issue will arise: Can a corporation legally deliver a copy of that NSL to each employee?
Probably depends on how the letter is worded / addressed. The default sense in absense of such restrictions would seem to be yes. Find bitcoin accepting lawyer to do construction/opinion for cpunks list.
corp will take the fall for the leak. The leak is out there, but the corp dies of negligience or something, rather than from a stand up principled fight. That's not a win.
"Halt and catch fire" is a pretty good defense, I think. It's why Lavabit shut down, after all; it is *better* to crash and burn than become a cog of oppression. On 01/06/14 06:03, grarpamp wrote:
On Sat, May 31, 2014 at 2:53 PM, jim bell <jamesdbell9@yahoo.com> wrote:
https://www.google.com/#q=corporation+cannot+conspire+with+itself deliver a copy of that NSL letter to each of its employees Obviously, that news will leak. Prosecution of any specific corporate employee will be difficult without very detailed evidence.
As in the search results... whoever was leaking employee is irrelevant, the employee is the corp. If an employee cannot be found *and* successfully treated separately from the corp, the corp will take the fall for the leak. The leak is out there, but the corp dies of negligience or something, rather than from a stand up principled fight. That's not a win.
The issue will arise: Can a corporation legally deliver a copy of that NSL to each employee?
Probably depends on how the letter is worded / addressed. The default sense in absense of such restrictions would seem to be yes.
Find bitcoin accepting lawyer to do construction/opinion for cpunks list.
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
Dnia sobota, 31 maja 2014 14:53:43 Cathal Garvey pisze:
The question is not whether or not you can securely disclose that you are under NSL. The question is whether you can do so without, when the word breaks, being in trouble for leaking that information.
So yes, you can establish all sorts of wonderful contraptions that "get the word out", publicly or privately, on or off-shore, so that the people outside can disseminate warnings that you've been compromised. But in the end, the stasi will blame you, and no matter how much cooked-up legal convolution you wrap yourself in, they will nail you to a cross.
My view is that engaging in such convolutions serves two counterproductive ends: 1) It makes it seem as if you acknowledge that you should not be disclosing the NSL; a Jury, if you were so lucky and were actually allowed to testify before them in your defence (lol Grand Jury) would be suspicious of your motives. Why all the cloak-and-dagger? It's easy for the prosecution to make you seem shady and suspicious for acting in that way.
2) It delays your disclosure and allows the stasi time and opportunity to preempt and prevent your disclosure entirely.
Good points, thanks. -- Pozdr rysiek
Well, this happened: https://www.grc.com/misc/truecrypt/truecrypt.htm - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Steven Barnhart (@stevebarnhart) wrote to an eMail address he had used before and received several replies from “David.” The following snippets were taken from a twitter conversation which then took place between Steven Barnhart (@stevebarnhart) and Matthew Green (@matthew_d_green): TrueCrypt Developer “David”: “We were happy with the audit, it didn't spark anything. We worked hard on this for 10 years, nothing lasts forever.” Steven Barnhart (Paraphrasing): Developer “personally” feels that fork is harmful: “The source is still available as a reference though.” Steven Barnhart: “I asked and it was clear from the reply that "he" believes forking's harmful because only they are really familiar w/code.” Steven Barnhart: “Also said no government contact except one time inquiring about a ‘support contract.’ ” TrueCrypt Developer “David” said: “Bitlocker is ‘good enough’ and Windows was original ‘goal of the project.’ ” Quoting TrueCrypt Developer David: “There is no longer interest.” - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- Pozdr rysiek
participants (28)
-
Alfie John -
Andy Isaacson -
Bernard Tyers -
Cari Machet -
Cathal (phone) -
Cathal Garvey
-
dan@geer.org -
David -
grarpamp -
Griffin Boyce -
Gutem -
J. Tozo -
James A. Donald -
jim bell -
Juan -
Lance Cottrell -
manning bill -
Matej Kovacic -
Peter Gutmann -
Robbie Harwood -
rysiek -
Shawn K. Quinn -
shelley@misanthropia.info -
taxakis -
Ted Smith -
tpb-crypto@laposte.net -
Valdis.Kletnieks@vt.edu -
Александр