True Crypt is Not Secure

newer
US Gov Orders Internet To Rat Out...

older
Best court document you've read in...

Yush Bhardwaj

24 Jul 2015 24 Jul '15

2:46 p.m.

BitLocker is better or I should try something else ? WARNING: Using TrueCrypt is not secure http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur... http://truecrypt.sourceforge.net/ *Yush Bhardwaj*

Attachments:

attachment.html (text/html — 1.2 KB)

Show replies by date

Markus Ottela

24 Jul 24 Jul

3:17 p.m.

What the warning by developers means is, in the event a vulnerability would be found in Truecrypt, no one would be there to fix it. Except for the entire open source community who would publish dozens of articles "here's how to fix the vulnerability in source code before recompiling it" accompanied with warnings "doing this breaks the truecrypt licence". This is true, and you might be in trouble in case the anonymous developers want to stop being anonymous and prosecute you across different jurisdictions. So, unlikely. Also read these: http://istruecryptauditedyet.com/ http://blog.cryptographyengineering.com/2015/04/truecrypt-report.html https://www.grc.com/misc/truecrypt/truecrypt.htm I heard TC uses insufficiently low iteration count for PBKDF2? -- this doesn't change the fact a high entropy passphrase (>128bits) remains unbreakable in feasible time. On 24.07.2015 17:46, Yush Bhardwaj wrote:

...

BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur...

http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

Stephen D. Williams

3:19 p.m.

Keep reading. As far as I know (and I've not paid diligently close attention to further developments after the aftermath died down, so please update my statements), the consensus is that that last update and the tongue-in-cheek directive to use Bitlocker was likely a warrant canary, i.e. they could no longer be independent and uncompromised so they burned the project, staying legal while upholding principles. However, shortly thereafter others have taken the previous public open source version, forked it, in some cases begun (and maybe finished) an audit of the code. The results of those should be usable as secure with some degree of confidence. YMMV. sdw On 7/24/15 7:46 AM, Yush Bhardwaj wrote:

...

BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur...

http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

Seth

3:24 p.m.

On Fri, 24 Jul 2015 07:46:03 -0700, Yush Bhardwaj wrote:

...

BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur...

http://truecrypt.sourceforge.net/

Assuming that the platform is Windows since you mentioned BitLocker, try DiskCryptor [1] [1] https://diskcryptor.net/wiki/Main_Page

Razer

3:35 p.m.

I believe there's a fork of Truecrypt called Veracrypt that IS being audited despite the fact that recent checkups on Truiecrypt show it to still be 'secure'. RR =-=-=-=-=-=- HTML removed on GP -=-=-=-=-=-=-=

The Doctor

6:34 p.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/24/2015 08:35 AM, Razer wrote:

...

I believe there's a fork of Truecrypt called Veracrypt that IS being audited despite the fact that recent checkups on Truecrypt show it to still be 'secure'.

Earlier this year I spent some time talking shop with the Veracrypt developers. My takeaway from that afternoon is that they're aiming to get as many bugs shaken out as possible and update the runtime disk encryption code for newer operating system releases. I also recall discussing third party audits of their codebase, but at the time I didn't have any suggestions for anyone to contract for that purpose. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ 10101110101111101001help i'm trapped in a bit factory01110101011010001010 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVsoUWAAoJED1np1pUQ8RkyZUP/i7Snnn2ygu/F5Px/riPeAiy NBe8LFYawE0LEX2QZ7FlFNNgU/jNutFEVsPJw3DxiaSTn/yYYqqZGUvPLIn6FrML fPNLrVa4mU70JtuQkG4y6kabVl0HhR/98EnixBhz289k+MBBJJLQXViAMaoJsfMu 2tl1g/SQPUYA8SB7ZR5b4Va+tRq+YXFWejo/usUila+zjaaLort+KoHbzVfS8kyR KmDF18BoZDlhpum5dJv5vQ0r4XBEolviFacjlTguOqzQhdyzxpU+5BJKvHbGcJhA YWRDQClLxZiK0h/BHd/aR6gXEyVWiNkhdAOZlW4fSbMkovC1oEKcY4DaM9GE+JEc oIQWf8NJ+4itLeJAFGwbwAcWKehZtkMw1ldblr5VUJElIogAxjg97hWITygtLjRy uYSWysxBz+LlNpspCbKtZFivreLqdQ5OSBNNltk6opu92l4uktWcLzVMlYyYkkl5 TZXTgs9gkY8gUkpL7Vl7Xw6rOphMFpqsKzP0A17/Y8gjwqg4LQmcdRjqA/e8h4dw 9UYa8iQtCx1gSA9znb8a2GQT52BArQw2Y2i7o119jVLESA79QTR1NV0iUOOHrGVg z9HA+ZUbIjqZ/15lrheBrgIDovdLtrrroOAdu6CQhd0hPCx9PJDcyOdKBTq93OZ0 aIPipzQnisRvEh7b5ATn =+rZm -----END PGP SIGNATURE-----

Sharif Olorin

3:47 p.m.

...

BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

TrueCrypt has been audited[0] and come through relatively unscathed; I'd trust it over a Microsoft product I'd need to disassemble to examine any day. Of course, in reality I just use dm-crypt. [0] https://opencryptoaudit.org/ -- OpenPGP: 6FB7 ED25 BFCF 3E22 72AE 6E8C 47D4 CE7F 6B9F DF57

grarpamp

28 Jul 28 Jul

9:04 p.m.

...

TrueCrypt has been audited[0] and come through relatively unscathed; I'd trust it over a Microsoft product I'd need to disassemble to examine any day.

You may trust your opensource code but would still need to disassemble and audit any critical and closed windows libs and system interfaces you compile against, let alone run in / under. This is the trouble with closed platforms. You have some luck with open unix, but the luck buck currently stops at the iron and the hardware is getting worse. And we don't have any open fabs on the horizon to solve it. This is BAD.

oshwm

10:40 p.m.

...

...
TrueCrypt has been audited[0] and come through relatively unscathed; I'd trust it over a Microsoft product I'd need to disassemble to examine any day.

You may trust your opensource code but would still need to disassemble and audit any critical and closed windows libs and system interfaces you compile against, let alone run in / under. This is the trouble with closed platforms. You have some luck with open unix, but the luck buck currently stops at the iron and the hardware is getting worse. And we don't have any open fabs on the horizon to solve it. This is BAD. -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1

iQI7BAEBCgAlBQJVuAT2Hhxvc2h3bSA8b3Nod21Ab3Blbm1haWxib3gub3JnPgAK CRAqeAcYSpG1iCCOD/0YW09ajR9GYClZ4eD4bbwxvjBbe7AfhBDurbFYiMm07dM5 wRtbjeheWOLFjBWHVGWFaA7TnUN+z2qAvPqzvJzRXu78tBOXtNtgXh7Ey541Z836 mONsRDeuD7EHOxy4RN/bNsqIanWGUjgAfpuaP7hcgMNF5R2ihcWli2Fl7kdfgv1H 6mFqoMB20NDUetIRqJlr4T8yyRJk3GuRi1netkHL1AW/VAvXECD3HCz3Hj2hAwXK lKqA2XHFYoZkhdD6/vWTqe8wtiUNd5ICjU5RxqVLbqpQzlnliKARKQpPcKCqTiFZ BMcPSQHsNKyulGEgZsphXg33edvBoUcud5+a+mE4Cn2UleHbgm3bp/X0P6vBcXv9 A46PlHAEuO+DJaGX3Ophg4yCmC6d97tN2xOQv1lfuJGF5hytPJpDcQQbZDwg0Lxw T69cl16rQe0lZO/6lXxkOLRo8iex6DEtP98fEEdbvmJyC49SKWEZVGq9663J+ZwI Qmry6ob1JbKnz9MwlroOm6jGdQZ08sM+1wQzA6hONo0MGhi8ZbKSKjIhumr5TQVy gHp1FFojxVUctsfTGneHNo8tvk2WJRzezNiH/cLJ41A6yYPVVOyASlxT2tkn9DlO h0NIDD4UH9juHLDOvdNK4BNKWdDV7khP6bGYx/NwV2RVHys8HhpX+NPq+QeZbw== =3fLH -----END PGP SIGNATURE-----

Seth

11:22 p.m.

On Tue, 28 Jul 2015 15:40:55 -0700, oshwm wrote:

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D

My understanding is that the capital costs involved with building and operating a chip fabrication plant are astronomical, although the situation may be getting better. [1] [1] http://spectrum.ieee.org/semiconductors/design/the-new-economics-of-semicond...

jim bell

29 Jul 29 Jul

12:15 a.m.

From: Seth On Tue, 28 Jul 2015 15:40:55 -0700, oshwm wrote:

...

...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

...
So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D

...

My understanding is that the capital costs involved with building and operating a chip fabrication plant are astronomical, although the situation may be getting better.

...

http://spectrum.ieee.org/semiconductors/design/the-new-economics-of-semicond... Even 30 years ago, there were custom fabs that were designed to allow small organizations to get chips fabbed. This may be one of the modern version of them: http://www.globalfoundries.com/manufacturing/manufacturing-overview In the mid 80's, they typically purchased older fabs (not state of the art) and allowed small companies to prototype their semiconductor designs. Today, some of them apparently do near-state-of-the-art production. Jim Bell

Steve Kinney

1:34 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/28/2015 07:22 PM, Seth wrote:

...

On Tue, 28 Jul 2015 15:40:55 -0700, oshwm wrote:

...
So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D

My understanding is that the capital costs involved with building and operating a chip fabrication plant are astronomical, although the situation may be getting better. [1]

[1] http://spectrum.ieee.org/semiconductors/design/the-new-economics-o f-semiconductor-manufacturing

...

a market is willing to pay enough to support and grow the project, it can be done. Are there potential partners and large scale consumers for "top security through total transparency" to make an open hardware project viable today? One potential route would be to broker a deal to pool the resources of specialty hardware integrators who already have a market base for high security "solutions." The Open Office project pulled off something similar years ago, obtaining major funding and support from IBM and others who wanted Microsoft out of their hair. So, who wants a shot at defending some of their digital assets from outfits like NSA and GHCQ, badly enough to pay for it? The first place I would start shopping this "crypto anarchist" project around would be State security services - pretty much any small to mid-sized outfit not in BRICS or FVEYE could be a potential market for auditable scrambler phones for military commanders, senior elected officials, diplomatic corps and double-nought spies. From there to high performance servers and workstations would be a natural progression. I haven't looked at how the Black Phone folks are doing lately, but that looks like the kind of product line where open hardware might find its first viable home. Another consideration: One needs not necessarily own the facility where the chips are made: ISO quality assurance programs already in place support client access for audit and validation. A contract that specifies the client's intrusive presence during every phase of production and handling would cost extra, but a QA process that assumes the presence of hostile actors on the shop floor is definitely possible. Such a process would also be needed at a dedicated facility: One must assume the presence of hostile actors there, too. :o) Steve -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVuC2NAAoJEDZ0Gg87KR0LBwoQAIJfgVPARltMa8b/sMMnpe3G IO4aJd65b/24P6zLvngnpb+uy1Lo/7JwbWc2bNY6lbCEEUVRiZHYywSPeRvMf7zu T1WZzZnBVvCMv7m/3rO1J3g+6ImvX0bCvbrn3yi2W14J1K4cBYOFJ9f0yYFH2rPi HTL7Zboraazm4s3isgk5KJq2dIO69eXUartrGoVDuTzeO/L3nKNVCn262b3HdmGe UyFamR25s8sY10y8BLnerRqOlWM2ZDdsKtbycyz73igfUDVlx3t+0KAWNMI59JDc AumjXP+WqNexU0/Cm244hcu6hEEtsexBUAHzdy3l148YPoRbB8ZkZyhyRCCvz48U T2F6eGJMy0ACv5pfOBB4WmRgYGlQzscMPJkGYGOyz1iOhCb1fc+06nDGF8mwsrqp FI8MVumrVr2WE6jW4cX13dQ7x0RRzZzL3tBbPJ0I2c9Nz4MvkDe9pAZHFGQPiMHv Prw+MjWBsmAOIKmKCGKA3b41JY8SX6OXGTarjenyfic1QcmhsyEUkXzhfIGUD0+6 8TDKxamo57NZXNueNkaJdS/zb4sdyfRHR1WzsbQziqB3b/2OYoq6CmIM8mAUZXm1 6jKF5FENIvIx9JOxA4l2tBTZgWzEb5WaNVi0Ok4qs4ilKaYEEnvk2p8eatnZFX56 Jqg+hScNrbW8tVfQWS/9 =hdOW -----END PGP SIGNATURE-----

rysiek

8:20 a.m.

Dnia wtorek, 28 lipca 2015 21:34:07 Steve Kinney pisze:

...

If a market is willing to pay enough to support and grow the project, it can be done. Are there potential partners and large scale consumers for "top security through total transparency" to make an open hardware project viable today?

Yes. And there are ways to create a market like that, albeit it takes time.

...

(...) I haven't looked at how the Black Phone folks are doing lately, but that looks like the kind of product line where open hardware might find its first viable home.

Funny you should ask: http://www.theinquirer.net/inquirer/news/2402536/us-department-of-defence-ad... :) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147

The Doctor

4:52 p.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/28/2015 03:40 PM, oshwm wrote:

...

So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D

The closest I know to that is Jeri Ellsworth, who's at the point of fabbing her own discrete transistors in a homebrew semiconductor foundry. If she's still working on this project, she's probably a bit closer but I haven't spoken to her about it. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Pills for breakfast. I'm so science fictional." --Doktor Sleepless -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVuQS5AAoJED1np1pUQ8RkUnMP+QHfeonmhYgU8gBamP1A6ykB VzCqWRV3bYrRRrwLf5madzIf/1sOEG3qy32AL9R6yk5V2hjuL9OI2Kwks0yNVF0f iKoq/r8gmP8U5XIG8ooZQlgn7/jnkOH/CJu5lGR9fEl98re88mIlQcXYqYt4mFnz mpJZ/JujWN6tiuqUwZR7TjFE8q7LbwdNOfK689b8OFJT1627lvccImmXme1wITZO qdjmo9pMOriBxcZmHLfQkFR7faWrCaNdsaiR0EuhXcMtF/mXoDmwW58VxkbasjXM lc4RaZv2as4qamH8mTGhPiKzC5EY3BMWrzfqiQSt7/mABnz19CL5uCicdK5GVwh3 vlNikIuN1uqG1jQhQhVHBHWkJf/MPeMW8c2lb9F7C7cQc8dKNZ15spY+GSOdXTMU a5mJzl+dGfz039l++h11o74bMoJEnf3Xd/J9c26IJ1UtlFVw+Bw1OhNYDQejM0QZ 5HYVl5g+capGqfcYgcqam6yyQLnS7iU0Mr/zXPIoZ3w6WI2o6af6oChBlyulQ/LC H7nHUqNrq6DUuLe4/DBU+/dOz4o75+l8bwTF3WKaKbRQSCKPg4KoXRYLv4yuKMaV itJV9hnLf3wUQOlPBuqNsIGjIyZL8PNeo2XdUHBKiVPWR+YlJ7O6Ewve5gS0LEbU aWK9Ql9/QSYrSHYuwgdr =l9HE -----END PGP SIGNATURE-----

odinn

30 Jul 30 Jul

3:09 a.m.

...

So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D

On 28 July 2015 22:04:38 BST, grarpamp wrote:

...
...
TrueCrypt has been audited[0] and come through relatively unscathed; I'd trust it over a Microsoft product I'd need to disassemble to examine any day.

...
You may trust your opensource code but would still need to disassemble and audit any critical and closed windows libs and system interfaces you compile against, let alone run in / under. This is the trouble with closed platforms. You have some luck with open unix, but the luck buck currently stops at the iron and the hardware is getting worse. And we don't have any open fabs on the horizon to solve it. This is BAD.

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVuZV8AAoJEGxwq/inSG8CJe4IAIoiXmWUb5dH+4w28x+qySYg aHLUJ66gJtlEudG6B5U9ukXZGBWq2tkz1GZnAtpQAnZyjyJdZmj5k8yVpXV/S08b IG2LzASyuf3hcEjeVMnMARKMM9PYjtVIBwMIKVviTOpK3AxM2buu7ZVaiBBOO0I1 tgL3wqAhtFwyU+R7voxoW1ObLMBXzYzggqEFKXTyY5b2rwAQylmmswIwr+wvKDm1 dHFueGYQg2uOXzsEssRPE6ByZ7h5HLtw0Tdd8k28BIMCQKc4VlctbA0kpcFKZN2p rHojiIiwqnNEgQfAlplIAuCuYtP39fGPnOH6zeNIFPs8Xn3/eDZVdgcsavwoSMk= =ngQq -----END PGP SIGNATURE-----

odinn

25 Jul 25 Jul

12:14 a.m.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I thought that this was already answered long ago... but it keeps
getting brought up from time to time.

For what I consider to be the definitive answer on why you should not
use TrueCrypt and what alternatives to it are, see:

http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implement
ations

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend
cryptsetup, the "Swiss Army Knife of Disk Encryption."  In any event,
you'll definitely want to check out this:
https://github.com/bwalex/tc-play

Should be helpful.

- -O



On 07/24/2015 07:46 AM, Yush Bhardwaj wrote:
> BitLocker is better or I should try something else ?
> 
> WARNING: Using TrueCrypt is not secure
> 
> 
> http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not
- -secure/
>
>  http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ 
> /* */ /*Yush Bhardwaj*/
> 

- -- 
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVstT8AAoJEGxwq/inSG8C1OcH/1NWAA7Kmzqz5CcYs40j3Oe8
v19Wpvn6QzlqFwNxdFvxSV4c8QWUDdCtD+XBoAVby65lsDwm9x+Nd3ka0fEEep0a
ssJHeeHHrNE7V7ijL8gWdZOGH9fa6mNjIEXFuRCywCaMahidBJZnq3UjTJwZ5y/T
avUXmwuM1mOx/Fv9YUMch0QTVs4qMtVacECH6TCvOcXRoCzznvP+L4JESy7Pybd3
la9TD2c/lAdfJriAsu0iBqInq7hv3ssz/RMif6hoR146edSdT3KxM18siGAEejIN
A0PJGF2nTC+YH15PUEjndvFxq6sG11kBzBp3b7F8jX1/YJZhmA+0J/iNHLhOV8Q=
=MQer
-----END PGP SIGNATURE-----

The Doctor

5:28 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/24/2015 05:14 PM, odinn wrote:

...

I thought that this was already answered long ago... but it keeps getting brought up from time to time.

Perhaps it is time for a new Cypherpunks FAQ.

...

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend cryptsetup, the "Swiss Army Knife of Disk Encryption." In any event,

Later releases of cryptsetup incorporate TrueCrypt support. v1.6.6 definitely has it; I don't know what release it was introduced in, though. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/

...

blorple the featureless cube

Cathal (Phone)

6:15 a.m.

I've used zuluCrypt a few times, which I recall building with TC-play, works great for vanilla containers at least and has a GUI at least as good as TrueCrypt itself. On 25 July 2015 01:14:52 GMT+01:00, odinn wrote:

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

I thought that this was already answered long ago... but it keeps getting brought up from time to time.

For what I consider to be the definitive answer on why you should not use TrueCrypt and what alternatives to it are, see:

http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implement ations

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend cryptsetup, the "Swiss Army Knife of Disk Encryption." In any event, you'll definitely want to check out this: https://github.com/bwalex/tc-play

Should be helpful.

- -O

On 07/24/2015 07:46 AM, Yush Bhardwaj wrote:

...
BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not - -secure/

...
http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQEcBAEBAgAGBQJVstT8AAoJEGxwq/inSG8C1OcH/1NWAA7Kmzqz5CcYs40j3Oe8 v19Wpvn6QzlqFwNxdFvxSV4c8QWUDdCtD+XBoAVby65lsDwm9x+Nd3ka0fEEep0a ssJHeeHHrNE7V7ijL8gWdZOGH9fa6mNjIEXFuRCywCaMahidBJZnq3UjTJwZ5y/T avUXmwuM1mOx/Fv9YUMch0QTVs4qMtVacECH6TCvOcXRoCzznvP+L4JESy7Pybd3 la9TD2c/lAdfJriAsu0iBqInq7hv3ssz/RMif6hoR146edSdT3KxM18siGAEejIN A0PJGF2nTC+YH15PUEjndvFxq6sG11kBzBp3b7F8jX1/YJZhmA+0J/iNHLhOV8Q= =MQer -----END PGP SIGNATURE-----

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Yush Bhardwaj

7:04 a.m.

After a little search and reading your replies , VeraCrypt for windows and Tomb for debian looks good to me. *Yush Bhardwaj* On Sat, Jul 25, 2015 at 11:45 AM, Cathal (Phone) < cathalgarvey@cathalgarvey.me> wrote:

...

I've used zuluCrypt a few times, which I recall building with TC-play, works great for vanilla containers at least and has a GUI at least as good as TrueCrypt itself.

On 25 July 2015 01:14:52 GMT+01:00, odinn wrote:

...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

I thought that this was already answered long ago... but it keeps getting brought up from time to time.

For what I consider to be the definitive answer on why you should not use TrueCrypt and what alternatives to it are, see:

http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implement ations

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend cryptsetup, the "Swiss Army Knife of Disk Encryption." In any event, you'll definitely want to check out this: https://github.com/bwalex/tc-play

Should be helpful.

- -O

On 07/24/2015 07:46 AM, Yush Bhardwaj wrote:

...
BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not

- -secure/

...
http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQEcBAEBAgAGBQJVstT8AAoJEGxwq/inSG8C1OcH/1NWAA7Kmzqz5CcYs40j3Oe8 v19Wpvn6QzlqFwNxdFvxSV4c8QWUDdCtD+XBoAVby65lsDwm9x+Nd3ka0fEEep0a ssJHeeHHrNE7V7ijL8gWdZOGH9fa6mNjIEXFuRCywCaMahidBJZnq3UjTJwZ5y/T avUXmwuM1mOx/Fv9YUMch0QTVs4qMtVacECH6TCvOcXRoCzznvP+L4JESy7Pybd3 la9TD2c/lAdfJriAsu0iBqInq7hv3ssz/RMif6hoR146edSdT3KxM18siGAEejIN A0PJGF2nTC+YH15PUEjndvFxq6sG11kBzBp3b7F8jX1/YJZhmA+0J/iNHLhOV8Q= =MQer -----END PGP SIGNATURE-----

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Yush Bhardwaj

7:12 a.m.

I am sorry forgot to say Thank You guys *Yush Bhardwaj* On Sat, Jul 25, 2015 at 12:34 PM, Yush Bhardwaj wrote:

...

After a little search and reading your replies , VeraCrypt for windows and Tomb for debian looks good to me.

*Yush Bhardwaj*

On Sat, Jul 25, 2015 at 11:45 AM, Cathal (Phone) < cathalgarvey@cathalgarvey.me> wrote:

...
I've used zuluCrypt a few times, which I recall building with TC-play, works great for vanilla containers at least and has a GUI at least as good as TrueCrypt itself.

On 25 July 2015 01:14:52 GMT+01:00, odinn < odinn.cyberguerrilla@riseup.net> wrote:

...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

I thought that this was already answered long ago... but it keeps getting brought up from time to time.

For what I consider to be the definitive answer on why you should not use TrueCrypt and what alternatives to it are, see:

http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implement ations

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend cryptsetup, the "Swiss Army Knife of Disk Encryption." In any event, you'll definitely want to check out this: https://github.com/bwalex/tc-play

Should be helpful.

- -O

On 07/24/2015 07:46 AM, Yush Bhardwaj wrote:

...
BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not

- -secure/

...
http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQEcBAEBAgAGBQJVstT8AAoJEGxwq/inSG8C1OcH/1NWAA7Kmzqz5CcYs40j3Oe8 v19Wpvn6QzlqFwNxdFvxSV4c8QWUDdCtD+XBoAVby65lsDwm9x+Nd3ka0fEEep0a ssJHeeHHrNE7V7ijL8gWdZOGH9fa6mNjIEXFuRCywCaMahidBJZnq3UjTJwZ5y/T avUXmwuM1mOx/Fv9YUMch0QTVs4qMtVacECH6TCvOcXRoCzznvP+L4JESy7Pybd3 la9TD2c/lAdfJriAsu0iBqInq7hv3ssz/RMif6hoR146edSdT3KxM18siGAEejIN A0PJGF2nTC+YH15PUEjndvFxq6sG11kBzBp3b7F8jX1/YJZhmA+0J/iNHLhOV8Q= =MQer -----END PGP SIGNATURE-----

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

odinn

10:01 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yes, I would also recommend Tomb. https://www.dyne.org/software/tomb/ via dyne.org / unsystem by Jaromil (https://github.com/jaromil). Note: It was mentioned earlier that there is TrueCrypt support in cryptsetup. I recommended using cryptsetup (if you are able to) but I don't recommend TrueCrypt. see https://github.com/bwalex/tc-play On 07/25/2015 12:04 AM, Yush Bhardwaj wrote:

...

After a little search and reading your replies , VeraCrypt for windows and Tomb for debian looks good to me.

/* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

On Sat, Jul 25, 2015 at 11:45 AM, Cathal (Phone) mailto:cathalgarvey@cathalgarvey.me> wrote:

I've used zuluCrypt a few times, which I recall building with TC-play, works great for vanilla containers at least and has a GUI at least as good as TrueCrypt itself.

On 25 July 2015 01:14:52 GMT+01:00, odinn mailto:odinn.cyberguerrilla@riseup.net> wrote:

I thought that this was already answered long ago... but it keeps getting brought up from time to time.

For what I consider to be the definitive answer on why you should not use TrueCrypt and what alternatives to it are, see:

http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-impleme nt

ations

...

Note that from TAILS 1.0.1 they incorporated LUKS, and I recommend cryptsetup, the "Swiss Army Knife of Disk Encryption." In any event, you'll definitely want to check out this: https://github.com/bwalex/tc-play

Should be helpful.

-O

On 07/24/2015 07:46 AM, Yush Bhardwaj wrote:

BitLocker is better or I should try something else ?

WARNING: Using TrueCrypt is not secure

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not

-secure/

http://truecrypt.sourceforge.net/ /* */ /* */ /* */ /* */ /* */ /* */ /*Yush Bhardwaj*/

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVs16VAAoJEGxwq/inSG8CuAAH/ijOmK3FAzoC5xRk2h/4z/hF 5TxwHNzqNTPR+OQN0LtNY9Nt+fDz/Wa1XJng1o9lBQmRJ1YOjYjC2gobPylH8oEw oQP+4JMlN30cNBw759zJ9i76ckGQugNYAppTznkSgC2rzGkiBBCw3bYYFcVO03Ti YGVAdGTi4XMZSjKVKb+oD33M3BaRhjuYZbyb+hcveKSU8P9yW47fdqkIz8K7ABTC R/wxZgt5Lne28rpOpvjKZPOHIvTWUYhpnqTNPiJZJCeSx1D9NBsWp/kR8eAqhi/t Y3Ug7GLpzFu977UFJpZqbSplB8oqEL45ScaODF9pWLGkKP9S0Nnv3E369hGVBKY= =28Nh -----END PGP SIGNATURE-----

3347

Age (days ago)

3353

Last active (days ago)

List overview

Download

20 comments

14 participants

participants (14)

Cathal (Phone)
grarpamp
jim bell
Markus Ottela
odinn
oshwm
Razer
rysiek
Seth
Sharif Olorin
Stephen D. Williams
Steve Kinney
The Doctor
Yush Bhardwaj