Truecrypt container hacked?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This one has been puzzling me for several days. Since I have not yet been able to figure it out, I thought I would "bleg" for assistance from our encryption-savvy readership. According to the Sun Sentinel http://www.sun-sentinel.com/news/fl-christopher-glenn-sentenced-20150731-sto..., a South Florida man was recently convicted of stealing military secrets. I am less concerned with what he stole or why than with what the story says about how the evidence against him was identified and used. Here is the relevant part of the story: https://www.lawfareblog.com/puzzling-encryption-story - -- “Borders I have never seen one. But I have heard they exist in the minds of some people.” ― Thor Heyerdahl projects...................https://brmlab.cz/user/overdrive twitter....................https://twitter.com/#!/over2393 GnuPG key FingerPrint......08EA E4DC EF85 0F02 9267 5B48 2E58 6902 C5F8 794C -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJV2PKdAAoJEC5YaQLF+HlMTP0QAKEDUE5WcEXNPU35Rzd/FsDa WujrzPcsp4M9yCqBc5ycALmYHoeAkrEgvvDtH8rAgh5wnoEWV8eKnbLJvPxRHbM7 81LJehw9lA0Wuh2TouxISAPkAFnk1B1fwHoMOsS05I9CqbnjUR3o9Nh4cqbMmOfL sZL8WuuoUiQd/NGATXtu9c9166xeJIYljrHOl+YuLIkmQ1ne56J7NNTzEbJmrGCv ny1tGaIRaNs4kZ9QeWiEAWY6yXqRzmaGbDRr8JHy6fDvD8xUi8PmtqE8YMYx4Dnw j06k+VbPHyToDncOBB62/mb/rmddcM1/84bk/S8vVedkVjsLjWLMvX0EWghtMLRj 3X8q/lqNMmtC1Q2MydqGzmXQabkoddC6wutQzXsusqXSIt0a43irvql8bSXBhn3G bDUTKU7dyhKJnl0URWWoeY/s6O+KimQhj9nEoE8a5jUHJN3mteVjmSZigRSjxnF2 uahHQLMs2J4g/cQd5M3HHIJDOybV9JWchrSZxpN6x7nscRPIAK5zxVcCsZS6A7By kQNzMP3wmzuzfSoauqmkf8m0Xs8HBRTnlR8gaGGr/D3pRyjaIPZ6xSLHZqSRbWgN 8sgSb47wKAp90EnOvIQJOZd/CnApOtvsAoWNxe+r2m3Vvi9KegJSDw0qPOecpQiT pFfnecTukts6LdjSfFLp =k/HW -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/22/2015 06:07 PM, Tomas Overdrive Petru wrote:
This one has been puzzling me for several days. Since I have not yet been able to figure it out, I thought I would "bleg" for assistance from our encryption-savvy readership. According to the Sun Sentinel <http://www.sun-sentinel.com/news/fl-christopher-glenn-sentenced-2
0150731-story.html>,
a South Florida man was recently convicted of stealing military
secrets. I am less concerned with what he stole or why than with what the story says about how the evidence against him was identified and used. Here is the relevant part of the story:
Historically, the FBI has used keyloggers to defeat PGP Disc and Truecrypt - and also, I am sure, other encrypted file systems that don't have back door access as a standard feature. Since rubber hose cryptanalysis and bugging computers are well known FBI methods, while world + dog have failed so far to make real progress on breaking the ciphers used in Truecrypt, I see no reason to suspect the latter occurred. None at all. The word "Truecrypt" does not appear in this summary of expert testimony, which describes forensics conducted at the facilities the classified files were borrowed from: https://regmedia.co.uk/2015/08/04/glenn_exhibit_1.pdf So, the defendant was already in the bag before somebody managed to type the correct pass phrase and examine the contents of his stash. I found no indication of whether his guilty plea came before or after investigators had access to the encrypted data; it seems very likely that handing over the pass phrase was part of a plea deal. Persuading people that a cryptographic tool does not work is a very effective attack against it. Should we blame ignorance or something else for the "Truecrypt is broken" take-away many casual readers will pick up from this story as written? :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV2Wc8AAoJEDZ0Gg87KR0LL/cQAISyfTK7ldjCrJLmAAC+Zw/0 DVCECa4Tqkpqskf+NxhGQF0zX91Sg5Q6QmHjHbkYALut6jwi6PjK6+yQivPWegSg n27XEWZsTt/fkjlrX775mj4pOlbio1X6XVQqQaKfbA4C6MUdPU/vMUXPQqH5CT/h t6882wtibiTPizXgan2hVZKO1vfMyGZqJFqdk7oEEr7ofb/8bnXzIKO9G2nc3rrW 6Rsd5+3eEiChStoSoR3LTFBfdmEvJP6qx/NivyZuj+KQAG5XFfMbBMyCWMvcFeWI y7Hv7yXx594wGPlAH4Z6bgJnxWeKIOhdluT+DH582Q6IzgXFptmuXxs71XCtTT45 TMQA4S67yaM21BXrd4+x2ah4fgdtk2IdqWSD/KE1q5cXnIzvkOTt8Z2v6ffM403R vDxaGHUPcMT4xKXS4v1LFcnDbDywhsbHvOZkc6EE0y6dQ6APuEt9AwMbTWH62a9+ Yvb1mN+zC22Ac+qHfnRmDocDvNlbyLEPs3Ouz+DZJIi+UwwqFdyDIjQiSUQ6MVcB omp3veHcpB0K1jZ1D3ECEc92ZSbTKkmPeLRHRjb+Z50tlRn7ViElFC8brKvJJBvt WFJcaVU3xZthT3vBkKAiwKtJ89CJhChZYEcEFVCtwufTTe98S/MeGMPomRGizjVR 3FkrfFK/LU1q6D+N+LSU =qEnZ -----END PGP SIGNATURE-----
Armchair analyis is fine when all you have is "news". But once you have a court case with a location and defendant name behind it, some local cpunk can just go pull the case from the courthouse, read the thing, and post the facts. Or mail in a state/fed FOIA for it.
Well said on skepticism of news reports concerning crypto, comsec, infosec, natsec. Disinfo and deception are inherent in security and survival, and best, most reliable, most trusted are typical tools of misleading exploitation. Where a single means and method, such as crypto (or science), is encouraged for rock-solid assurance, at least one other means and methods should be employed which in no way depends upon the single means. Hoodwink wins by cheating. A single means is certain to be continously under attack, and its vulnerabilities concealed both by the attackers and by the promoters. Blind faith in a single means is as old as religion, art and royalty, perhaps as old as humans faced with unending threats from nature and mortality -- and most of all from each other's thieving and murderous practices. Duplicity and con-jobs were essential, along with bigger clubs and rocks, voodoo and faux-virgin sacrifices -- ISIS hardly different, except more modest and sane and much less wealthy, than Los Alamos, The Vatican, JP Morgan, Ashley Madison, Silicon Valley and the IC all fostering blind faith in their own advertising of rockefeller-st-peter-approved STD protection. Some HTTPS Everywheres lately have been advertising encryption and HTTPS as condoms to protect against Internet STD, aka privacy rape. Peddlers of these hygienics are surely donors to the of Church of Crypto whose priests do enjoy the pleasures of insider hoo-haa. At 02:25 AM 8/23/2015, you wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/22/2015 06:07 PM, Tomas Overdrive Petru wrote:
This one has been puzzling me for several days. Since I have not yet been able to figure it out, I thought I would "bleg" for assistance from our encryption-savvy readership. According to the Sun Sentinel <http://www.sun-sentinel.com/news/fl-christopher-glenn-sentenced-2
0150731-story.html>,
a South Florida man was recently convicted of stealing military
secrets. I am less concerned with what he stole or why than with what the story says about how the evidence against him was identified and used. Here is the relevant part of the story:
Historically, the FBI has used keyloggers to defeat PGP Disc and Truecrypt - and also, I am sure, other encrypted file systems that don't have back door access as a standard feature.
Since rubber hose cryptanalysis and bugging computers are well known FBI methods, while world + dog have failed so far to make real progress on breaking the ciphers used in Truecrypt, I see no reason to suspect the latter occurred. None at all.
The word "Truecrypt" does not appear in this summary of expert testimony, which describes forensics conducted at the facilities the classified files were borrowed from:
https://regmedia.co.uk/2015/08/04/glenn_exhibit_1.pdf
So, the defendant was already in the bag before somebody managed to type the correct pass phrase and examine the contents of his stash. I found no indication of whether his guilty plea came before or after investigators had access to the encrypted data; it seems very likely that handing over the pass phrase was part of a plea deal.
Persuading people that a cryptographic tool does not work is a very effective attack against it. Should we blame ignorance or something else for the "Truecrypt is broken" take-away many casual readers will pick up from this story as written?
:o)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJV2Wc8AAoJEDZ0Gg87KR0LL/cQAISyfTK7ldjCrJLmAAC+Zw/0 DVCECa4Tqkpqskf+NxhGQF0zX91Sg5Q6QmHjHbkYALut6jwi6PjK6+yQivPWegSg n27XEWZsTt/fkjlrX775mj4pOlbio1X6XVQqQaKfbA4C6MUdPU/vMUXPQqH5CT/h t6882wtibiTPizXgan2hVZKO1vfMyGZqJFqdk7oEEr7ofb/8bnXzIKO9G2nc3rrW 6Rsd5+3eEiChStoSoR3LTFBfdmEvJP6qx/NivyZuj+KQAG5XFfMbBMyCWMvcFeWI y7Hv7yXx594wGPlAH4Z6bgJnxWeKIOhdluT+DH582Q6IzgXFptmuXxs71XCtTT45 TMQA4S67yaM21BXrd4+x2ah4fgdtk2IdqWSD/KE1q5cXnIzvkOTt8Z2v6ffM403R vDxaGHUPcMT4xKXS4v1LFcnDbDywhsbHvOZkc6EE0y6dQ6APuEt9AwMbTWH62a9+ Yvb1mN+zC22Ac+qHfnRmDocDvNlbyLEPs3Ouz+DZJIi+UwwqFdyDIjQiSUQ6MVcB omp3veHcpB0K1jZ1D3ECEc92ZSbTKkmPeLRHRjb+Z50tlRn7ViElFC8brKvJJBvt WFJcaVU3xZthT3vBkKAiwKtJ89CJhChZYEcEFVCtwufTTe98S/MeGMPomRGizjVR 3FkrfFK/LU1q6D+N+LSU =qEnZ -----END PGP SIGNATURE-----
structurally speaking monolithic thinking is a capture tool of the cia and
under EO 12333 all agencies are the cia = all 16 agencies
but that expansion is evident = gone beyond the 16 now
LAPD could not talk about mmhastings "fiery crash" as all-all natsec
natinterests which is whatever the fuck they say it is on a given fucking
day under the header 'upcoming trade deal' plus other\many evidences of
that shit...court docs\proceedings express just lookie-lookie
On Aug 23, 2015 1:45 PM, "John Young"
Well said on skepticism of news reports concerning crypto, comsec, infosec, natsec. Disinfo and deception are inherent in security and survival, and best, most reliable, most trusted are typical tools of misleading exploitation.
Where a single means and method, such as crypto (or science), is encouraged for rock-solid assurance, at least one other means and methods should be employed which in no way depends upon the single means. Hoodwink wins by cheating.
A single means is certain to be continously under attack, and its vulnerabilities concealed both by the attackers and by the promoters.
Blind faith in a single means is as old as religion, art and royalty, perhaps as old as humans faced with unending threats from nature and mortality -- and most of all from each other's thieving and murderous practices. Duplicity and con-jobs were essential, along with bigger clubs and rocks, voodoo and faux-virgin sacrifices -- ISIS hardly different, except more modest and sane and much less wealthy, than Los Alamos, The Vatican, JP Morgan, Ashley Madison, Silicon Valley and the IC all fostering blind faith in their own advertising of rockefeller-st-peter-approved STD protection.
Some HTTPS Everywheres lately have been advertising encryption and HTTPS as condoms to protect against Internet STD, aka privacy rape. Peddlers of these hygienics are surely donors to the of Church of Crypto whose priests do enjoy the pleasures of insider hoo-haa.
At 02:25 AM 8/23/2015, you wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/22/2015 06:07 PM, Tomas Overdrive Petru wrote:
This one has been puzzling me for several days. Since I have not yet been able to figure it out, I thought I would "bleg" for assistance from our encryption-savvy readership. According to the Sun Sentinel <http://www.sun-sentinel.com/news/fl-christopher-glenn-sentenced-2
0150731-story.html>,
a South Florida man was recently convicted of stealing military
secrets. I am less concerned with what he stole or why than with what the story says about how the evidence against him was identified and used. Here is the relevant part of the story:
Historically, the FBI has used keyloggers to defeat PGP Disc and Truecrypt - and also, I am sure, other encrypted file systems that don't have back door access as a standard feature.
Since rubber hose cryptanalysis and bugging computers are well known FBI methods, while world + dog have failed so far to make real progress on breaking the ciphers used in Truecrypt, I see no reason to suspect the latter occurred. None at all.
The word "Truecrypt" does not appear in this summary of expert testimony, which describes forensics conducted at the facilities the classified files were borrowed from:
https://regmedia.co.uk/2015/08/04/glenn_exhibit_1.pdf
So, the defendant was already in the bag before somebody managed to type the correct pass phrase and examine the contents of his stash. I found no indication of whether his guilty plea came before or after investigators had access to the encrypted data; it seems very likely that handing over the pass phrase was part of a plea deal.
Persuading people that a cryptographic tool does not work is a very effective attack against it. Should we blame ignorance or something else for the "Truecrypt is broken" take-away many casual readers will pick up from this story as written?
:o)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJV2Wc8AAoJEDZ0Gg87KR0LL/cQAISyfTK7ldjCrJLmAAC+Zw/0 DVCECa4Tqkpqskf+NxhGQF0zX91Sg5Q6QmHjHbkYALut6jwi6PjK6+yQivPWegSg n27XEWZsTt/fkjlrX775mj4pOlbio1X6XVQqQaKfbA4C6MUdPU/vMUXPQqH5CT/h t6882wtibiTPizXgan2hVZKO1vfMyGZqJFqdk7oEEr7ofb/8bnXzIKO9G2nc3rrW 6Rsd5+3eEiChStoSoR3LTFBfdmEvJP6qx/NivyZuj+KQAG5XFfMbBMyCWMvcFeWI y7Hv7yXx594wGPlAH4Z6bgJnxWeKIOhdluT+DH582Q6IzgXFptmuXxs71XCtTT45 TMQA4S67yaM21BXrd4+x2ah4fgdtk2IdqWSD/KE1q5cXnIzvkOTt8Z2v6ffM403R vDxaGHUPcMT4xKXS4v1LFcnDbDywhsbHvOZkc6EE0y6dQ6APuEt9AwMbTWH62a9+ Yvb1mN+zC22Ac+qHfnRmDocDvNlbyLEPs3Ouz+DZJIi+UwwqFdyDIjQiSUQ6MVcB omp3veHcpB0K1jZ1D3ECEc92ZSbTKkmPeLRHRjb+Z50tlRn7ViElFC8brKvJJBvt WFJcaVU3xZthT3vBkKAiwKtJ89CJhChZYEcEFVCtwufTTe98S/MeGMPomRGizjVR 3FkrfFK/LU1q6D+N+LSU =qEnZ -----END PGP SIGNATURE-----
participants (5)
-
Cari Machet -
grarpamp -
John Young -
Steve Kinney -
Tomas Overdrive Petru