topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 1:08 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: TrueCrypt 6.0 released  (Read 28977 times)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
TrueCrypt 6.0 released
« on: July 06, 2008, 11:26 PM »
TrueCrypt 6.0 Released July 4, 2008


One of the best security applications just got better. And it's still free!

Notable changes include support for multicore processors, full system drive encryption and the ability to run a hidden operating system. The mind boggles...


From the website:
We are pleased to announce that TrueCrypt 6.0 has been released.

This version introduces parallelized encryption and decryption on multi-core processors (or multi-processor systems). Increase in encryption/decryption speed is directly proportional to the number of cores and/or processors. For example, on a quad-core processor, encryption and decryption is four times faster than on a single-core processor with equivalent specifications [view benchmark results].

This version also introduces the ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed), the ability to encrypt an entire system drive even if it contains extended partitions, a new volume format that increases reliability, performance and expandability, and more.
For more information, please see: http://www.truecrypt...s/?s=version-history

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #1 on: July 07, 2008, 03:39 AM »
This version also introduces the ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed)

hahahha love it!  :-*

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #2 on: July 07, 2008, 06:55 AM »
Full system drive encryption was introduced with 5.x, but parallelized en/decryption sounds very nice. I haven't had problems saturating my disk bandwidth in previous versions, but I guess it could come in handy when copying from one encrypted disk to another; one core on my Q6600@3GHz can do around 106MB/s, and moving between two disks that can handle 60MB/s sustained transfer would require 120MB/s of en/decryption bandwidth :)

Thanks for the heads-up, 40hz, I guess it's also time for me to add truecrypt.org to website watcher.
- carpe noctem

justice

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,898
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #3 on: July 07, 2008, 08:05 AM »
so hackers that have access to your pc can create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed). Yay nice. The nuclear bomb of security software. So secure you can't get your system back.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #4 on: July 07, 2008, 08:13 AM »
justice: you'd notice it yourself because your partitions would obviously be resized :) - obviously the reason for something like this is those insane border patrol laptop searches. Now you can boot a clean XP install and let the customs people rummage through the drive, and keep all your NDA'ed work documents and client records safe in the hidden OS, without being retained for not giving up your decryption keys.
- carpe noctem

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #5 on: July 07, 2008, 08:26 AM »
the reason for something like this is those insane border patrol laptop searches.

I wonder if all those "insane" laptop searches were really just a dry run for addressing the very real problems that may be caused by all those laptops coming back home from the Olympics.

China has been pretty aggressive with their "research" into the military uses of cyber technology. They have also made it abundantly clear that they will be inclined view any preemptive security measures that single them out as an act of war.

Crazy border searches? Yeah - crazy like a fox.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #6 on: July 07, 2008, 09:46 PM »
justice: you'd notice it yourself because your partitions would obviously be resized :) - obviously the reason for something like this is those insane border patrol laptop searches. Now you can boot a clean XP install and let the customs people rummage through the drive, and keep all your NDA'ed work documents and client records safe in the hidden OS, without being retained for not giving up your decryption keys.
Or you could skip all the overhead that comes with encryption and stash 4GB of anything in an Alternate Data Stream under a text file containing a recipe for a chocolate cherry bunt cake. If you don't stand out, and at first glance your puter is boaring, next...

Encryption is viewed far too much like a magic bullet, when it's really just an excuse to be sloppy with other less snazy sounding aspects of security that whould have actually worked.

(Here's a Job I Actually Worked)
A major medical software company charged a doctor $5,000 (Mid-shelf VPN router + labor) to setup a VPN (Yahoo! encryption) so they could access their "server" which was one of 3 XP machines in their office network. Connection required only a standard Windows VPN connector, username, & password.

...Username & password were both the Dr's name in all lower case letters ... I went ballistic.

justice

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,898
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #7 on: July 08, 2008, 03:21 AM »
That alternate data stream problem seems quite severe, look at this little bundle of joy : http://www.windowsec...te_Data_Streams.html

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #8 on: July 08, 2008, 03:40 AM »
That alternate data stream problem seems quite severe, look at this little bundle of joy : http://www.windowsec...te_Data_Streams.html

scary
Tom

jgpaiva

  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 4,727
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #9 on: July 08, 2008, 04:17 AM »
Interesting link, justice!

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #10 on: July 08, 2008, 08:35 AM »
Stoic Joker: doing the ADS thing only helps if you're trying to smuggle contraband - it's not feasible for regular data files that you need to use daily, programs, etc. If I had to go to the .us for work-related reasons, I'd have to bring a laptop full of reverse-engineering tools and other things that would probably look suspicious to customs. ADS wouldn't help me there, but a hidden OS partition would, since I could just boot an inconspicuous XP to sjov them that everything is hunky-dory.

Also, Justice's ADS link is outdated, with XP taskmgr was upgraded to show which stream of a file that's executed, so suddenly that trick stands out like a naked drag queen in the oval office. Or more, probably.

PS: encryption is only one of the benefits of VPNs - the main advantage is of course that you can refrain from punching any public holes through from the internet to your LAN, except for VPN... and still be able to access the LAN from home/whatever, as if you were inside your corporate building. Obviously you need strong password policies (and certificates for anything serious) for the VPN.
- carpe noctem

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #11 on: July 08, 2008, 01:01 PM »
An updated 6.0a is just out today!

6.0a, July 8, 2008
Resolved incompatibilities / bug fixes:

  • On systems where certain inappropriately designed chipset drivers were installed, it was impossible to encrypt the system partition/drive. This will no longer occur.   (Windows Vista/XP/2003)
  • Other minor bug fixes.  (Windows, Mac OS X, and Linux)

MrCrispy

  • Participant
  • Joined in 2006
  • *
  • Posts: 332
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #12 on: July 08, 2008, 01:43 PM »
Lets say I am at the airport and my laptop is inspected. If I have TC installed, they will automatically assume I have something to hide and interrogate me further. I have no doubt the DHS will have tools to scan a computer to see if it has encrypted containers.

Also the plausible deniability thing works both ways - they can read TC's feature list as well and know that if I'm smart enough to use it, and I have a 10gb encrypted container which only contains 1gb of files, I'm very likely to have a hidden volume in there too! And then its only a matter of time (read waterboarding) before I am forced to reveal its password - since I can't prove I don't have one. It'd be better to have a hidden encrypted partition but even then its pretty easy to see that and wonder about its contents.

And for those who think that "I have nothing to hide, why encrypt at all", anything discovered in a lawful search can be used against you. The laws these days are designed so that pretty much everyone is guilty of infringement, and its very easy to trap us. If you have some mp3's, if you've accessed a website and its there in your cache, have a ripped movie/youtube video, be prepared to prove you have the rights for it, or they can prosecute you, confiscate equipment and lock you up for as long as they want.

Of course I am being paranoid but its the principle that matters, and to me it seems we have very little privacy left at all.

nosh

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,441
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #13 on: July 08, 2008, 02:47 PM »
And then its only a matter of time (read waterboarding)
Ah, water! The king of all bruteforcers!  ;D

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #14 on: July 08, 2008, 06:57 PM »
Stoic Joker: doing the ADS thing only helps if you're trying to smuggle contraband - it's not feasible for regular data files that you need to use daily, programs, etc. If I had to go to the .us for work-related reasons, I'd have to bring a laptop full of reverse-engineering tools and other things that would probably look suspicious to customs. ADS wouldn't help me there, but a hidden OS partition would, since I could just boot an inconspicuous XP to sjov them that everything is hunky-dory.

Also, Justice's ADS link is outdated, with XP taskmgr was upgraded to show which stream of a file that's executed, so suddenly that trick stands out like a naked drag queen in the oval office. Or more, probably.

PS: encryption is only one of the benefits of VPNs - the main advantage is of course that you can refrain from punching any public holes through from the internet to your LAN, except for VPN... and still be able to access the LAN from home/whatever, as if you were inside your corporate building. Obviously you need strong password policies (and certificates for anything serious) for the VPN.

I tossed out ADS only as a comparative example not "the answer", however the TaskMgr showing the stream location would only apply if the program was running at the time. ...Which bring me to the main point which MrCrispy seems to have picked up on...Don't look interesting.

I too have network analysis (hacking) utilities (as part of my job) that have great potential to be hard to explain. How ever at first glance it wouldn't even raise an eyebrow because they're seed throughout the OS on a very boring appearing vanilla install. I know exactly how to find them, and that's all that's important. I don't really need a shortcut to eEye's Iris on the desktop, the hotkey works just fine...

Having any kind of 3rd party Uber encryption will simply make you and your laptop stick out like a shiny red Corvette at an Amish BBQ.

MrCrispy's 2nd point is also 100% correct, put anybody under a spot light and they're gona fail (politics 101). The laws are fast and loose, and there are a ton of bureaucrats that are dying to try out their new toys. Which is why you really don't want to look interesting.

Spiffy encryption widgets make you look interesting enough to poke around a bit, if that turns up anything your screwed. The first two guys you talk to, won't be that (IT) bright ... But the third guy that shows up...

...You can't hide a partition from the POST report (Talk about hard to Explain...).

PS: Yes I am familiar with the point and purpose of a VPN I was just tossing out an example of how some people (miss)use encryption to lock all the windows and then leave the doors wide open.

One of my biggest pet peeves is people who sell a ton of security hard/software to a person or company who then gets hosed by a (lack of) common sense issue that they would have known about if they had simply been told the truth in the first place.

The company I mentioned earlier spent a total of $12,000 on data recovery (4 catastrophic failures) over a six year period because the asshole vendor kept installing their (resource hogging) practice software on a low-end ("working server") workstation using a CD based backup (which failed every time...). I got them to spring for a entry level (dedicated) server with RAID and a tape drive ($2,000) ... and now their problem is finally (truly) solved.

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #15 on: July 08, 2008, 09:04 PM »
Spiffy encryption widgets make you look interesting enough to poke around a bit, if that turns up anything your screwed. The first two guys you talk to, won't be that (IT) bright ... But the third guy that shows up...

While it may be true that using encryption makes you look interesting to customs (or whatever agency you're dealing with), it really shouldn't be.  I use encryption on my portable devices simply because the device could get lost or stolen and I don't want to have whoever might be on the receiving end to get access to that data (some of which isn't even mine - it belongs to my employer).  I'd hope that this would be the more usual case, but given the news stories that pop up about lost/stolen devices with sensitive data it seems that this is not true (yet).


Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #16 on: July 08, 2008, 10:24 PM »
Spiffy encryption widgets make you look interesting enough to poke around a bit, if that turns up anything your screwed. The first two guys you talk to, won't be that (IT) bright ... But the third guy that shows up...

While it may be true that using encryption makes you look interesting to customs (or whatever agency you're dealing with), it really shouldn't be.  I use encryption on my portable devices simply because the device could get lost or stolen and I don't want to have whoever might be on the receiving end to get access to that data (some of which isn't even mine - it belongs to my employer).  I'd hope that this would be the more usual case, but given the news stories that pop up about lost/stolen devices with sensitive data it seems that this is not true (yet).


Sure there are proper uses for it, it just the wild-eyed peek-a-boo crap that irks me...and stashing a complete OS in a sneeky looking Uber hidden partition sounds like a 5 star way of ending up in the body cavity search express lane.

mikiem

  • Participant
  • Joined in 2006
  • *
  • default avatar
  • Posts: 99
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #17 on: July 14, 2008, 12:58 PM »
Interesting... And a bit ironic... The best way to secure a door is to not have a doorway. The best way to hide something is to not put it where someone will, or can easily look. The fact that Truecrypt exists, creates the need to look for it. Then again, most of the world still operates on a combination of naivete & the pragmatic acceptance that locks only keep an honest person honest.

IMHO since if you were trying to get something in or out of a country without prying eyes seeing it, common sense would suggest the very last place to put it would be on a laptop. ;D 1st off I'd imagine you'd transfer it online - if you wanted to be a bit more paranoid, grab a kit so-to-speak & infect your system, having it do the work... Supreme deniability.

If you wanted physical transfer, there's flash cards & mail (ordering often from Hong Kong we've never had a package checked). If you wanted to carry it, got to be thousands (if not more) places to hide flash memory cards, or even chips (from a USB device), maybe added to the board(s) on something like a camera or mp3 player -- couple of screws and you've got access... I can't imagine anyone taking your electronics apart, then matching it to an identical item, then proving you were the one who did the alteration. Or just get one of the dozens & dozens of USB memory storage products, from watches to sunglasses, & remove/mod the way the cord connects.

For everyday hard drive storage, I'd guess it would be harder to detect TC partitions on an external drive, but I'd also guess you could add an LT drive to a external case along with the obvious one - like a false bottom in a suitcase.

steeladept

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,061
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #18 on: July 16, 2008, 03:32 AM »
Maybe I am being a bit naive, but from what I read at their site, to have the plausible deniability you must use TrueCrypt for other things rather than the hidden partition.  Create partition containers on your laptop to prevent mishandling.  If you get tagged as interesting, give them the keys, show the partition you use encrypted so they see there is nothing mischievous there, but make sure they see you have some sort of sensitive information (Account numbers or financials for example) that you wouldn't want someone who stole your laptop to have access to.  From what I read, the hidden partition is not a true partition to the system until AFTER it is decrypted.  This means even to the POST, it is only a useless bunch of 1s & 0s (AKA white space), until you provide the correct key to recognize it as a partition THEN access it correctly.

My only issue with this is it would be far too easy to create a partition in that section and wipe any hidden partition out.  Easy solution.  If you didn't have anything to hide, then it is a non-issue. If you did, it is gone after that.  (Well maybe not, but probably).

TucknDar

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 1,133
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #19 on: July 17, 2008, 04:01 PM »
What are all of you hiding? :P

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #20 on: July 17, 2008, 04:16 PM »
What are all of you hiding? :P

 ;D ;D
Tom

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #21 on: July 17, 2008, 04:41 PM »
Source code, client information, private documents? :)

Once I purchase a laptop, I'll be running full disk encryption (yeah, including system partition) on it... in case it ever gets stolen or lost, I don't really want anybody to rummage through my files.
- carpe noctem

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Points: 45
  • Posts: 3,411
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #22 on: July 17, 2008, 07:05 PM »
Does anyone know of an application like this which allows encrypted drives to be transported and opened on a system via a thumb drive?

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #23 on: July 17, 2008, 07:17 PM »
Does anyone know of an application like this which allows encrypted drives to be transported and opened on a system via a thumb drive?
TrueCrypt can do this if you use container files rather than direct partition encryption - but it does require installing a driver on the host computer, obviously requiring admin privileges. Iirc there's also a CodeProject or SourceForge project for dealing with container files directly?, probably require use of FAT32 filesystem though (but that's fine for smallish container files).
- carpe noctem

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: TrueCrypt 6.0 released
« Reply #24 on: July 18, 2008, 12:24 AM »
Does anyone know of an application like this which allows encrypted drives to be transported and opened on a system via a thumb drive?
There's TCExplorer, which is a regular, user-mode application that opens container files (FAT only) similar to the way zip utilities deal with zip files as containers.

http://www.codeproje...iles/TCExplorer.aspx
http://sourceforge.n...projects/tcexplorer/

A couple caveats:

  • I have not tried this software
  • when using files inside a TC container with this utility, the file will be copied to a temp directory (on the same drive as the container, I think) - take whatever precautions you might feel necessary to ensure the data is not recoverable when you remove the container