Author Topic: TrueCrypt is Now Abandonware?! (Read 52446 times)

mwb1100 · « **Reply #50 on:** May 30, 2014, 03:21 PM »

I don’t know if he's making it up (as he sometimes does)
-J-Mac (May 30, 2014, 03:12 PM)

At least on this made up posting, he's clear about it:

- http://steve.grc.com...ruecrypt-developers/

wraith808 · « **Reply #51 on:** May 30, 2014, 03:27 PM »

I don’t know if he's making it up (as he sometimes does) or if this is real info.
-J-Mac (May 30, 2014, 03:12 PM)

As he sometimes does?

rgdot · « **Reply #52 on:** May 30, 2014, 03:30 PM »

That alleged conversation doesn't explain the abruptness.

I have seen/read Gibson criticism on more than one occasion, whether that includes making up stuff who knows.

Stoic Joker · « **Reply #53 on:** May 30, 2014, 03:32 PM »

The only problem with the warrant canary angle is we don't really know what the correct displayed state was...or if it truly existed.

This could just be a dev's hand was forced to participate in a false flag style maneuver aimed at destabilizing TC's reputation.

I really hate having to think like this.

J-Mac · « **Reply #54 on:** May 30, 2014, 03:51 PM »

I don’t know if he's making it up (as he sometimes does) or if this is real info.
-J-Mac (May 30, 2014, 03:12 PM)

As he sometimes does?
-wraith808 (May 30, 2014, 03:27 PM)

I was referring to that "Imagined letter" from the TC developer. He has done that in the past too.

Jim

Innuendo · « **Reply #55 on:** May 31, 2014, 11:07 AM »

Due to being afflicted with the serious malady of being a digital packrat, I seem to be in possession of the installers for most versions of TrueCrypt going back to v3.0.

If anybody needs one, give me a shout.

wraith808 · « **Reply #56 on:** June 01, 2014, 06:07 PM »

TrueCrypt Warrant Canary Confirmed?

rgdot · « **Reply #57 on:** June 01, 2014, 06:12 PM »

Like a comment there says, who is "Alyssa Rowan"?

TaoPhoenix · « **Reply #58 on:** June 01, 2014, 06:21 PM »

Yeah, I saw that note too. Interesting how different sites have "personalities" on their comments. A current early concern is how do we cleanly know that such a sparse source of potential info is an authorized post for real and not some troll piggybacking on the other theory I saw which was "devs got grumpy and rage-quit." (But if so, then I'd think you'd end of life it, so the abruptness is again confusing people.)

Meanwhile I wouldn't put it past the gov to add a new little rule that tries to take out canaries as the way around "neither confirm nor deny". This whole topic is a twisty onion full of layers!

TaoPhoenix · « **Reply #59 on:** June 01, 2014, 06:23 PM »

Like a comment there says, who is "Alyssa Rowan"?
-rgdot (June 01, 2014, 06:12 PM)

Heh you got in ahead of me. One of the Slashdot gang says someone *by that name/handle* has been legit in security crypto circles. But then see my note, "is this the real person or more dis-info?"

bit · « **Reply #60 on:** June 01, 2014, 09:16 PM »

Okay this is just a super lightweight question as I'm following and tracking most of what's being posted here and it's kind of over my head in some ways but something just kind of nags at me and I can't help asking.
So I'm open to being politely ignored if it doesn't make any sense. :)
What if there was some way to run a 'shell program' to encapsulate Scramdisk in its own environment within one of the more modern OSs (Vista, etc....), with file sharing enabled to the host OS; mine being Win 7 Pro.
There's absolutely nothing wrong with Scramdisk, except it's not set up for the Win 7 file system.
I realize my ignorance must be showing.

40hz · « **Reply #61 on:** June 02, 2014, 08:01 AM »

A project to replace TrueCrypt with a fully open replacement has been started.

Since this new project has no bearing on whatever is going on with the original TrueCrypt, I started a separate discussion for it.

Find it here.

Renegade · « **Reply #62 on:** June 16, 2014, 07:51 AM »

No idea what to think of this:

https://www.livebusi...dex.php?topic=5629.0

I have been informed that I may be the first person to publish this. There is a hidden message on the new sourceforge TrueCrypt site that says, approximately, "Don't use TrueCrypt because it is under the control of the NSA". I originally posted details about the message on my user page at MediaWiki.org, and then posted a mention of it on the talk page for the TrueCrypt article at Wikipedia (permalink). Decoding the message is simple. The first line of the site is this:

Quote
WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

That sentence uses strange English, like the word "unfixed", that is clearly contrived to fit a hidden message. If you take just the first letter of each word, except the word "WARNING":

Quote
Using TrueCrypt is not secure as it may contain unfixed security issues

you get this:

Quote
uti nsa im cu si

It's Latin that roughly means:

Quote
Unless I want to use the NSA

So, the full message seems to be this:

Quote
WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues, unless I want to use the NSA

Which is English that roughly means:

Quote
Don't use TrueCrypt because it is under the control of the NSA

Interesting at any rate.

40hz · « **Reply #63 on:** June 16, 2014, 08:53 AM »

Definitely interesting. With something else it would be a stretch. But placed in context of the puzzle & word game world of cryptographers and their ilk, there just might be something to it. Maybe.

wraith808 · « **Reply #64 on:** June 16, 2014, 10:46 AM »

That's not Latin. Not even near in the same neighborhood as Latin.

40hz · « **Reply #65 on:** June 16, 2014, 11:08 AM »

That's not Latin. Not even near in the same neighborhood as Latin.
-wraith808 (June 16, 2014, 10:46 AM)

Shhhsh! Don't let facts get in the way of a good story!

And yeah, that was the "stretch" part for me too! Far too many years of schooling plus attending Latin Masses not to recognize Latin when I see/hear it .

Stoic Joker · « **Reply #66 on:** June 16, 2014, 11:35 AM »

@wraith & 40 - Okay, so if you two agree that that ain't Latin ... I'm inclined to put my money (so to speak) on that ain't Latin. Because left to my own devices...I've not a friggin clue.

But... If one follows Ren's link up the rabbit's asshole for a bit they run across this Reddit discussion regarding the viability of basically hacking/gaming Googles translation service. In support of the theory, one poster gives this link that appears to show the translation is valid.

So it appears that this could spiral for a bit if the message was perceived as perhaps being based on a popular misconception. Or are there dialects - for lack of a better term - of Latin that may/could apply?

Edit:
Just tried Bing translate, and it auto-detected the language as Romainian and translated it as: im with the nsa and uti

40hz · « **Reply #67 on:** June 16, 2014, 01:32 PM »

Okay, so if you two agree that that ain't Latin ... I'm inclined to put my money (so to speak) on that ain't Latin.
-Stoic Joker (June 16, 2014, 11:35 AM)

Well, I'm not an expert in Latin by any stretch. And I've probably forgotten far more that I remember. But the way that sentence is constructed seems more like a transliteration using a robo-translator. So while the words map out to the same words in English, it's not the way I'd suspect a Roman - or somebody who is well acquainted with the Latin language - would have said it. I personally would have thought the sentence would have started with something like "Si vis" (if you want to), which is a fairly common construct.

This however may also be a clearer proof there's such a hidden message than otherwise. Very few people bother to learn real Latin these days. And most of what does get presented as a Latin phrase is really just English run through Google trans.

Stoic Joker · « **Reply #68 on:** June 16, 2014, 02:29 PM »

This however may also be a clearer proof there's such a hidden message than otherwise. Very few people bother to learn real Latin these days. And most of what does get presented as a Latin phrase is really just English run through Google trans.
-40hz (June 16, 2014, 01:32 PM)

Shit.

...That's kinda where I was headed with it...and I really wanted to be wrong.

TaoPhoenix · « **Reply #69 on:** June 16, 2014, 03:19 PM »

This however may also be a clearer proof there's such a hidden message than otherwise. Very few people bother to learn real Latin these days. And most of what does get presented as a Latin phrase is really just English run through Google trans.
-40hz (June 16, 2014, 01:32 PM)

Shit.

...That's kinda where I was headed with it...and I really wanted to be wrong.
-Stoic Joker (June 16, 2014, 02:29 PM)

We're starting to get into meta territory where I smell a court case brewing. The strange part of that whole "neither ... *nor deny*" phrase is ... well... I deny getting a national security letter at my home!

But what people such as users want to know is the Confirm part that the recipient is not easily supposed to do. But sending these coded signals ... is (presumably) confirming it! So I don't get that if these agencies go to all this trouble to deliver these nasty letters, and the recipient sends a canary message, maybe the govt *can't* sue the recipient because that would confirm the letter!

Also, "The first rule of the NSA Letter Club is not to talk about the NSA Letter Club", does interesting things to the legendary court phrase "Truth, Whole Truth, and Nothing but the Truth". What do you even do? "I swear to tell as much of the Truth as I am legally allowed to"?!

40hz · « **Reply #70 on:** June 16, 2014, 05:26 PM »

Well...if the creators of TrueCrypt wanted their app to spark a lively debate and leave a bit of mystery that might never disappear off the radar screen (remember Amelia Earhart, the Philadelphia Experiment, and D.B. Cooper?), having it shut down without explanation (other than some nonsensical recommendations) was one good way to almost guarantee that happening.

I'm starting to think there's definitely some game in play here. Whether it's just a publicity stunt, or something deeper (and possibly darker) is anybody's guess.

We can speculate endlessly in the absence of anything concrete. The web excels at that sort of endeavor.

Which just might be the real goal here...

Renegade · « **Reply #71 on:** June 16, 2014, 08:22 PM »

Well, I'm not an expert in Latin by any stretch. And I've probably forgotten far more that I remember. But the way that sentence is constructed seems more like a transliteration using a robo-translator. So while the words map out to the same words in English, it's not the way I'd suspect a Roman - or somebody who is well acquainted with the Latin language - would have said it. I personally would have thought the sentence would have started with something like "Si vis" (if you want to), which is a fairly common construct.
-40hz (June 16, 2014, 01:32 PM)

Point taken there.

Now go ahead and try to encode that in an English sentence as purported to have been done above with the same meaning.

My guess is that if the message is real, any discrepancies with proper Latin grammar, etc., can be relatively safely attributed to the difficulty in creating an English sentence to properly fit.

But, who knows?

It is certainly interesting, and could very well be real. Or a simple coincidence. e.g. When you listen to any language backwards, at some point you will hear "messages". This happens in all languages. If you played with my "Satanic Music Detector", you will have heard this many times. One of my favourites that I found was in a Slayer song where they sing "666" but backwards it sounds like "kiss kiss kiss".

It would be interesting to know a bit more about whether the same sort of phenomena happens for the first letter/sound/phonem e in a word across a sentence.

40hz · « **Reply #72 on:** June 16, 2014, 08:48 PM »

My guess is that if the message is real, any discrepancies with proper Latin grammar, etc., can be relatively safely attributed to the difficulty in creating an English sentence to properly fit.
-Renegade (June 16, 2014, 08:22 PM)

Certainly. But also remember that these people are cryptographers. I don't think getting it to work using a real Latin sentence would have been much of a challenge for them.

Renegade · « **Reply #73 on:** June 16, 2014, 09:07 PM »

My guess is that if the message is real, any discrepancies with proper Latin grammar, etc., can be relatively safely attributed to the difficulty in creating an English sentence to properly fit.
-Renegade (June 16, 2014, 08:22 PM)

Certainly. But also remember that these people are cryptographers. I don't think getting it to work using a real Latin sentence would have been much of a challenge for them.

-40hz (June 16, 2014, 08:48 PM)

I'm not so sure about that. While it may very well be possible to do, there's the aesthetic aspect. But, I really don't know. This is all just conjecture and speculation. I know that often in writing I have to settle for something that is suboptimal for one reason or another. Just because I can set and achieve a goal doesn't mean that the goal will work out. There are times when I am forced to go for a second rate solution. I'm pretty sure that most people have had that happen where they had to settle for second best for one reason or another.

wraith808 · « **Reply #74 on:** June 16, 2014, 09:24 PM »

My guess is that if the message is real, any discrepancies with proper Latin grammar, etc., can be relatively safely attributed to the difficulty in creating an English sentence to properly fit.
-Renegade (June 16, 2014, 08:22 PM)

Certainly. But also remember that these people are cryptographers. I don't think getting it to work using a real Latin sentence would have been much of a challenge for them.

-40hz (June 16, 2014, 08:48 PM)

Maybe not much of a challenge on the surface. The challenge is in doing so in a way that our Neighborhood Shopping Allies can't prove it was done intentionally. Thus mistakes.