TrueCrypt.org May be Compromised

Today, a new version of TrueCrypt (7.2) was pushed to SourceForge, and the TrueCrypt.org website was replaced with an incredibly suspicious page recommending users cease all use of TrueCrypt and use tools such as Bitlocker. The TrueCrypt maintainers have not officially (as of the time of this writing) commented yet on whether the site is compromised, or whether they are (more unlikely) scuttling the project for reasons unknown.

There have been a number of conspiracy theories ranging from a warrant canary (someone tipping off the TrueCrypt team that a secret warrant was issued for information about them) to a massive website compromise, and finally to a terribly sloppy and unprofessional true exit from TrueCrypt.

My take? I don’t know, but most agree it is very suspicious that the TrueCrypt team would lead anyone to use private, proprietary software like BitLocker, when there are plenty of FOSS implementations out there that work well. Usually when someone is lying under duress (or even trolling), one natural way to tip everyone else off to that fact is to state something completely unbelievable that other people would see is completely unbelievable. The TC team recommending BitLocker fits that bill, and I think leaves a hint to the public to disregard everything they’re saying about TC. The whole thing smells suspicious, and at the very least, should be approached with caution.

One thing is for certain: You should not download or trust anything from TrueCrypt until this is all sorted out. That doesn’t mean, however, that you should stop using TrueCrypt if you already are.

Here are a few steps on what you should do, however, to protect your content:

1. It’s possible that TrueCrypt 7.2 is compromised. Do not use this new version.

2. If the website is compromised, chances are the attacker had compromised it quite a while ago, and the website owners did not know it. This means that previous versions of TrueCrypt might also be compromised. If you’ve downloaded any version of TrueCrypt over the past 3-6 months (or longer, depending on your level of paranoia), I advise considering your copy may not be trustworthy. My own copy is only six months old, so I’m looking to get a set of MD5 hashes from people I follow who’s had 7.1a on their Mac for longer than I, to verify. Please email me if you have these. (find TrueCrypt.app -type f -exec md5 {} \;)

3. There *is* an unofficial archive of TrueCrypt releases kept by a user on GitHub (Thank you DrWhax). I CANNOT vouch for it’s credibility, however the hashes on his 7.1a OSX release match those of my own copy, which I downloaded about six months ago. Compare your own hashes to his and if they don’t match, then something is definitely wrong with either your copy or the archive’s. The archive can be found here.

4. As it is possible, in today’s world, that newer versions of TrueCrypt could be infected with some type of ransom-ware or other crippling malware, I recommend making a backup of the CLEAR TEXT copies of your TrueCrypt containers. Use a different encryption tool for now to protect the backups in the event that you lose access to your TrueCrypt containers. If you’re using full disk encryption, back up your hard drive contents either in clear text or to another form of encryption. You don’t want to lose the ability to access everything on your HD.

5. Depending on if and how TrueCrypt may be compromised, it makes sense to encrypt your own TrueCrypt containers with another form of encryption, which will help prevent them from being left exposed in the event that there is a bigger game afoot with malware. It’s also a good idea to change the passwords to your containers, although I recommend doing this offline, and completely power cycle your computer before going back online. This doesn’t guarantee your passwords won’t be intercepted, but can certainly help. I also recommend copying them to OFFLINE STORAGE and securely erasing from your desktop machine. In the event that TrueCrypt is compromised, you don’t want both your passwords and the content to be exposed.

6. If you’re overly concerned about malware, consider a tool such as Little Snitch for Mac, or other connection managers, to prevent background processes from calling home without your permission.

In all of this, do as your paranoia guides you.

Lastly, if you are already using TrueCrypt 7.1a (the version that was code audited by Matthew Green’s team), I see no reason to stop using it as of yet. It’s already passed phase 1 of the audit, and if there were any backdoors, they would have been found by now. The phase 2 portion of the audit (the part that tests cryptographic strength) has not yet been audited, however the algorithms have been in the public for decades, as well as their implementations open sources. If you can ensure that the 7.1a copy you have is an “authentic” copy, then I see no reason not to use it until/unless any information comes out that suggests we shouldn’t. In fact, if the government is in any way involved in the shuttering of the project, it may be because the technology is too effective, which is exactly what security minded people want. There is no bug that cannot be fixed, if there was one; the only truly detrimental bug would be a bug in AES, which would also undermine all forms of modern encryption and be a technological atomic bomb.

The audit team, on Twitter, gave the nod to DrWhax’ repository as being trustworthy. The Mac hashes for my copy of 7.1a (which I’ve been able to confirm through a few other trusted people I know, back at least a year or more) are:

TrueCrypt.app jonz$ find . -type f -exec md5 {} \;
MD5 (./Contents/Info.plist) = 787db9116b389053e9d5a42a4ffc20c7
MD5 (./Contents/MacOS/TrueCrypt) = dad908e7d366ea0eb8f94384192e3314
MD5 (./Contents/PkgInfo) = 986958519c9df91574332ee7aa37e3f4
MD5 (./Contents/Resources/License MacFUSE.rtf) = 640149a1cf8dea5e1463662da91f4741
MD5 (./Contents/Resources/License OSXFUSE.rtf) = 21999f024e556d5990e3a890b509b89b
MD5 (./Contents/Resources/License.txt) = fee6ff588ac878ba302927d5ead00c2d
MD5 (./Contents/Resources/TrueCrypt User Guide.pdf) = 60b1ea96c0dcb7238da39844f0c11910
MD5 (./Contents/Resources/TrueCrypt.icns) = 3c9cfcb366e0df907f9f123af5f5be80