Truecrypt loophole?
Whats the use of implementing Truecrypt if it doesnt ask for password while copying or deleting the Truecrypt file container.
Its like trying to crack WPA-PSK passphrase. You grab the handshake file and try to crack it with brute force methods and if god forbid, the password is easy then....................
What do you think?
Last edited by exus69; 06-02-2011 at 06:29 AM.
Having knowledge is one thing and applying that knowledge to earn money (of course, legally) is a completely different thing...
Re: Truecrypt loophole?
Yes having possession of any piece of hardware or data is a vulnerability, hence the need for strong access control (both physical and logical).
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Re: Truecrypt loophole?
Excellent points. However, as a recent case has shown, choosing a really good passphrase will defeat even determined efforts at cracking:Originally Posted by thorin
http://www.paranoidprose.com/2010/06...words-1-fbi-0/Looks like open source disk encryption software TrueCrypt has shown its mettle in a cybercrime case out of Brazil. The Brazilian police seized 500 TrueCrypt protected drives from the apartment of Daniel Dantas, a Rio banker accused of financial crimes. In Brazil, there is no law compelling defendants to reveal passwords to encrypted evidence, so the Brazilian crime lab attempted to break the encryption for five months with no success. They then turned to the US FBI, who ran dictionary attacks against the encryption for another year. No joy. As a result of the banker’s good password practices, the 500 drives with potential evidence were reduced to really ugly paperweights.
Brazilian banker's crypto baffles FBI
18 months of failure
By John Leyden
http://www.theregister.co.uk/2010/06...ypto_lock_out/
Re: Truecrypt loophole?
I strongly agree with thorin
Saviour Emmauel Ekiko
Re: Truecrypt loophole?
I know this isn't exactly a solution and could be more of an annoyance but you could use the chattr +i (chattr +i foo) to make the file undeleteable and unmodifiable. Therefor before you mount and try to write to the volume you would have to remove that attribute (chattr -i foo) and then when your finnished reapply it. This would prevent the file from being removed accidently and pose as another step to someone who might be purposefully trying to remove it. But as Thorin states nothing is better then physical security.
Re: Truecrypt loophole?
Thanks ThorinOne more question, suppose I've 2GB pen drive with 1GB of data in it and I create 100MB of Truecrypt file container. If my pen drive gets infected with virus will it affect the contents of 100MB Truecrypt file container??
Last edited by exus69; 06-02-2011 at 06:28 AM.
Having knowledge is one thing and applying that knowledge to earn money (of course, legally) is a completely different thing...
Re: Truecrypt loophole?
Concerning the virus question, if the truecrypt container was open, then the contents could be affected. Otherwise, a virus would see it as just another file & be unable to tell what the contents are. Depending on the attributes of the virus, it might mangle the truecrypt container to be unreadable. Interesting (if scary) possibility...a piece of malware that only goes after truecrypt files.
Re: Truecrypt loophole?
Thanks scottm99
Having knowledge is one thing and applying that knowledge to earn money (of course, legally) is a completely different thing...
Posting Permissions
