I'm emailing all day about various TrueCrypt issues, and since this list is new, maybe it's a good idea for me to forward stuff here until a real discussion starts... ---------- Forwarded message ---------- From: Bill Cox <waywardgeek@xxxxxxxxx> Date: Tue, Jun 3, 2014 at 8:31 PM Subject: Re: [Cryptography] Fork of TrueCrypt On Tue, Jun 3, 2014 at 7:27 PM, ... wrote: > > On Tue, Jun 3, 2014 at 4:05 AM, Bill Cox <waywardgeek@xxxxxxxxx> wrote: > >> An auto-update feature pinging the server would alert any network snooper >> of exactly who was using the TrueCrypt fork. From a security point of >> view, auto-update is DOA. >> > > Not 100% DOA (IMO) > For those that use it like a utility it is necessary (vast majority IMO). > IMO full disk encryption is under used and utility mode is a good thing. > But the more that use it the more hand holding is needed and updates > need to be smooth and painless. > > For organizations that deploy and manage software for their employees > auto update is not a good idea. Most sites will even want notifications > and version checks quashed. > > For those that intend to use it anonymously you are 99 44/100% correct > except for > the initial download and maintenance updates. It is true these can be made > from a different machine at a coffee house. > > There are risks in any update method one of which is a man in > the middle that invites one to auto update to a version with double > wide side and back doors. > > My preference is for an update checker process. One that cannot > do anything but check for the availability by default. Availability > can include security key updates. It can be turned off or not installed > without touching the disk tool. > > Once installed the update tool can contain the public half of a key pair > and with that "pre shared" key establish a connection in a possibly more > secure way than many zero knowledge only link establishment tools. > This includes signing, encrypting and verifying the package itself > all prior to installing an update. All to minimize the access many men in > the middle might try and gain. > > > > > > Hi, ... I think you are forgetting about the meta data leaks. This is no big deal for auto-update of Microsoft Windows, because every Windows PC on the planet checks in once a day with Microsoft servers. For TrueCrypt, it's a real killer. The NSA is on the lookout for users of encryption like TrueCrypt, and by monitoring the server traffic, they will know the IP address of every active user. This is simply not OK for TrueCrypt. Bill