[jonathanpierre]

Is that just a rant or do you have an actual reason to call TrueCrypt crappy? It was at least somewhat solid and it definitely had a great mindshare at the time. It wasn't niche.

Also, describing small-scale intervention in cryptography by services "mythologic" in a thread about news about large-scale intervention in cryptography by those services is a bit odd.

[tptacek]

I don't even understand the theory underneath this supposed conspiracy, since full-disk encryption is utterly mainstream at this point. I also don't need to get too deep into what I don't like about TrueCrypt; use it if you like it. The problem is with the model of full-disk encryption; outside of phones with deeply integrated hardware designs that support it, FDE is the least powerful form of encryption we use. It wasn't even a speed bump for the Ulbricht investigators.

By all means: enable FDE. You have to turn it on. It's not optional. But the threat it defends against is not the threat many people think it defends against. It's hard to imagine it being such a priority that any government would launch a conspiracy to shut down an open source project.

[jonathanpierre]

Again: why do you use such belittling words like "conspiracy theory"? We know that the services interfere. We know that they interfered with vendors of cryptography products. And we know that National Security Letters exist, as do other – legal – means to pressure such vendors. There is no conspiracy needed for them to try to pressure someone by, say, threatening them with denial of a entry visa. Or they could have simply tried to buy them off which they might not have liked. It's not a crazy idea by any stretch.

> It wasn't even a speed bump for the Ulbricht investigators.

Are you talking about the situation where they had to very carefully snatch a running laptop from a suspect so that they can't lock it? Seems to me like FDE would have been at least a significant speedbump had they not circumvented it. Why else would they go to such trouble? And what would they have done if the suspect hadn't used his laptop in a public place?

[tptacek]

We in fact do not know that NSLs of the form suggested in the root comment exist. Such an NSL, requiring developers to stop work on a project, would in fact be unprecedented. It is, in fact, a conspiracy theory. In reality, the exact opposite thing occurs: the USG-backed Broadcast Board of Governors actively funds cryptographic privacy technology, both through direct grants to projects and, to head off other conspiracy theories, in much harder-to-subvert grants to 3rd party pentesters to find and report vulnerabilities in those tools.

[PuffinBlue]

Pretty sure you misinterpreted that comment. It's not suggesting that they pressured the devs to stop work, it says they were pressured to stop making it so awesome. The inference being that they were pressured to weaken the product and they walked away instead.

[Floegipoky]

Just like lavabit: https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_ord...

[tptacek]

Lavabit was a service that effectively held keys for its users and was compelled to disclose them. If we were discussing whether a vulnerable service was somehow compelled by the USG, I wouldn't argue. I doubt you'd even need an NSL compromise Lavabit; you might even be able to do it with routine civil litigation. Don't ever use things like Lavabit. That's why we talk about "end to end encryption", as opposed to the bad kind of encryption.

[tptacek]

An NSL to that effect would also be unprecedented. There is no evidence that anything like that has ever happened.

[abtinf]

While not an NSL, we do know USG leans on companies to implement weaker/breakable cryptography. There is at least one public example (attempts to compel Apple), and presumably there are many more successful undocumented attempts.

[est31]

> what would they have done if the suspect hadn't used his laptop in a public place?

Screw open his laptop when it's turned off and he's away from home, install a keylogger into the bios. Put a camera onto the shelf to film which keys he types to log in. If he puts a blanket over his head: solely rely on the sound each key makes. Hack his computer remotely using one of the government owned 0days and dump the keys. Use side channels to attain the password via the power outlet in the neighbouring house.

They had countless ways and they chose the one that revealed the least about their capabilities.

[jack_pp]

While what you are saying is possible technically, assuming any and all investigators in the US can tap into such capabilities is just FUD.

[tptacek]

The biggest problem with FDE is that as long as you're using the encrypted computer, FDE isn't protecting you. It doesn't take technical capabilities to exploit this; you just wait until the target has their laptop open to do the interdiction.

FDE's not worthless. Again, I don't think it's even optional; one of your laptops is eventually going to get stolen, and you're going to want the reassurance that at the very least, once it loses power, the thief won't have access to your data (meaning, in effect, that most thieves will never have access to your data). And it's somewhat more powerful on phones, which have integrated designs to make FDE more granular.

But the idea that of all the things the USG could spend energy on, aftermarket FDE software would be their target? It's not very plausible.

[abtinf]

Are Apple's new machines with T2 secure enclave less vulnerable in this regard? They claim all storage encryption goes through the chip, making it more like an integrated phone design.

[est31]

Yeah, on the county sheriff level those capabilities are probably not available. However, Ulbricht was target of investigations on a federal level. He was arrested by FBI agents.

[ta999999171]

Or...properly assessing risk?

[shalmanese]

Yeah, but are there any other forms of encryption that could have mitigated any of those attacks? Once your adversary has physical access to your environment/hardware, it's pretty much game over for security.

[barrkel]

AIUI it was a speedbump for Ulbricht; didn't they need to ambush him in a library in order to ensure they had access to his laptop's contents?

(I mean, sure, it didn't protect him in the end. But it was a speedbump.)

[pvg]

ambush him in a library

Someone started talking to him while someone else snagged his laptop - a thing you and a friend can do to more or less anyone. It's not like people rappelled down from helicopters with guns drawn.

[missingrib]

They developed USBKill right after to prevent against stuff like this. That said, I'm sure the FBI knows about that now as well and would avoid sticking USBs into computers they want to target randomly.

But, there are also other tools out there.

[nyolfen]

this is true but i wouldnt count on it as evidence either way; fbi would not have nsa tools