Jump to content

Talk:TrueCrypt: Difference between revisions

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
Added some information on RealCrypt for further expansion in the main article
m Removed deprecated parameters in {{Talk header}} that are now handled automatically (Task 30)
 
(231 intermediate revisions by 88 users not shown)
Line 1: Line 1:
{{Talk header |search=yes }}
{{Talk header |search=yes }}
{{oldafdfull| date = 14 July 2014 (UTC) | result = '''speedy keep''' | page = TrueCrypt }}
{{WikiProject banner shell|class=C|1=
{{WikiProject Software |importance=Low}}
{{WikiProject Cryptography |importance=Mid}}
{{WikiProject Computing |importance=Mid |security=y |security-importance=High |software=y |software-importance=Low}}
{{WikiProject Mass surveillance |importance=Mid}}
{{WikiProject Journalism |importance=Low}}
{{WikiProject Politics |importance=Low}}
}}
{{User:MiszaBot/config
{{User:MiszaBot/config
|archiveheader = {{aan}}
|archiveheader = {{aan}}
|maxarchivesize = 100K
|maxarchivesize = 100K
|counter = 2
|counter = 3
|minthreadsleft = 5
|minthreadsleft = 5
|algo = old(90d)
|algo = old(90d)
|archive = Talk:TrueCrypt/Archive %(counter)d
|archive = Talk:TrueCrypt/Archive %(counter)d
}}
{{Auto archiving notice |bot=MiszaBot I |age=3 |units=months}}
{{WikiProjectBannerShell|1=
{{WikiProject Computing|class=C|importance=|software=yes|software-importance=}}
{{WikiProject Software|class=C}}
{{CryptographyProject}}
}}
}}


== External links modified ==
== A hoax attack "Stoned bootkit" must be removed ==


Hello fellow Wikipedians,
The author presented this as a valid attack. Later it turned out to be a classic hoax (the attack could be performed only by a privileged attacker who has already compromised the system). Only valid attacks may be presented in the article (anyone could create a hoax attack and present it in the article forever).


I have just modified 12 external links on [[TrueCrypt]]. Please take a moment to review [https://en.wikipedia.org/enwiki/w/index.php?diff=prev&oldid=799652017 my edit]. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit [[User:Cyberpower678/FaQs#InternetArchiveBot|this simple FaQ]] for additional information. I made the following changes:
[[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 16:06, 8 October 2010 (UTC)
*Corrected formatting/usage for http://www.truecrypt.org/localizations
:Can you show how it was proven that this was a hoax? [[User:Magog the Ogre|Magog the Ogre]] ([[User talk:Magog the Ogre|talk]]) 01:51, 9 October 2010 (UTC)
*Corrected formatting/usage for http://www.securstar.com/faq_drivecrypt.php
*Corrected formatting/usage for http://sourceforge.net/projects/truecrypt/
*Added archive https://archive.is/20140507093925/http://16s.us/software/TCHunt/tchunt_faq.txt to http://16s.us/software/TCHunt/tchunt_faq.txt
*Corrected formatting/usage for http://opencryptoaudit.org/
*Corrected formatting/usage for https://www.grc.com/misc/truecrypt/truecrypt.htm
*Added archive https://web.archive.org/web/20130115144156/http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf to http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf
*Corrected formatting/usage for https://www.reuters.com/article/2013/08/30/us-usa-security-snowden-nytimes-idUSBRE97T0RC20130830
*Corrected formatting/usage for http://auerfeld.wordpress.com/2013/08/31/miranda-where-is-the-uk-government-getting-its-numbers-from/
*Corrected formatting/usage for http://blogs.phoenixnewtimes.com/valleyfever/2014/02/true_crypt_software_that_hides.php
*Added archive https://archive.is/20120530131309/http://www.truecrypt.org/legal/license to http://www.truecrypt.org/legal/license
*Corrected formatting/usage for https://twitter.com/matthew_d_green/status/478721271316758528


When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
:: The attack does not pass the "10 Immutable Laws of Security" test.
:: http://technet.microsoft.com/en-us/library/cc722487.aspx


{{sourcecheck|checked=false|needhelp=}}
:: <code>Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.</code>


Cheers.—[[User:InternetArchiveBot|'''<span style="color:darkgrey;font-family:monospace">InternetArchiveBot</span>''']] <span style="color:green;font-family:Rockwell">([[User talk:InternetArchiveBot|Report bug]])</span> 01:04, 9 September 2017 (UTC)
:: The author was informed of this fact by the developers but he presented the attack as valid anyway. Therefore, it was a deliberate hoax. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:37, 9 October 2010 (UTC)


== Druking ==
:::You are correct, this attack bypasses TrueCrypt's security model. Users ''should be aware'' that attacks like this are possible, yet it comes as a surprise to many.
:::It never claimed to be a "new" attack, it was just making the point that the disk encryption security model does not apply to some significant real-world scenarios. Does this make the attack irrelevant or bogus? No.
:::In other words, making sure that the threat model applies to their scenario is the user's responsibility. The '''attacker isn't bound by the threat model''' -- the user is.
:::Let's say you leave your laptop at a hotel room for some time, someone sneaks in and tampers with it. What can you do -- yell at the attacker "You nasty cheater! You didn't use a valid attack! Give me back my encryption keys!"... Doesn't really work what way, does it? If they get your encryption keys they've successfully broken the system. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 18:54, 9 October 2010 (UTC)
:::: See my response below. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:24, 11 October 2010 (UTC)


:I think intgr is right; encryption is meant to keep ''everyone'' out, including people who might have physical access to the information that you have created. [[User:Magog the Ogre|Magog the Ogre]] ([[User talk:Magog the Ogre|talk]]) 02:48, 10 October 2010 (UTC)


Unless google translate is missing something, the sources do not support the claim that "In the special prosecutor investigation for [[Druking]] in [[South Korea]], the special prosecutor tried to decrypt files encrypted by TrueCrypt and he succeeded to decrypt some of them."
::You see that's the problem, users ''expect'' encryption to take care of all their data security problems, but it cannot. If an attacker gets physical access to your computer, they can tamper with it, and if you try to use the computer ''after'' it's been tampered with, it's game over &mdash; because there is attacker's software or their components running in your computer.
::It's a fundamental problem really, it's impossible to write secure software on top of compromised hardware. "Law #3" as quoted by LogicKey is true and I'm not disputing it at all. There are multiple ways to achieve this, one is installing a "bootkit" like Stoned, another is adding a hidden [[hardware keylogger]] device.


* http://newspim.com/news/view/20180827000369
::Hence why developers of security software define a "[[threat model]]" &mdash; a set of circumstances in which the software is secure. Hardware tampering is excluded from this threat model. This threat model is fully documented by TrueCrypt and users ''should be'' aware of it, but the consequences usually aren't obvious to users.
* https://translate.google.com/translate?&u=http%3A%2F%2Fnewspim.com%2Fnews%2Fview%2F20180827000369
::What LogicKey is saying that the attack is a hoax because it bypasses TrueCrypt's threat model.
* http://news.mk.co.kr/newsRead.php?year=2018&no=538301
::What I'm saying is, TrueCrypt's threat model has limitations and no smart attacker would "follow" the threat model. Like it or not, it's a weakness of the system. Documenting the attack on Wikipedia is actually a service done to users, so they know how easy it is to pull off these sorts of attacks.
* https://translate.google.com/translate?u=http%3A%2F%2Fnews.mk.co.kr%2FnewsRead.php%3Fyear%3D2018%26no%3D538301
::Anyway, this was already discussed back in February, in the section [[#Concerns: The "Stoned" bootkit]] -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 11:37, 10 October 2010 (UTC)
* http://www.yonhapnews.co.kr/bulletin/2018/07/18/0200000000AKR20180718142500004.HTML
* https://translate.google.com/translate?u=http%3A%2F%2Fwww.yonhapnews.co.kr%2Fbulletin%2F2018%2F07%2F18%2F0200000000AKR20180718142500004.HTML
* http://news.tvchosun.com/site/data/html_dir/2018/07/18/2018071890102.html
* https://translate.google.com/translate?u=http%3A%2F%2Fnews.tvchosun.com%2Fsite%2Fdata%2Fhtml_dir%2F2018%2F07%2F18%2F2018071890102.html


--[[User:Guy Macon|Guy Macon]] ([[User talk:Guy Macon|talk]]) 15:11, 28 August 2018 (UTC)
::: The weakness is a compromised system (it is not a weakness of TrueCrypt). TrueCrypt requires a secure system to work like any other security software.


:Regarding these edits,[https://en.wikipedia.org/enwiki/w/index.php?title=TrueCrypt&type=revision&diff=856899707&oldid=856531745][https://en.wikipedia.org/enwiki/w/index.php?title=TrueCrypt&type=revision&diff=856947745&oldid=856899707][https://en.wikipedia.org/enwiki/w/index.php?title=TrueCrypt&type=revision&diff=856947745&oldid=856899707][https://en.wikipedia.org/enwiki/w/index.php?title=TrueCrypt&type=revision&diff=857254448&oldid=857218077] extraordinary claims need extraordinary evidence.
::: If you wanted to demonstrate what physical security means, you would not publish an invalid attack on TrueCrypt and claim it is valid (like the author did). TrueCrypt documentation contained section 'Physical security' before this hoax was published. Anybody could create a hoax attack like this one and present it in the TrueCrypt article forever. Therefore, this hoax must be removed. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:20, 10 October 2010 (UTC)
:The PBKDF2 key stretching used in TrueCrypt considerably slows down both brute force attacks and dictionary attacks. A dictionary attack against Truecrypt runs at 820 passwords per second on an Intel Core i7-970 system at 3.2GHz.[https://www.semanticscholar.org/paper/Dictionary-Attack-on-TrueCrypt-with-RIVYERA-S3-5000-Abbas-Rathje/87725bf440792e0a12af15bf3296f6b490a57484][http://www.h-online.com/security/features/Attacking-TrueCrypt-1735157.html]
:Unless the police in question rented time on a supercompter (something that would surely have been mentioned in the sources) or the criminal was stupid and used '''[[Swordfish (password)|"Swordfish"]]''' as his password, any claims that they cracked Truecrypt are extremely implausible, and indeed from the Google translate of the Korean sources that Berryball cited, no such claim was made. Instead, I am seeing things like
:* "The FBI can not figure it out"
:* "The Password, a combination of 4 uppercase letters, numbers, and special characters in English...will take 120,000 years"
:* "the spy team was found to have made considerable progress in the investigation.. Druking is trying to solve the secret code by substituting the pattern which is supposed to be used in the password. It is a method of estimating cipher with keywords such as 'Jami Duo' (Chinese astrology), which is known to be believed by Druke, and 'KKM', which refers to Kyosho. It usually takes nine hours to decipher a four-digit password that is a mixture of English uppercase and lowercase letters, numbers and special characters based on one high-performance computer (workstation), the spokesman said. The spokesperson said the decryption process using patterns is fast, considering that it takes a whopping 120,000 years to decipher an 8-digit password without any pattern assignment."
:* "It's encrypted with a program called Truecrypt. It was said that it was difficult for foreign investigators to solve it. That part is hard to solve anymore. I secured enough to help with the investigation. This part of the investigation took up a large part of the investigation. There is also a decryption program, but persuaded the parties. It is one of the more difficult investigations than any other investigation."


:Given the evidence available, my conclusion is that the South Korean police did '''not''' decrypt the Truecrypt-encoded files, and I have deleted the claims as being unsourced. --[[User:Guy Macon|Guy Macon]] ([[User talk:Guy Macon|talk]]) 15:04, 30 August 2018 (UTC)
::::If the attack can be executed in a real situation then how you can claim it's a "hoax"? You're always implying this, but nobody is claiming that it breaks TrueCrypt's threat model. Nobody is claiming that the TrueCrypt documentation didn't warn users about the issue.
::::And even though it was documented, lots of people are still surprised that attacks like this are possible &mdash; which very well suggests that TrueCrypt's documentation does a poor job at informing their users (either people don't read it or they fail to draw the right conclusions).
::::The reason we're covering is here is because there is a significant amount of media coverage about Stoned's relation to TrueCrypt, partly a result of TrueCrypt Foundation's denial of the attack.


(The following comment was moved from my talk page. Discussions about the content of an article belong on that article's talk page. --[[User:Guy Macon|Guy Macon]] ([[User talk:Guy Macon|talk]]) 06:13, 31 August 2018 (UTC))
::::Anyway, we shouldn't even be having this "hoax or not hoax" argument because Wikipedia's [[WP:V|verifiability policy]] states:
::::"''The threshold for inclusion in Wikipedia is '''verifiability, not truth'''—whether readers can check that material in Wikipedia has already been published by a reliable source, not whether editors think it is true.''"
::::I totally agree that the section should be presented more [[WP:NPOV|neutrally]] (covering both Kleissner's and TrueCrypt's positions), but there is enough coverage in sources that it makes no sense to delete it. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 16:17, 10 October 2010 (UTC)


::I used many Korean newspapers as citations. But you just can't read Korean language at all.
::::: The attack is a hoax because it does not pass the the "10 Immutable Laws of Security" test.
::::: http://technet.microsoft.com/en-us/library/cc722487.aspx


::They are issues in South Korea, so they are written by Korean language on Korean newspapers. '''But you can't read any Korean language. It's just the problem.''' In your opinion, any Korean things can't be written on English Wikipedia until English newspaper writes about them! South Korea is not USA or Europe, so English newspapers don't write all Korean stuff! Many Korean newspapers write about them, but just you can't read Korean language, so we can't write about them on English Wikipedia? You can use Google Translate.
::::: <code>Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.</code>


::[[Maeil Business Newspaper]] (매일 경제) is one of three major South Korean economic newspapers. [[Yonhap]] (연합 뉴스) is the major news source for all South Korean newspapers. [[Chosun Broadcasting Company]] (TV 조선) is a daughter company of [[The Chosun Ilbo]] (조선 일보) for TV broadcasting. [[The Chosun Ilbo]] is the most famous newspaper in South Korea. I used three famous South Korean newspapers as the sources, but you deleted them just because you can't read Korean language. --[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 05:34, 31 August 2018 (UTC)
::::: The author sent a [[responsible disclosure]] message to the developers before publishing the hoax. This proves he presented it as a valid attack. But the attack is invalid (it does not pass the "10 Immutable Laws of Security" test). The developers informed the author of this fact before the attack was published. Therefore, by presenting the attack as valid, the author lost credibility. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:24, 11 October 2010 (UTC)


:::I just saw [[Talk:TrueCrypt#Druking]]. I'm translating sentences one-by-one for you. You can verify them using other translation websites or programs or other Korean people. --[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 06:08, 31 August 2018 (UTC)
:You're going in circles. This argument is totally irrelevant given that we have several reliable sources saying that the attack '''does''' apply to TrueCrypt. Please read [[WP:V]], [[WP:NPOV]] (or any other Wikipedia policy) and tell me what part of that you can use to justify the removal of this section? -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 16:55, 11 October 2010 (UTC)


::::I do '''not''' believe that "any Korean things can't be written on English Wikipedia until an English newspaper writes about them" please stop putting words in my mouth. Nor did I ever hint that the newspapers you cited were not reliable sources. I said that the the newspapers you cited do not appear to say what you claim they say.
:: The "10 Immutable Laws of Security" prove that the is attack invalid. Therefore, this hoax attack can be removed due to the following rule:


::::Yes, there are difficulties when someone who doesn't speak Korean evaluates a Korean source using Google Translate. But I am pretty sure that the translation "Druking is trying to solve the secret code" is inaccurate. Please cut and past the exact entence where you believe that one of your sources say that the '''solved''' the secret code instead of saying that they '''are trying''' to solve the secret code.
:: [[Wikipedia:Verifiability]]: <i>This policy requires that anything challenged or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the source directly supports the material in question.</i> [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:24, 12 October 2010 (UTC)


::::Here is your basic problem. You are claiming that Druking did something which is generally considered to be impossible (guessing a 16-character truecrypt password that consists of uppercase letters, numbers, and special characters using a dictionary attack). '''EXTRAORDINARY CLAIMS NEED TO BE BACKED UP BY EXTRAORDINARY EVIDENCE.''' --[[User:Guy Macon|Guy Macon]] ([[User talk:Guy Macon|talk]]) 06:13, 31 August 2018 (UTC)
:::The article '''has''' inline citations that state that Stoned can '''tamper TrueCrypt's MBR''' and '''bypass encryption'''. The article does not make any claims of "valid attack", however you might try to twist that phrase. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 15:29, 12 October 2010 (UTC)


:::::I'm sorry. I thought that you deleted these citations because of that. But you already tried to translate them yourself. --[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 07:24, 31 August 2018 (UTC)
:::: The author presented this as a valid attack on TrueCrypt. Therefore, at least one reliable source must directly support the attack as valid. The developers declared the attack invalid and the "10 Immutable Laws of Security" prove it really is invalid (the material was challenged even before it was published). [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 17:30, 12 October 2010 (UTC)


I thought you never tried to translate them using Google Translate, but you really did it! I can translate sentences one-by-one for you. You can verify them using other translation websites or programs or asking Korean people about them.
:::::No &mdash; the author presented it as a "bootkit" against multiple versions of Microsoft Windows, which includes Windows disk encryption software TrueCrypt. But I get it, you're going to claim that rootkits and trojans aren't valid attacks either. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 17:57, 12 October 2010 (UTC)


:::::: As I already said (and you deliberately ignored), the author sent a [[responsible disclosure]] message to the developers before he published the attack. This proves it was presented as a valid attack on TrueCrypt.


-트루크립트라는 프로그램으로 암호화했다고 하는데.
:::::: Anybody could create an "attack" on TrueCrypt by installing a keylogger. Then he could present the "attack" at Black Hat and attract media attention. But this does not make the attack valid and, of course, this does not mean such hoax should be presented in the TrueCrypt article. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 18:26, 12 October 2010 (UTC)


-(The documents) were encrypted by TrueCrypt.
The TrueCrypt documentation says that you shouldn't leave your laptop unattended, even for a moment. But if the only reasonable attack against a TrueCrypt-protected computer was a hardware keylogger then in practice you could leave your laptop unattended for hours (in a hotel room, to use the classic example), because such a thing is difficult and time-consuming to install. If you don't care about the authorities and think organised crime is unlikely to pray on you then you'd basically be able to ignore of this all as a technicality, since hardware key-loggers are very hard for non-experts to install without leaving clues.


▲ 외국 수사기관에서도 풀기 어려운 것이라고 했는데, 중요한 건 다 풀었고 일부 풀지 못한 부분이 있다. 그 부분은 더 이상 풀기 어려운 상황이다. 수사에 도움이 될 만한 정도 확보했다. 이 부분이 수사에 많은 부분을 차지했다. 암호 해독 프로그램도 있지만 당사자를 설득했다. 다른 어떤 수사보다 힘들었던 수사 중 하나다.
But hardware keyloggers are not the least difficult physical attack. So the question now becomes, what is? Can I leave my laptop for 30 minutes? 5 minutes? One!? This is a question that a Wikipedia should give an answer to, or at least as much of an answer as possible. The fact that TrueCrypt develops don't care about the answer, because their documentation essentially says "one second is already too long", is irrelevant. They are not the target audience of this article. [[User:Quietbritishjim|Quietbritishjim]] ([[User talk:Quietbritishjim|talk]]) 18:56, 12 October 2010 (UTC)


We decrypted important data and we couldn't decrypt some of them though decryption is difficult even for foreign law enforcement agencies. Some of the data are difficult to decrypt. But we already got some for investigation. This is the major part for the investigation. We have decryption programs but we also persuaded suspects. It is the most difficult investigation.
:: Encyclopedia must not consist of hoaxes.


([[NewsPim]] (뉴스핌) is not famous newspaper in South Korea.)
:: Once again: Anybody could create an "attack" on TrueCrypt by installing a keylogger. Then he could present the "attack" at Black Hat and attract media attention. But this does not make the attack valid and, of course, this does not mean such hoax should be presented in the TrueCrypt article.


http://newspim.com/news/view/20180827000369
:: [[Wikipedia:Verifiability]]: <i>This policy requires that anything challenged or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the source directly supports the material in question.</i>


:: This hoax is not directly supported by reliable sources. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 19:36, 12 October 2010 (UTC)


다만 특검팀이 출범 이후 여권의 정치 공세 속에서도 김씨와 그의 측근들을 집중 조사하고, `트루크립트(TrueCrypt)`라는 암호화 프로그램 일부를 해독해 김 지사와 김씨 간 연결고리를 비교적 상세히 밝혀낸 것은 적잖은 성과라는 평가를 받고 있다.


However, the special prosecutor team found the linkage (Kyeongsangnamdo province) governor Kim (Kyung-soo) and Mr. Kim by decryption of TrueCrypt though the investigation was hampered by the ruling party.
::: You say that 'anybody could create an "attack" on TrueCrypt by installing a keylogger'. By mentioning this, you have shown that you've missed my point. If the fastest physical "attack" (quotes added for your benefit) was using a hardware keylogger, then it '''should''' be discussed in the article, including the fact that TrueCrypt is not designed to protect against that, and indeed cannot.


([[Maeil Business Newspaper]] (매일 경제) is one of three major South Korean economic newspapers.)
::: Here is the key point: I am not in favour of discussing Stoned because it is a more effective physical "attack" than a keylogger. I am in favour of discussing Stoned because it is '''faster''' and '''easier to carry out''' physical "attack" than installing a keylogger. Do you disagree with this? [[User:Quietbritishjim|Quietbritishjim]] ([[User talk:Quietbritishjim|talk]]) 21:02, 12 October 2010 (UTC)


http://news.mk.co.kr/newsRead.php?year=2018&no=538301
:::: Whether a hardware keylogger can be installed faster than a software keylogger is hard to determine and is not relevant to the topic. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 17:51, 13 October 2010 (UTC)


----


보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.
It's pretty clear by now that you won't convince us and we won't convince you. So we can agree to disagree here and move on. Wikipedia can still function in the presence of disagreements, that's why we have the [[WP:CON|consensus policy]]. I have also presented my reasons above, based on the [[WP:V|verifiability policy]], to keep the section. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 17:04, 14 October 2010 (UTC)


(보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는 파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.) (The author missed one space between words so I inserted a space for translation.)
:Only with valid arguments you can win a discussion. You presented no valid arguments. You have no right to revert the edit supported by the arguments presented in this discussion.


Ordirnary encryption just using method to input a password, but TrueCrypt hides files. So it is difficult to find whether there is a hidden file or not. (I think it is a hidden volume.)
: [[Wikipedia:Verifiability]]: <i>This policy requires that anything challenged or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the source directly supports the material in question.</i> [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 17:24, 14 October 2010 (UTC)


특검팀은 드루킹이 운영한 경제적공진화모임(경공모) 회원을 상대로 한 암호 해독에 협조를 받으려 했지만, 이들은 의미 있는 자료에 걸린 암호는 기억이 잘 나지 않는다고 주장하는 것으로 전해졌다.
::Just because you refuse to accept any of our arguments doesn't mean that they aren't arguments. So here's one person (you), using a single source (MSDN Technet) that doesn't even mention TrueCrypt &mdash; editing against the consensus of several editors, and against several cited reliable sources exclusively on the topic of Stoned and TrueCrypt (iTWire, H-online, heise.de, gulli.de, Black Hat conference).
::And frankly there's no point in continuing the same argument ''ad infinitum''; as I said, it doesn't look like we will ever convince you and nor will you convince us. Your edit comment claims "no consensus", but there '''actually is a consensus''' and it's for keeping the section.
::I don't know why you're quoting the verifiability policy here, the section that you deleted was indeed supported by sources. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 18:11, 14 October 2010 (UTC)


The special prosecutor team tried to get help from the suspects (members of 경제적공진화모임) but they said that they don't remember the passwords for important data.
:::* The "10 Immutable Laws of Security" is a generic test of a validity of an attack on a security product.
:::* The developers of TrueCrypt stated the attack is invalid.
:::* None of the sources directly supports the validity of this attack. News sites just inform about a newly reported attack. Black Hat just provides a platform for presentations.
:::* Do not use the word "we" when you should use "I".
::: [[Wikipedia:Verifiability]]: <i>This policy requires that <b>anything challenged or likely to be challenged</b>, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the <b>source directly supports the material in question</b>.</i>
::: [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 19:03, 14 October 2010 (UTC)


악조건 속에서도 특검팀은 전날 16자리 암호를 해독하는 등 수사에 상당한 진척을 보이는 것으로 파악됐다. 드루킹 일당이 암호에 사용했을 것으로 추정되는 패턴을 대입해 속속 암호를 풀어내고 있는 것이다.
::::* Whether the "10 Immutable Laws of Security" applies to Stoned or not, is your [[WP:OR|original research]]/[[WP:SYN|synthesis]] and is not welcome on Wikipedia.
::::* What the authors of TrueCrypt said is a [[WP:PSTS|primary source]] and their use is limited on Wikipedia.
::::* But the article '''never claimed that it's a valid attack either''', it reports what is said in the sources.
::::* Two conflicting viewpoints should '''both''' be covered per [[WP:NPOV]]. There's no justification for removing the material that someone disagreed with.
::::* You pasted the verifiability policy again and I still don't know why. You could be more helpful by explaining what material in the article is not supported by the sources. In any case this is not justification for deleting the section as a whole.
::::-- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 20:13, 14 October 2010 (UTC)


The special prosecutor team decrypted 16 character (16 digit) password yesterday. The special prosecutor team input pattern as a password that Druking group maybe uses as a password. (The special prosecutor team conjectured the most probable password that Druking group used.)
:::::* The "10 Immutable Laws of Security" were compiled by Microsoft to enable security researchers to quickly determine whether an attack is valid or not.
:::::* What the developers of TrueCrypt stated is important because it makes the material <b>challenged</b> (see the rule below).
:::::* When a material is challenged, [[Wikipedia:Verifiability]] requires not only that the sources must be reliable but they also must <b>directly support</b> the validity of the material. News sites only report news (they do not directly support the material), Black Hat does not peer review the presentations (it also does not directly support the validity of the material).
::::: [[Wikipedia:Verifiability]]: <i>This policy requires that <b>anything challenged or likely to be challenged</b>, including all quotations, be attributed to a <b>reliable source</b> in the form of an inline citation, <b>and that the source directly supports the material in question</b>.</i> [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:25, 15 October 2010 (UTC)


드루킹이 신봉한 것으로 알려진 '자미두수'(중국 점성술)와 경공모를 지칭하는 'KKM' 등을 키워드로 암호를 추정하는 방식이다.
::::::You are misinterpreting the policy. The verifiability policy applies to '''content on Wikipedia''' &mdash; not external documents. It doesn't apply to TrueCrypt developers challenging Stoned. It applies to you challenging the "Stoned" section on Wikipedia. The "material in question" refers to what is being said on Wikipedia and the given sources have to support it.
::::::You should be reading the policy as a whole, not clinging on to individual bits and pieces. The very same paragraph you quoted starts out with: "''All '''material in Wikipedia articles must be attributable to a reliable published source''' to show that it is not original research''" &mdash; that summarizes the intent of the paragraph. This is also echoed throughout the whole policy.
::::::When multiple sources are in disagreement, there is still no basis to delete the content &mdash; Wikipedia should cover all the significant viewpoints; see [[WP:NPOV|neutral point of view]].
::::::You bring up the "10 Immutable Laws of Security" again, but as I explained above, how it applies to Stoned is your [[WP:OR|original research]]/[[WP:SYN|synthesis]] and thus cannot be used on Wikipedia. Even if it came from a reliable source, it would fall under [[WP:NPOV]] and thus still wouldn't be a reason for deleting the section.
::::::The fact that you seem reluctant to do more research on Wikipedia policies, and that you repeat your arguments without responding to my refutal, makes this discussion very frustrating. Truth is, a consensus already exists &mdash; you're alone in trying to delete this section. You cannot win arguments on Wikipedia by being the vocal minority. I can withdraw from this argument and that doesn't mean you've "won". -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 16:28, 15 October 2010 (UTC)


For example, the special prosecutor team tried to input [[Zi wei dou shu]] (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a [[dictionary attack]].)
::::::: [[Wikipedia:Verifiability]]: <i>This policy requires that <b>anything challenged</b> or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the <b>source directly supports the material in question.</b></i>


([[Yonhap]] (연합 뉴스) is the major news source for all South Korean newspapers.)
::::::: The credibility of the material is challenged (the developers stated the attack is invalid). In this case, [[Wikipedia:Verifiability]] requires that the validity of the material must be directly supported by reliable sources. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 20:01, 15 October 2010 (UTC)


http://www.yonhapnews.co.kr/bulletin/2018/07/18/0200000000AKR20180718142500004.HTML
{{unindent}}LogicKey, verifiability extends to citing hard facts (e.g., George W. Bush is 62 years old), not to invalidating any source which has an interpretation of facts we don't like (e.g., saying the Wall Street Journal is an invalid source for claiming that the war in Iraq was controversial). Your reading of that passage misconstrues it to such an extent that ''any'' editor disputing ''any'' content could wholly remove the section. And that's simply not correct. [[User:Magog the Ogre|Magog the Ogre]] ([[User talk:Magog the Ogre|talk]]) 21:12, 15 October 2010 (UTC)


: The basic rule defined by [[Wikipedia:Verifiability]] prevents <b>challenged materials</b> from being included in Wikipedia unless they are directly supported by reliable sources (proving the challenge is invalid).


특별 검사: "저희가 지금 가장 어려운 부분이 암호, 어, 지난번에도 제가 말씀드렸지만 은닉된 파일을 찾는 것입니다." (video 00:00 - 00:12)
: The validity of the attack is challenged but no reliable source directly supports it. Nothing proves the claim of the developers (that the attack is invalid) is wrong and, therefore, <b>the challenge remains valid</b>.


Special prosecutor: "For us, the most difficult part is the encryption. I said last time too, it is to find the hidden files." (video 00:00 - 00:12)
: The 2nd paragraph of [[Wikipedia:Verifiability]] applies to the material: <i>This policy requires that <b>anything challenged</b> or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the <b>source directly supports the material in question.</b></i>
: [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 15:29, 16 October 2010 (UTC)


특별 검사: "이 암호의 특징은 보통 우리가 한글 파일이라든지 이런 것을 보면, 파일은 보이는데 패스워드 암호를 입력하도록 되어 있어서 눈에 보이는 암호가 대부분인데 트루크립트는 눈에 보이질 않습니다. 은닉돼있는 암호구요. 그래서 파일이 있는지 없는지조차도 확인하기 어려운데 그것을 확인하고 있습니다." (video 02:05 - 02:35)
::I already explained this once, but I will try again: The verifiability policy only applies to '''material on Wikipedia'''. You quoted the 2nd paragraph only partially &mdash; if you read the whole paragraph, it's clear that your interpretation is not the intended one:
:::"'''''All material in Wikipedia articles must be attributable to a reliable published source to show that it is not original research''', but in practice not everything need actually be attributed. This policy requires that anything challenged or likely to be challenged, including all quotations, be attributed to a reliable source in the form of an inline citation, and that the source directly supports the material in question.''"
::It talks abouit challenging material on Wikipedia, not material in sources. The part that you quoted is simply a clarification of ''when to add citations'': in situations where material [in Wikipedia articles] may be challenged. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 15:42, 16 October 2010 (UTC)


Special prosecutor: "Ordinary encryptions use just passwords but this encryption's character (nature) is to hide files so we can't see the hidden files. It is a hidden encryption. So it is difficult to know whether there are files or not, but we tried to check there are files or not." (video 02:05 - 02:35)
::: The 2nd paragraph is not only a clarification of "when to add citations". The rule applies to <i>anything challenged or likely to be challenged, including all quotations</i>. It requires that a <b>challenged material must be directly supported</b> by a reliable source (eliminating the challenge). If the condition is not met, the challenged material must not be included. [[User:LogicKey|LogicKey]] ([[User talk:LogicKey|talk]]) 16:52, 16 October 2010 (UTC)


(Though this video broadcasts on [[The Dong-a Ilbo]](동아 일보)'s website, this video's source is [[OBS Gyeongin TV]].)


http://voda.donga.com/3/all/39/1394189/1
Uff guys guys, first of all the TrueCrypt "attack" was just 1 page (not even one page) out of 46 in the Stoned Bootkit paper. Whats special about the bootkit is that you can install it on the encrypted drive without knowing the password. There is no other software that allows you that, you cannot install any rootkit on an encrypted drive and other bootkits will make the computer unusable (the boot process will fail). One point why I criticized TrueCrypt was because they do not secure their own software on a running system (you can simply overwrite the MBR). Thats why the fancy emails with them. But the bottom line is that Stoned was a dedicated "attack" on the TrueCrypt software, thus its worth mentioning here. And multiple law enforcements are using my software already. They get a court order, they install Stoned (and their own trojan) and give back the laptop. Once the suspect logs on, they have the evidence. -Peter Kleissner


경공모가 이중삼중으로 걸어놓은 암호파일들이 특검팀에 의해 풀리기 시작한 것도 이들의 진술변화에 한몫했습니다.
:FYI LogicKey was banned for edit warring ([[User talk:LogicKey]]) so this argument is pretty much over. But thanks for chiming in. :) -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 15:16, 27 October 2010 (UTC)


Kyeong-gong-mo's attitude in the investigation was changed after the encrypted files were decrypted by the special prosecutor team.
Am I the only one who think that [[User:LogicKey|LogicKey]] and "Austrian software developer Peter Kleissner" are the same person? This section about "Stoned" bootkit are useless! Above section already explains Physical security issues applicable to TrueCrypt. [[Special:Contributions/91.77.254.56|91.77.254.56]] ([[User talk:91.77.254.56|talk]]) 11:35, 10 March 2011 (UTC)
:Considering LogicKey was arguing the attack was a hoax and for exclusion of the section about 'Stoned' to the extent of edit warring leading up to a block. And meanwhile Peter Kleissner is apparently the author of the Stoned software and saying it's been used by law enforcement and in particular, saying that in their opinion TrueCrypt's implementation was flawed because didn't even attempt to stop the MBR being overwritten after TrueCrypt had been loaded. It seems rather unlikely they are the same person.... [[User:Nil Einne|Nil Einne]] ([[User talk:Nil Einne|talk]]) 23:30, 14 July 2011 (UTC)


드루킹 일당은 과거 대공사범들이 주로 사용하던 '트루크립트'라는 암호화 프로그램까지 동원해 사용기록을 감췄는데, 특검팀내 검경 포렌식 전문가들이 풀기 시작한 겁니다.
== Operation Satyagraha Information should be removed ==


Druking group used TrueCrypt that spies usually used, but forensic specialists in the special prosecutor team decrypted some of them.
Until it is confirmed that there was actually something usable on the drive (perhaps the disk was filled with tripe?), that truecrypt (rather than something else) prevented access to it (there are mentions in some articles about another security method), and that the government did not, in fact, decrypt the drive. <span style="font-size: smaller;" class="autosigned">—Preceding [[Wikipedia:Signatures|unsigned]] comment added by [[Special:Contributions/68.165.132.208|68.165.132.208]] ([[User talk:68.165.132.208|talk]]) 14:02, 20 November 2010 (UTC)</span><!-- Template:UnsignedIP --> <!--Autosigned by SineBot-->


([[Chosun Broadcasting Company]] (TV 조선) is a daughter company of [[The Chosun Ilbo]] (조선 일보) for TV broadcasting. The Chosun Ilbo is the most famous newspaper in South Korea.)
:How do you expect it to be confirmed? It won't ever be. Also what are these "some articles"?


http://news.tvchosun.com/site/data/html_dir/2018/07/18/2018071890102.html
:Per [[WP:V|verifiability policy]], the current source supports everything that's in the article. If another source contradicts these claims then the contradiction can be covered in the article as well, but I see no reasons to remove it. -- [[user:intgr|intgr]]&nbsp;<small>[[user talk:intgr|[talk]]]</small> 16:41, 20 November 2010 (UTC)


--[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 07:03, 31 August 2018 (UTC)
== Performance ==


[[Druking]] didn't use random 16 character passwords. He input some words into the passwords and the special prosecutor team knows what words he likes!
Let's start a civil discussion about this issue. You're set on emphasizing the *poor* performance of TrueCrypt. Sources being to the contrary, I dispute that point of view.
[[Special:Contributions/68.102.20.122|68.102.20.122]] ([[User talk:68.102.20.122|talk]]) 22:31, 20 January 2011 (UTC)
:I'm not certain who you mean by "you're", though I can't see the current article as suggesting anything about "poor" performance at all; the article as it was before your changes seemed to reflect the sources listed quite accurately, and in neutral terms. Your edits on the other hand seem to only detail only selected parts of the sources.
:I've reverted your change back pending consensus being reached [[User:Moonradar|Moonradar]] ([[User talk:Moonradar|talk]]) 23:56, 20 January 2011 (UTC)
::Please review [http://en.wikipedia.org/enwiki/w/index.php?title=TrueCrypt&diff=prev&oldid=404712625| this diff] of the first time I touched the article. At this point, the only sources on the article at all talked about good performance, so I removed an unsourced assertion about poor performance. It was reverted to re-emphasize TrueCrypt's poor performance. This attitude has persisted, even as I have introduced sources that describe its good performance. Without exception, bits about performance reductions are cherry-picked out of sources, and I'm left with commit comments that state "inherently true," "Overhead still present," as well as some unhelpful standard "Undid..." messages. There was the appearance of an "it's obvious" attitude that led people to not bother to provide sources for statements like "though using TrueCrypt on a drive will still decrease performance." I find that non-obvious, so I've challenged it, with inline tags and commit comments asking for a source to make that case. No one else has added any sources, and every source I've found (excluding blogs) spins its performance in a positive light. And yet, looking at the article, the reader is left with a distinctly different impression.
::I feel my latest edit introduced a neutral point of view in an even-handed manner, without plagiarizing Tom's Hardware, without excessively close paraphrasing, and without giving undue weight to lines about performance reduction. Particularly, the line about "power users" is off the mark in an encyclopedic article: the review doesn't say anything about what that means, or how it was measured. The sources themselves spend far more ink talking about good performance, which is reflected in my work. [[Special:Contributions/68.102.20.122|68.102.20.122]] ([[User talk:68.102.20.122|talk]]) 00:25, 21 January 2011 (UTC)


And nobody uses random passwords because it is difficult to remember random passwords. Instead that, people use very long [[passphrase]]s including words to encrypt data. (For instance, 20 or 40 character passphrases.)
::I've attempted a further compromise, rewording what I consider the three most negative parts to be more neutral:
::*"was slower compared to an unencrypted disk" changed to "had a performance impact"; 'slower' implies a judgment not present in the article
:::No judgment present; it's just simple [[WP:UPE]]
::*"on dual-core Core i5-600-series CPU or a quad-core Core i5-700-series chip" changed to "on multi-core systems"; test rig specifics weren't key to that article, only the distinction between multi- and single-core chips
:::In benchmarking, the test system used is ''very significant'' - that's why Toms Hardware details it. The source article doesn't state the difference is between N-cored CPUs
::*"though can still have a noticeable impact in some instances, and power users will complain" changed to "depending on the application"; 'complain' is subjective and tossed in at the last second, and the first clause feels weaselly
::Thoughts? [[Special:Contributions/68.102.20.122|68.102.20.122]] ([[User talk:68.102.20.122|talk]]) 00:42, 21 January 2011 (UTC)
:::That's understandable - I've kept this in, but put back the power users comment as per the source [[User:Moonradar|Moonradar]] ([[User talk:Moonradar|talk]]) 12:45, 30 January 2011 (UTC)
::::You seem to have an axe to grind about this topic. I don't understand how you can read the same sources I'm reading and come to such different conclusions. [[Special:Contributions/68.102.20.122|68.102.20.122]] ([[User talk:68.102.20.122|talk]]) 01:40, 31 January 2011 (UTC)


--[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 07:07, 31 August 2018 (UTC)


:Ah. I see where you went wrong. Above you wrote ''"For example, the special prosecutor team tried to input [[Zi wei dou shu]] (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a [[dictionary attack]].)"'' That's not a dictionary attack. That's attempting to guess the passphrase based upon knowledge about the person who chose the passphrase. A dictionary attack is attempting to guess the passphrase using every word in a dictionary as the first word, plus every word in a dictionary as the second word, and so on. A guessing attack is a common technique used by police, and works well if the person picked a guessable passphrase such as his birthday, name of his dog, favorite sports team., etc. A dictionary attack doesn't work on truecrypt. It takes a very long time to check each passphrase and the attacker dies of old age before trying 0.01% of the phrases from the dictionary.
:: Hello,
:: Regarding the sentence "Using a fast multi core processor and a fast system drive, preferably a Flash SSD, makes TrueCrypt almost transparent" which is an excerpt of tomshardware website, I strongly disagree with the assertion that "a fast system drive, preferably a Flash SSD" makes true crypt more performant. The tomshardware review does not provide enough evidence (benchmark with a hard drive, then with a SSD) to validate such an assertion. However, what is sure:
::# the performance of true crypt is limited solely by the processing capacities of the computer (if the processor can encrypt/decrypt faster than the storage device can write/read, then obviously you wouldn't see a performance degradation due to encryption)
::# for security reasons, it is not recommended to store a true crypt encrypted file/partition on a SSD or a USB key because such devices use a wear-leveling mechanism to extend their lifetime. The true crypt website states: "we recommend that TrueCrypt volumes are not created/stored on devices (or in file systems) that utilize a wear-leveling mechanism" (http://www.truecrypt.org/docs/?s=wear-leveling). Using a RAID of hard-drives to achieve read/write performance is thus preferable in this respect.
:: Regards. <span style="font-size: smaller;" class="autosigned">—Preceding [[Wikipedia:Signatures|unsigned]] comment added by [[Special:Contributions/77.194.156.87|77.194.156.87]] ([[User talk:77.194.156.87|talk]]) 00:07, 10 March 2011 (UTC)</span><!-- Template:UnsignedIP --> <!--Autosigned by SineBot-->


:I suggest that you re-add the material, but instead of making the false claim about a dictionary attack, you simply say that the special prosecutor team guessed his passphrase based upon information they knew about him. --[[User:Guy Macon|Guy Macon]] ([[User talk:Guy Macon|talk]]) 15:22, 31 August 2018 (UTC)
== TrueCrypt Foundation non-profit status ==


::I see. --[[User:Berryball|Berryball]] ([[User talk:Berryball|talk]]) 16:05, 31 August 2018 (UTC)
What evidence is there that the TrueCrypt Foundation is legally a non-profit? I searched for them using GuideStar to no avail. Inclined to remove the "a non-profit organization" phrase unless it is somehow evidenced outside truecrypt.org.
[[User:Threexk|Threexk]] ([[User talk:Threexk|talk]]) 16:07, 7 July 2011 (UTC)


== the web page for true crypt ==
== Performance ==


the web link to truecrypt needs to be deleted as it is discontinued [[User:Superusergeneric|Superusergeneric]] ([[User talk:Superusergeneric|talk]]) 08:23, 25 August 2021 (UTC)
An IP recently changed the performance section to make it more favourable to TrueCrypt, removing "subjective" text even though it was being quoted from a source, and even though there was favourable unquoted subjective comment in the same sentence ("the performance impact of TrueCrypt on desktop applications is not generally noticeable"). That section already had a citation [http://www.pcworld.com/businesscenter/article/148092/truecrypt_60_improves_data_security_performance.html] to back up a claim that TrueCrypt is "almost transparent", when in fact that page says nothing specific about TrueCrypt's performance.


== "Development continues on two forks, VeraCrypt and CipherShed" ==
I've tidied up that section a little to try and put objective statements in the first paragraph, and more accurately quote Tom's hardware review in the second. However I'm still very unhappy with this; I don't think Tom's hardware is a reliable source for the claims they make. For a start, they describe TrueCrypt performance in practice, but only test with benchmarks, which are rather artificial. (For instance, I find that TrueCrypt makes Windows 7 thrash it's hard drive for several minutes after a hibernation; this isn't checked by that source, which presumably lets things settle down before conducting a benchmark.) Even worse, they discuss performance over different hardware configurations, but had only tested with one, so this is clearly pure speculation. And this is precisely the stuff being quoted in this article!


VeraCrypt is active. Ciphershed is dead. The last CipherShed release was 0.7.4.0 (February 1, 2016). The last post to the CipherShed Forum was in 2016. Please correct the article.
I think some more reliable, accurate sources need to be found. [[User:Quietbritishjim|Quietbritishjim]] ([[User talk:Quietbritishjim|talk]]) 00:28, 24 July 2011 (UTC)


Also see [https://github.com/CipherShed/CipherShed/issues/49 Project Dead?] and [https://www.johndstech.com/security/ciphershed-is-dead/ Giving Up on CipherShed] 22:43, 24 March 2022 (UTC)[[Special:Contributions/2600:1700:D0A0:21B0:B858:3590:F10E:CA10|2600:1700:D0A0:21B0:B858:3590:F10E:CA10]] ([[User talk:2600:1700:D0A0:21B0:B858:3590:F10E:CA10|talk]])
== David Tesařík no longer the owner of the trademark in the Czech Republic ==
:Duly noted. [[User:Waysidesc|Waysidesc]] ([[User talk:Waysidesc|talk]]) 02:34, 25 March 2022 (UTC)


== Druking ==
The info on David Tesařík as the person who registered the trademark TRUECRYPT in the Czech Republic should be amended; the registration has been changed to:


This doesn't seem to make any sense;
(730) Applicant/Owner
TrueCrypt Developers Association, LC
375 N. Stephanie St., Suite 1411
Henderson US


"He decrypted some of encrypted files by trying words and phrases the druking group had used elsewhere as parts of the passphrase in order to make educated guesses."
This can be seen by doing a search on the pages of the Czech Industrial Property Office, http://upv.cz , specifically at
http://isdv.upv.cz/portal/pls/portal/portlets.ozs.frm?plan=English (English search)


That's not even how it works, is it? You can't just decrypt random files piecemeal with individual passwords. You either determine the key/password and are able to decrypt the drive, or you don't, in which case you have no access to the encrypted material whatsoever.
http://isdv.upv.cz/portal/pls/portal/portlets.ozs.det?pozk=154085&plan=en (English result)


I see this claim has already been argued about and had been removed in the past, it should be removed again for the exact same reasons it already was. Even the translated material does not back this claim up. But the claim itself seems to be objectively impossible anyway and suggests a fundamental misunderstanding of the subject matter on the part of whoever put it there.[[User:Lordlylightofjesus|Lordlylightofjesus]] ([[User talk:Lordlylightofjesus|talk]]) 20:19, 17 March 2023 (UTC)
David Tesařík appears in the Trade Register as licensed for "Advertising, marketing, media representation, translation and interpreting".
http://www.rzp.cz/cgi-bin/aps_cacheWEB.sh?VSS_SERV=ZVWSBJVYP&OKRES=&CASTOBCE=&OBEC=&ULICE=&CDOM=&COR=&COZ=&ICO=64907279&OBCHJM=&OBCHJMATD=0&JMENO=&PRIJMENI=&NAROZENI=&ROLE=&VYPIS=1&PODLE=subjekt&IDICO=f5314fa8dff4894b&HISTORIE=1 <span style="font-size: smaller;" class="autosigned">— Preceding [[Wikipedia:Signatures|unsigned]] comment added by [[Special:Contributions/109.232.208.11|109.232.208.11]] ([[User talk:109.232.208.11|talk]]) 08:20, 18 August 2011 (UTC)</span><!-- Template:Unsigned IP --> <!--Autosigned by SineBot-->


== merge with TrueCrypt_release_history ==
:The page (in English) states that David Tesařík registered it, and the applicant was renamed. The topic as written states that he registered it (which appears to be factual). [[User:Tedickey|TEDickey]] ([[User talk:Tedickey|talk]]) 08:41, 18 August 2011 (UTC)


[[TrueCrypt_release_history]] [[Special:Contributions/2601:646:200:43F0:3C64:C5EC:D2E6:795C|2601:646:200:43F0:3C64:C5EC:D2E6:795C]] ([[User talk:2601:646:200:43F0:3C64:C5EC:D2E6:795C|talk]]) 17:38, 20 November 2023 (UTC)
== RealCrypt ==
TrueCrypt is being distributed by some distributions e.g. Mandriva, or communities around distributions e.g. RPM Fusion for Fedora, or as installers for TrueCrypt e.g. Gentoo. In the case of Mandriva and RPM Fusion they have rebranded TrueCrypt as RealCrypt in order to comply with TrueCrypt License Version 3.0. It would be useful to add this information and elaborate on it in the main article, for anyone who is knowledgeable about RealCrypt and it's implications. It would also be worth updating the information related to the differences between the 2.5, 2.8 and 3.0 licences and the implications they changes in the licences may have for other distributions able or willing to distribute TrueCrypt/RealCrypt.
Some links:
* Mandriva RealCrypt http://wiki.mandriva.com/en/RealCrypt
* RPM Fusion RealCrypt http://rpmfusion.org/Package/realcrypt
* Gentoo TrueCrypt http://en.gentoo-wiki.com/wiki/TrueCrypt
[[User:Stephenjudge|Stephen Judge]] ([[User talk:Stephenjudge|talk]]) 16:36, 5 October 2011 (UTC)

Latest revision as of 12:27, 10 July 2024

[edit]

Hello fellow Wikipedians,

I have just modified 12 external links on TrueCrypt. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 01:04, 9 September 2017 (UTC)[reply]

Druking

[edit]

Unless google translate is missing something, the sources do not support the claim that "In the special prosecutor investigation for Druking in South Korea, the special prosecutor tried to decrypt files encrypted by TrueCrypt and he succeeded to decrypt some of them."

--Guy Macon (talk) 15:11, 28 August 2018 (UTC)[reply]

Regarding these edits,[1][2][3][4] extraordinary claims need extraordinary evidence.
The PBKDF2 key stretching used in TrueCrypt considerably slows down both brute force attacks and dictionary attacks. A dictionary attack against Truecrypt runs at 820 passwords per second on an Intel Core i7-970 system at 3.2GHz.[5][6]
Unless the police in question rented time on a supercompter (something that would surely have been mentioned in the sources) or the criminal was stupid and used "Swordfish" as his password, any claims that they cracked Truecrypt are extremely implausible, and indeed from the Google translate of the Korean sources that Berryball cited, no such claim was made. Instead, I am seeing things like
  • "The FBI can not figure it out"
  • "The Password, a combination of 4 uppercase letters, numbers, and special characters in English...will take 120,000 years"
  • "the spy team was found to have made considerable progress in the investigation.. Druking is trying to solve the secret code by substituting the pattern which is supposed to be used in the password. It is a method of estimating cipher with keywords such as 'Jami Duo' (Chinese astrology), which is known to be believed by Druke, and 'KKM', which refers to Kyosho. It usually takes nine hours to decipher a four-digit password that is a mixture of English uppercase and lowercase letters, numbers and special characters based on one high-performance computer (workstation), the spokesman said. The spokesperson said the decryption process using patterns is fast, considering that it takes a whopping 120,000 years to decipher an 8-digit password without any pattern assignment."
  • "It's encrypted with a program called Truecrypt. It was said that it was difficult for foreign investigators to solve it. That part is hard to solve anymore. I secured enough to help with the investigation. This part of the investigation took up a large part of the investigation. There is also a decryption program, but persuaded the parties. It is one of the more difficult investigations than any other investigation."
Given the evidence available, my conclusion is that the South Korean police did not decrypt the Truecrypt-encoded files, and I have deleted the claims as being unsourced. --Guy Macon (talk) 15:04, 30 August 2018 (UTC)[reply]

(The following comment was moved from my talk page. Discussions about the content of an article belong on that article's talk page. --Guy Macon (talk) 06:13, 31 August 2018 (UTC))[reply]

I used many Korean newspapers as citations. But you just can't read Korean language at all.
They are issues in South Korea, so they are written by Korean language on Korean newspapers. But you can't read any Korean language. It's just the problem. In your opinion, any Korean things can't be written on English Wikipedia until English newspaper writes about them! South Korea is not USA or Europe, so English newspapers don't write all Korean stuff! Many Korean newspapers write about them, but just you can't read Korean language, so we can't write about them on English Wikipedia? You can use Google Translate.
Maeil Business Newspaper (매일 경제) is one of three major South Korean economic newspapers. Yonhap (연합 뉴스) is the major news source for all South Korean newspapers. Chosun Broadcasting Company (TV 조선) is a daughter company of The Chosun Ilbo (조선 일보) for TV broadcasting. The Chosun Ilbo is the most famous newspaper in South Korea. I used three famous South Korean newspapers as the sources, but you deleted them just because you can't read Korean language. --Berryball (talk) 05:34, 31 August 2018 (UTC)[reply]
I just saw Talk:TrueCrypt#Druking. I'm translating sentences one-by-one for you. You can verify them using other translation websites or programs or other Korean people. --Berryball (talk) 06:08, 31 August 2018 (UTC)[reply]
I do not believe that "any Korean things can't be written on English Wikipedia until an English newspaper writes about them" please stop putting words in my mouth. Nor did I ever hint that the newspapers you cited were not reliable sources. I said that the the newspapers you cited do not appear to say what you claim they say.
Yes, there are difficulties when someone who doesn't speak Korean evaluates a Korean source using Google Translate. But I am pretty sure that the translation "Druking is trying to solve the secret code" is inaccurate. Please cut and past the exact entence where you believe that one of your sources say that the solved the secret code instead of saying that they are trying to solve the secret code.
Here is your basic problem. You are claiming that Druking did something which is generally considered to be impossible (guessing a 16-character truecrypt password that consists of uppercase letters, numbers, and special characters using a dictionary attack). EXTRAORDINARY CLAIMS NEED TO BE BACKED UP BY EXTRAORDINARY EVIDENCE. --Guy Macon (talk) 06:13, 31 August 2018 (UTC)[reply]
I'm sorry. I thought that you deleted these citations because of that. But you already tried to translate them yourself. --Berryball (talk) 07:24, 31 August 2018 (UTC)[reply]

I thought you never tried to translate them using Google Translate, but you really did it! I can translate sentences one-by-one for you. You can verify them using other translation websites or programs or asking Korean people about them.


-트루크립트라는 프로그램으로 암호화했다고 하는데.

-(The documents) were encrypted by TrueCrypt.

▲ 외국 수사기관에서도 풀기 어려운 것이라고 했는데, 중요한 건 다 풀었고 일부 풀지 못한 부분이 있다. 그 부분은 더 이상 풀기 어려운 상황이다. 수사에 도움이 될 만한 정도 확보했다. 이 부분이 수사에 많은 부분을 차지했다. 암호 해독 프로그램도 있지만 당사자를 설득했다. 다른 어떤 수사보다 힘들었던 수사 중 하나다.

We decrypted important data and we couldn't decrypt some of them though decryption is difficult even for foreign law enforcement agencies. Some of the data are difficult to decrypt. But we already got some for investigation. This is the major part for the investigation. We have decryption programs but we also persuaded suspects. It is the most difficult investigation.

(NewsPim (뉴스핌) is not famous newspaper in South Korea.)

http://newspim.com/news/view/20180827000369


다만 특검팀이 출범 이후 여권의 정치 공세 속에서도 김씨와 그의 측근들을 집중 조사하고, `트루크립트(TrueCrypt)`라는 암호화 프로그램 일부를 해독해 김 지사와 김씨 간 연결고리를 비교적 상세히 밝혀낸 것은 적잖은 성과라는 평가를 받고 있다.

However, the special prosecutor team found the linkage (Kyeongsangnamdo province) governor Kim (Kyung-soo) and Mr. Kim by decryption of TrueCrypt though the investigation was hampered by the ruling party.

(Maeil Business Newspaper (매일 경제) is one of three major South Korean economic newspapers.)

http://news.mk.co.kr/newsRead.php?year=2018&no=538301


보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.

(보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는 파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.) (The author missed one space between words so I inserted a space for translation.)

Ordirnary encryption just using method to input a password, but TrueCrypt hides files. So it is difficult to find whether there is a hidden file or not. (I think it is a hidden volume.)

특검팀은 드루킹이 운영한 경제적공진화모임(경공모) 회원을 상대로 한 암호 해독에 협조를 받으려 했지만, 이들은 의미 있는 자료에 걸린 암호는 기억이 잘 나지 않는다고 주장하는 것으로 전해졌다.

The special prosecutor team tried to get help from the suspects (members of 경제적공진화모임) but they said that they don't remember the passwords for important data.

악조건 속에서도 특검팀은 전날 16자리 암호를 해독하는 등 수사에 상당한 진척을 보이는 것으로 파악됐다. 드루킹 일당이 암호에 사용했을 것으로 추정되는 패턴을 대입해 속속 암호를 풀어내고 있는 것이다.

The special prosecutor team decrypted 16 character (16 digit) password yesterday. The special prosecutor team input pattern as a password that Druking group maybe uses as a password. (The special prosecutor team conjectured the most probable password that Druking group used.)

드루킹이 신봉한 것으로 알려진 '자미두수'(중국 점성술)와 경공모를 지칭하는 'KKM' 등을 키워드로 암호를 추정하는 방식이다.

For example, the special prosecutor team tried to input Zi wei dou shu (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a dictionary attack.)

(Yonhap (연합 뉴스) is the major news source for all South Korean newspapers.)

http://www.yonhapnews.co.kr/bulletin/2018/07/18/0200000000AKR20180718142500004.HTML


특별 검사: "저희가 지금 가장 어려운 부분이 암호, 어, 지난번에도 제가 말씀드렸지만 은닉된 파일을 찾는 것입니다." (video 00:00 - 00:12)

Special prosecutor: "For us, the most difficult part is the encryption. I said last time too, it is to find the hidden files." (video 00:00 - 00:12)

특별 검사: "이 암호의 특징은 보통 우리가 한글 파일이라든지 이런 것을 보면, 파일은 보이는데 패스워드 암호를 입력하도록 되어 있어서 눈에 보이는 암호가 대부분인데 트루크립트는 눈에 보이질 않습니다. 은닉돼있는 암호구요. 그래서 파일이 있는지 없는지조차도 확인하기 어려운데 그것을 확인하고 있습니다." (video 02:05 - 02:35)

Special prosecutor: "Ordinary encryptions use just passwords but this encryption's character (nature) is to hide files so we can't see the hidden files. It is a hidden encryption. So it is difficult to know whether there are files or not, but we tried to check there are files or not." (video 02:05 - 02:35)

(Though this video broadcasts on The Dong-a Ilbo(동아 일보)'s website, this video's source is OBS Gyeongin TV.)

http://voda.donga.com/3/all/39/1394189/1

경공모가 이중삼중으로 걸어놓은 암호파일들이 특검팀에 의해 풀리기 시작한 것도 이들의 진술변화에 한몫했습니다.

Kyeong-gong-mo's attitude in the investigation was changed after the encrypted files were decrypted by the special prosecutor team.

드루킹 일당은 과거 대공사범들이 주로 사용하던 '트루크립트'라는 암호화 프로그램까지 동원해 사용기록을 감췄는데, 특검팀내 검경 포렌식 전문가들이 풀기 시작한 겁니다.

Druking group used TrueCrypt that spies usually used, but forensic specialists in the special prosecutor team decrypted some of them.

(Chosun Broadcasting Company (TV 조선) is a daughter company of The Chosun Ilbo (조선 일보) for TV broadcasting. The Chosun Ilbo is the most famous newspaper in South Korea.)

http://news.tvchosun.com/site/data/html_dir/2018/07/18/2018071890102.html

--Berryball (talk) 07:03, 31 August 2018 (UTC)[reply]

Druking didn't use random 16 character passwords. He input some words into the passwords and the special prosecutor team knows what words he likes!

And nobody uses random passwords because it is difficult to remember random passwords. Instead that, people use very long passphrases including words to encrypt data. (For instance, 20 or 40 character passphrases.)

--Berryball (talk) 07:07, 31 August 2018 (UTC)[reply]

Ah. I see where you went wrong. Above you wrote "For example, the special prosecutor team tried to input Zi wei dou shu (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a dictionary attack.)" That's not a dictionary attack. That's attempting to guess the passphrase based upon knowledge about the person who chose the passphrase. A dictionary attack is attempting to guess the passphrase using every word in a dictionary as the first word, plus every word in a dictionary as the second word, and so on. A guessing attack is a common technique used by police, and works well if the person picked a guessable passphrase such as his birthday, name of his dog, favorite sports team., etc. A dictionary attack doesn't work on truecrypt. It takes a very long time to check each passphrase and the attacker dies of old age before trying 0.01% of the phrases from the dictionary.
I suggest that you re-add the material, but instead of making the false claim about a dictionary attack, you simply say that the special prosecutor team guessed his passphrase based upon information they knew about him. --Guy Macon (talk) 15:22, 31 August 2018 (UTC)[reply]
I see. --Berryball (talk) 16:05, 31 August 2018 (UTC)[reply]

the web page for true crypt

[edit]

the web link to truecrypt needs to be deleted as it is discontinued Superusergeneric (talk) 08:23, 25 August 2021 (UTC)[reply]

"Development continues on two forks, VeraCrypt and CipherShed"

[edit]

VeraCrypt is active. Ciphershed is dead. The last CipherShed release was 0.7.4.0 (February 1, 2016). The last post to the CipherShed Forum was in 2016. Please correct the article.

Also see Project Dead? and Giving Up on CipherShed 22:43, 24 March 2022 (UTC)2600:1700:D0A0:21B0:B858:3590:F10E:CA10 (talk)

Duly noted. Waysidesc (talk) 02:34, 25 March 2022 (UTC)[reply]

Druking

[edit]

This doesn't seem to make any sense;

"He decrypted some of encrypted files by trying words and phrases the druking group had used elsewhere as parts of the passphrase in order to make educated guesses."

That's not even how it works, is it? You can't just decrypt random files piecemeal with individual passwords. You either determine the key/password and are able to decrypt the drive, or you don't, in which case you have no access to the encrypted material whatsoever.

I see this claim has already been argued about and had been removed in the past, it should be removed again for the exact same reasons it already was. Even the translated material does not back this claim up. But the claim itself seems to be objectively impossible anyway and suggests a fundamental misunderstanding of the subject matter on the part of whoever put it there.Lordlylightofjesus (talk) 20:19, 17 March 2023 (UTC)[reply]

merge with TrueCrypt_release_history

[edit]

TrueCrypt_release_history 2601:646:200:43F0:3C64:C5EC:D2E6:795C (talk) 17:38, 20 November 2023 (UTC)[reply]

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Talk:TrueCrypt&oldid=1233697146"