FBI Withholds 69 Pages of TrueCrypt-Related Documents, Most Of Which Can Already Be Found Online

from the DEFAULT:-HIDE dept

Weird TrueCrypt-related things keep happening. Over the past few years, TrueCrypt has gone from “recommended by Snowden!” to a service of questionable trustworthiness. To begin with, it was never clear who exactly was behind TrueCrypt and the lack of a recent security audit wasn’t winning it many new converts.

Things went from somewhat bad to disturbingly worse when, shortly after the first phase of the audit was completed, a post went up at SourceForge declaring the software insecure and that all development had been halted. The post pushed users towards BitLocker. Further development was left to the public and more testing seemed to indicate it was still trustworthy, even though it relied on possibly predictable random number generator.

Whether or not TrueCrypt can fully be trusted remains up in the air. But there’s some indication that the FBI has taken an interest (probably an unhealthy one) in TrueCrypt’s inner workings.

Techdirt reader dfed sends in a tweet from security researcher Runa Sandvik, along with a link to her FOIA request to the FBI for TrueCrypt-related documents. What has been “returned” to her has been completely withheld, all 69 pages of it. The FBI cites FOIA exemption b(4) which covers “trade secrets and commercial and financial information.”

The documents that won’t be making their way to Sandvik appear to be three technical articles not written by FBI personnel and ones that have appeared elsewhere in unredacted form.

In further explanation of the withholding, the material consists of three, copyrighted articles: Easy to Crack USB Thumbdrives, March 12, 2008 by Daniel Bachfeld; EEEP Net: “FOUO Network”, April 2014 by Greg Fulk; Techno Forensics Conference, October 2007 at NIST by Dave Reiser, and a training slide presentation, Anti-Forensics, November 2, 2007 by Secure Computing.

The 2008 article may be somewhat related to the FBI’s failed attempt to crack TrueCrypt encryption protecting hard drives owned by Brazilian banker Daniel Dantas, who was suspected of several financial crimes. The Brazilian government asked for the FBI’s help after spending five months of its own attempting the same thing. A year later, the drives remained intact.

The thing is, Daniel Bachfeld’s article on crackable USB drives can be found online. And it was previously published in a German tech magazine. Once again, we see a government agency withholding publicly-available information simply because that’s its natural tendency: to keep requesters and requested documents as far away from each other as possible.

The presentation by Dave Reiser was given at a conference that is open to members of the public, as well as the law enforcement community, so there’s no reason for secrecy there. And Paul A. Henry’s anti-forensics presentation, which discusses TrueCrypt, can be found online as well.

So, why is the FBI holding these back? Nothing in these papers discusses anything that could possibly be considered a “trade secret.” If these are secrets, they’re pretty open. Searching for “anti-forensics” turns up a wealth of scholarly papers and presentations that discuss both encryption and TrueCrypt.

This is just the FBI obfuscating for obfuscation’s sake. But its knee-jerk reaction to withhold everything in its entirety also suggests something slightly more troubling. Either the intelligence/investigative arms of the US government have found a way in (by obtaining keys or compromising the RNG) or they’re still very actively involved in trying to do so. Neither bodes particularly well for TrueCrypt users.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FBI Withholds 69 Pages of TrueCrypt-Related Documents, Most Of Which Can Already Be Found Online”

Subscribe: RSS Leave a comment
Mason Wheeler (profile) says:

Over the past few years, TrueCrypt has gone from “recommended by Snowden!” to a service of questionable trustworthiness.

Either the intelligence/investigative arms of the US government have found a way in (by obtaining keys or compromising the RNG) or they’re still very actively involved in trying to do so. Neither bodes particularly well for TrueCrypt users.

I can’t help but wonder if there might not be a causal relationship at work here?

Anonymous Coward says:

Re: What's the problem?

I agree… the whole idea behind good crypto is that it is good crypto no matter how many eyeballs look at it. More exposure (even to those who you don’t want finding flaws) is a GOOD thing.

What’s troubling to me is that the FBI might be spending government funds on this… when the NSA and NIST BOTH have a mandate in this area, and the FBI doesn’t. Why not just let the NSA and/or NIST do the TC audits, and then the FBI can ask them for the results? If there’s that much separation between departments, we have other really troubling issues that have nothing to do with the FBI attempting to crack TrueCrypt.

R.H. (profile) says:

Re: Re: Has been Audited

Actually, starting with version 1.0f, it is backwards compatible. In order to get the new strengthened encryption you have to move to new volumes but, I switched over to VeraCrypt a few months ago and was able to seamlessly change my headers to the new format without having to store everything in the clear, create new volumes, and move it back across.

The Groove Tiger (profile) says:

Step 1: Send FOIA request to FBI to get these “secret” documents.
Step 2: Laugh as the FBI sends these documents fully redacted with black ink.
Step 3: Download the unredacted documents from their original sources or any other uncesored source.
Step 4: Reply to the FBI, saying that their document was unreadable, so you did them a favor and removed all of the black ink for them. Attach said unredacted document.
Step 5: Hilarity.

Anonymous Coward says:

HT used it/TC's seppuku

In the HT document dump there’s a TC volume. So HT obviously trusted it.

That was a rather poor write up on the end history of TC, Tim. Actually, that’s an understatment, but I’ll just leave it at that.

Most educated people came to the conclusion that the wierd, ‘canary’ like message from TC’s anon dev, which included the conspicuous phrase “Not Secure As”, along with the completely absurd bitlocker suggestion (amoung others), was indicative of mounting advasarial pressure, and a potential/probable future compromise. If anything it gave us more reason to trust TC. A strong case can be made that the devs words/actions where a form of digital seppuku, and very clever speech under some duress.

As others have mentioned, TC has now been fully audited and found to be without any serious flaws. I hope veracrypt will be (is being?) given the same treatment- until then I’ll stick with the original.

Anonymous Coward says:

I still wonder why the TrueCrypt developers decided to suddenly stop maintaining their encryption software. The timing of them closing up shop shortly after the audit announcement is beyond coincidence.

I personally believe the auditors somehow offended the TrueCrypt developers. Maybe something was said that rubbed them the wrong way. I think the TrueCrypt developers decided it’s not worth their time and effort to continue maintaining software for a bunch of ungrateful people who keeps insulting them.

Maybe they just decided they have better, more fun, things to do with their free time. I don’t blame them.

Anonymous Coward says:

Re: Re: Re:

Oh come on. It makes perfect sense. Why else would the Truecrypt developers totally take down the website and all documentation on Truecrypt. They basically nuked the whole project in a day.

Doesn’t that seem like an emotion reaction to you and like sticking one’s middle finger at the auditors?

Anonymous Coward says:

Re: Re:

Here’s a theory (some parts of this were read on other websites):

The NSA, seeing that TrueCrypt was undergoing an audit with very good results that would drive more people to use it, decided that they needed to make a move.

The developers were located and were being pressured to hand over their signing keys so the software can be covertly backdoored or weakened.

The developers, not wanting this to happen, handed over the keys to avoid repercussions but also put up their special message, effectively ending the project (NSA trying to start it back up again/pretend the website was defaced would be met with intense scrutiny).

Anonymous Coward says:

Uh what? I actually re-installed the last working version on my linux partition. Because the audit team has had 2 phases of its audit (or w/e, not an expert). All I know is that things had changed from step 1 showing no holes, step 2 memo saying no danger found yet.

I’d find links but i’m a very lazy dopped up to my eyes on Demerol because of an open fracture of the foot.

Anonymous Coward says:

Reasonable Suspicion versus Reactive Stupidity

I’m prepared to dive into the juiciest government conspiracy theory as much as the next guy, but going paranoiac because the FBI refused to provide you copyrighted documents is a tad unreasonable. The documents were copyrighted, the FBI did not have the right to distribute them.

The FBI referenced the articles. You found them. That the FBI didn’t violate the authors’ or publishers’ copyrights by serving them up to you, for copying costs, on a platter doesn’t appear to (reasonably) point to some sinister intent.

Let’s not dilute the valid indications of bad acts by government by getting hysterical about the reasonable, and lawful, acts.

Leave a Reply to MDT Cancel reply

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...