Discussion:
Will TrueCrypt Work With Win 7 Pro?
(too old to reply)
jack3,?.com
2017-12-11 02:29:06 UTC
Permalink
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
VanguardLH
2017-12-11 07:44:54 UTC
Permalink
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Probably not if it is a newer machine using UEFI instead of MBR BIOS.
As I recall, one of the features of Veracrypt, a variant of the
abandoned TrueCrypt, was to support UEFI.

I don't have UEFI (still using an old mobo that has MBR BIOS) and am
using Windows 7 Home x64 SP-1 with TrueCrypt 7.1a which was the last
usable version. The last distributed version was a red herring version
(indicating they got a National Security Letter to squelch them from
disclosing why they crippled the latest version). I don't see the point
of encrypting an entire partition or do whole-drive encryption since
it's pointless to protect the code written by others that is distributed
publicly (Windows, all the programs). I only use a container created by
TrueCrypt to secure some of my data files.
Ralph Fox
2017-12-11 08:47:14 UTC
Permalink
Post by VanguardLH
indicating they got a National Security Letter to squelch them from
disclosing
I would expect that a US National Security Letter does not have
jurisdiction in Czechia, which is part of the EU.
--
Kind regards
Ralph
๐ŸŽ„๐ŸŽ…๐ŸŽ๐ŸŽถ
Shadow
2017-12-11 12:44:44 UTC
Permalink
Post by Ralph Fox
Post by VanguardLH
indicating they got a National Security Letter to squelch them from
disclosing
I would expect that a US National Security Letter does not have
jurisdiction in Czechia, which is part of the EU.
No, they would need to use blackmail or threats.
It was nice of the TrueCrypt team to leave the canary on the
homepage though. Brave.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
VanguardLH
2017-12-11 17:03:29 UTC
Permalink
Post by Ralph Fox
Post by VanguardLH
indicating they got a National Security Letter to squelch them from
disclosing
I would expect that a US National Security Letter does not have
jurisdiction in Czechia, which is part of the EU.
The author(s) were never made public. We users don't know for sure
where they had citizenship. So you think you know who were TrueCrypt's
developers. If so, name them and provide their mailing address as you
imply you already know. TrueCrypt was a separate team commissioned by
Paul Le Roux (http://tinyurl.com/hfjtqqn) starting with the E4M code
that SecureStar claimed he stole from them. No one cares about Le Roux
since it was the *anonymous* "the TrueCrypt Team" that continued to
modify and maintain the code. Maybe Le Roux was initially on that team
but I've not heard he continued to be involved, plus he was not a
resident of Czechia (but of Zimbawe, then called Rhodesia). So just WHO
are YOU talking about?

Who now owns the truecrypt.com domain? The registrant hides behind a
private domain registration. Ownership changed in 2015. The domain got
renewed but is not assigned to a host/server.

http://truecrypt.sourceforge.net/ is a warrant canary. The audit proved
the statements made at that project site were untrue, plus some
statements are not germaine or simply lies: XP support discontinued,
yeah, bit fucking deal, Bitlocker available in later version of Windows
but obviously not in Home editions (and has DOJ warrantable key escrow;
see http://tinyurl.com/pcht972), and TrueCrypt is insecure which was
determined otherwise by 2 code audits (yes, there were sniggling ills
some of which were due to usage but Veracrypt, its offspring, had worse
vulnerabilities found it is code audit).

Just where is sourceforge.net hosted? Where does its domain registrant
reside? Yep, in the USA. Before the 7.1a code disappeared, it was
grabbed and served in localities outside the influence of the USA
government. No one wants the unaudited read-only 7.2 code which was
crippled the same day the warrant canary page showed up. Since it was
open source, it was not "the Truecrypt's Team" to kill.

The NSL cause is just conspiracy theory primarily because its use
precludes any disclosure by the one(s) served but accounts for sudden
and peculiar change. Gibson conjectures the kill was planned "for some
time" but he doesn't really know if the large change in code and of its
license was planned over months or suddenly due to gov't pressure and
threat (https://www.grc.com/misc/truecrypt/truecrypt.htm). The license
change is trivial. Hacking out code is a lot easier than trying to
incorporate it into a living program. While the change was suddenly
catastrophic to the user community, that the change looked planned
doesn't obviate an NSL sequestering court records forcing the company to
alter their product. The immediate public change does not reflect when
the cause was initiated. Could be "the TrueCrypt Team" didn't want to
delve into Microsoft, Intel, and others of the UEFI Forum to bother
with supporting UEFI (and deal with its vulnerabilities). Could be lots
of other causes. However, the obvious lies on the replaced SourceForge
project page belie a more likely cause. And, yes, the US DOJ did have
jurisdiction to force a change.

The read-only 7.2 version which showed up with the warrant canary
project page was signed with the same key used in TrueCrypt for 2 years
prior. So the authors made the change. Why would they if they were
outside the USA gov't influence and outside any reciprocal nation?
jack3,?.com
2017-12-13 05:04:31 UTC
Permalink
Post by VanguardLH
The read-only 7.2 version which showed up with the warrant canary
project page was signed with the same key used in TrueCrypt for 2 years
prior. So the authors made the change. Why would they if they were
outside the USA gov't influence and outside any reciprocal nation?
I think the statement that the author(s) of TrueCrypt gave in regard
to trusting Redmond's BitLocker was a tip off to the wiser as to what
a joke it was to ever trust Redmond. Yeah, they were talking about
the same Redmond that now owns your info-life with Win 10.

I've read enough about BitLocker from Schneier to guys who pretty much
write only in math symbols at some sites dedicated to encryption.
When those guys ran out of math for a second or two, and wrote in
English, I got a bad feeling about BitLocker. For me, after all these
years of the failure of security outfits to defeat TrueCrypt, I'm
staying with it.
jack3,?.com
2017-12-13 04:52:15 UTC
Permalink
Post by VanguardLH
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Probably not if it is a newer machine using UEFI instead of MBR BIOS.
As I recall, one of the features of Veracrypt, a variant of the
abandoned TrueCrypt, was to support UEFI.
It's not UEFI.

I'll trust VeraCrytp after some years of news items regarding the
"authorities" taking people to court to force passwords or passphrases
from them. VeraCrypt has to earn my trust over time, same as TrueCrypt
did.
Post by VanguardLH
I don't see the point
of encrypting an entire partition or do whole-drive encryption since
it's pointless to protect the code written by others that is distributed
publicly (Windows, all the programs). I only use a container created by
TrueCrypt to secure some of my data files.
I'm protecting a ton of private info that shows up on Windows during a
forensic search. I use the free Disk Investigator program as a guide
to what Windows XP is poaching from my private stuff before the info
was in it's encrypted state. Disks are full of stuff people never
dream that Windows has stored away. I've seen this with my own eyes.

Don't even mention Redmond's BitLocker to me.
VanguardLH
2017-12-13 05:57:11 UTC
Permalink
Post by jack3,?.com
Post by VanguardLH
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Probably not if it is a newer machine using UEFI instead of MBR BIOS.
As I recall, one of the features of Veracrypt, a variant of the
abandoned TrueCrypt, was to support UEFI.
It's not UEFI.
I'll trust VeraCrytp after some years of news items regarding the
"authorities" taking people to court to force passwords or passphrases
from them. VeraCrypt has to earn my trust over time, same as TrueCrypt
did.
Post by VanguardLH
I don't see the point
of encrypting an entire partition or do whole-drive encryption since
it's pointless to protect the code written by others that is distributed
publicly (Windows, all the programs). I only use a container created by
TrueCrypt to secure some of my data files.
I'm protecting a ton of private info that shows up on Windows during a
forensic search. I use the free Disk Investigator program as a guide
to what Windows XP is poaching from my private stuff before the info
was in it's encrypted state. Disks are full of stuff people never
dream that Windows has stored away. I've seen this with my own eyes.
Don't even mention Redmond's BitLocker to me.
Most of the sites that grabbed the source code for TrueCrypt just before
or just after the warrant canary page showed up at Sourceforge stored
that source code in countries with no reciprocity with the USA. That
is, they outside the arm of the US gov't. The day after the warrant
canary page showed up at Sourceforge, I think the first site announcing
they had the source code outside US reach was using a very similar
domain name but in Switzerland (but they are reciprocal to the US). My
guess it was truecrypt.ch.

While Veracrypt does deposit one copy of the source code at codeplex.com
(owned/operated by Microsoft), they have it deposited elsewhere should
someone attempt to strong-arm them into modifying the code, like to add
backdoors. Source code at https://www.veracrypt.fr/code/ is hosted at
cryptomix.com https://www.whois.com/whois/cryptomix.com) in Paris,
France. Their IP address is from the IP pool at ovh.com who are also
located in France. The executables are currently hosted at
launchpad.net (https://www.whois.com/whois/launchpad.net). If unduly
pressured, they'll just move the code and compilations to elsewhere.

Veracrypt is an enhanced TrueCrypt variant managed by IDRIX which is a
different environment than a bunch of guys doing a project on the side
at their own expense, and IDRIX isn't hiding behind the anonymity of
Internet.

I Fart in Your General Direction (timemark 1:35)


Veracrypt has received a thorough code audit and inserting malicious
code would should up in a later code audit and totally destroy their
trust with users (and companies). veracrypt.fr is a French domain.
After Snowden leaked how the US was spying on France, I doubt the French
are congenial to requests from the USA.

https://www.acf.hhs.gov/css/resource/foreign-reciprocating-countries

That's a list of reciprocating countries with the USA. France isn't on
the list.

https://www.idrix.fr/VeraCrypt/canary.txt

IDRIX publishes their own [anti-]warrant canary. NSLs require the
served not say anything, not even hinting, about getting served an NSL.
Stating that they have never been warranted means they are declaring
what an NSL would throttle. The Sourcepage project page for TrueCrypt
is also a warrant canary but without declaring the massive change as
notice of a warrant despite the lies that belie that page's content.

Veracrypt has undergone 2 code audits. Some problems were found, some
but not all were fixed, and the new code changes regarding compression
were performed after the audits so not included.

https://ostif.org/the-veracrypt-audit-results/

At this point, I'll stick with Truecrypt 7.1a. Maybe if and when I go
to Windows 10 then I'll look more deeply into Veracrypt.
Shadow
2017-12-13 11:17:22 UTC
Permalink
Post by VanguardLH
Post by jack3,?.com
Post by VanguardLH
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Probably not if it is a newer machine using UEFI instead of MBR BIOS.
As I recall, one of the features of Veracrypt, a variant of the
abandoned TrueCrypt, was to support UEFI.
It's not UEFI.
I'll trust VeraCrytp after some years of news items regarding the
"authorities" taking people to court to force passwords or passphrases
from them. VeraCrypt has to earn my trust over time, same as TrueCrypt
did.
Post by VanguardLH
I don't see the point
of encrypting an entire partition or do whole-drive encryption since
it's pointless to protect the code written by others that is distributed
publicly (Windows, all the programs). I only use a container created by
TrueCrypt to secure some of my data files.
I'm protecting a ton of private info that shows up on Windows during a
forensic search. I use the free Disk Investigator program as a guide
to what Windows XP is poaching from my private stuff before the info
was in it's encrypted state. Disks are full of stuff people never
dream that Windows has stored away. I've seen this with my own eyes.
Don't even mention Redmond's BitLocker to me.
Most of the sites that grabbed the source code for TrueCrypt just before
or just after the warrant canary page showed up at Sourceforge stored
that source code in countries with no reciprocity with the USA. That
is, they outside the arm of the US gov't. The day after the warrant
canary page showed up at Sourceforge, I think the first site announcing
they had the source code outside US reach was using a very similar
domain name but in Switzerland (but they are reciprocal to the US). My
guess it was truecrypt.ch.
While Veracrypt does deposit one copy of the source code at codeplex.com
(owned/operated by Microsoft), they have it deposited elsewhere should
someone attempt to strong-arm them into modifying the code, like to add
backdoors. Source code at https://www.veracrypt.fr/code/ is hosted at
cryptomix.com https://www.whois.com/whois/cryptomix.com) in Paris,
France. Their IP address is from the IP pool at ovh.com who are also
located in France. The executables are currently hosted at
launchpad.net (https://www.whois.com/whois/launchpad.net). If unduly
pressured, they'll just move the code and compilations to elsewhere.
Veracrypt is an enhanced TrueCrypt variant managed by IDRIX which is a
different environment than a bunch of guys doing a project on the side
at their own expense, and IDRIX isn't hiding behind the anonymity of
Internet.
I Fart in Your General Direction (timemark 1:35)
http://youtu.be/QSo0duY7-9s
Veracrypt has received a thorough code audit and inserting malicious
code would should up in a later code audit and totally destroy their
trust with users (and companies). veracrypt.fr is a French domain.
After Snowden leaked how the US was spying on France, I doubt the French
are congenial to requests from the USA.
https://www.acf.hhs.gov/css/resource/foreign-reciprocating-countries
//The following countries were declared by the U.S. government as
foreign reciprocating countries for child support purposes.//
HUH ?
Is that CIA code for something ?

Weird, a government agency hosted on a commercial provider
with etag trackers and canvas profiling ..........
Post by VanguardLH
That's a list of reciprocating countries with the USA. France isn't on
the list.
https://www.idrix.fr/VeraCrypt/canary.txt
IDRIX publishes their own [anti-]warrant canary. NSLs require the
served not say anything, not even hinting, about getting served an NSL.
Stating that they have never been warranted means they are declaring
what an NSL would throttle. The Sourcepage project page for TrueCrypt
is also a warrant canary but without declaring the massive change as
notice of a warrant despite the lies that belie that page's content.
Veracrypt has undergone 2 code audits. Some problems were found, some
but not all were fixed, and the new code changes regarding compression
were performed after the audits so not included.
https://ostif.org/the-veracrypt-audit-results/
At this point, I'll stick with Truecrypt 7.1a. Maybe if and when I go
to Windows 10 then I'll look more deeply into Veracrypt.
--
Don't be evil - Google 2004
We have a new policy - Google 2012
jack3,?.com
2017-12-13 18:10:56 UTC
Permalink
DEL
Post by VanguardLH
Post by jack3,?.com
Don't even mention Redmond's BitLocker to me.
Most of the sites that grabbed the source code for TrueCrypt just before
or just after the warrant canary page showed up at Sourceforge stored
that source code in countries with no reciprocity with the USA. That
is, they outside the arm of the US gov't. The day after the warrant
canary page showed up at Sourceforge, I think the first site announcing
they had the source code outside US reach was using a very similar
domain name but in Switzerland (but they are reciprocal to the US). My
guess it was truecrypt.ch.
While Veracrypt does deposit one copy of the source code at codeplex.com
(owned/operated by Microsoft), they have it deposited elsewhere should
someone attempt to strong-arm them into modifying the code, like to add
backdoors. Source code at https://www.veracrypt.fr/code/ is hosted at
cryptomix.com https://www.whois.com/whois/cryptomix.com) in Paris,
France. Their IP address is from the IP pool at ovh.com who are also
located in France. The executables are currently hosted at
launchpad.net (https://www.whois.com/whois/launchpad.net). If unduly
pressured, they'll just move the code and compilations to elsewhere.
Veracrypt is an enhanced TrueCrypt variant managed by IDRIX which is a
different environment than a bunch of guys doing a project on the side
at their own expense, and IDRIX isn't hiding behind the anonymity of
Internet.
I Fart in Your General Direction (timemark 1:35)
http://youtu.be/QSo0duY7-9s
And that explains America's foreign policy over the last number of
decades. Once more, Monty Python was ahead of the curve.
Post by VanguardLH
Veracrypt has received a thorough code audit and inserting malicious
code would should up in a later code audit and totally destroy their
trust with users (and companies). veracrypt.fr is a French domain.
After Snowden leaked how the US was spying on France, I doubt the French
are congenial to requests from the USA.
https://www.acf.hhs.gov/css/resource/foreign-reciprocating-countries
That's a list of reciprocating countries with the USA. France isn't on
the list.
That page says the countries have an agreement regarding Child Support
Enforcement. It is a handy list though for those wishing to get the
hell out of child support payments, but I fail to see how it applies
to sharing encryption hacking info between countries.
Post by VanguardLH
https://www.idrix.fr/VeraCrypt/canary.txt
IDRIX publishes their own [anti-]warrant canary. NSLs require the
served not say anything, not even hinting, about getting served an NSL.
Stating that they have never been warranted means they are declaring
what an NSL would throttle. The Sourcepage project page for TrueCrypt
is also a warrant canary but without declaring the massive change as
notice of a warrant despite the lies that belie that page's content.
Veracrypt has undergone 2 code audits. Some problems were found, some
but not all were fixed, and the new code changes regarding compression
were performed after the audits so not included.
https://ostif.org/the-veracrypt-audit-results/
You can also read how already the Snoops of the world are supposedly
screwing with VeraCrypt.
* * * * * * * * * * * * * * * * * *
https://thehackernews.com/2016/08/veracrypt-security-audit.html

The OSTIF announced Saturday that its confidential PGP-encrypted
communications with QuarkLabs about the security audit of VeraCrypt
were mysteriously intercepted.

"We have now had a total of four email messages disappear without a
trace, stemming from multiple independent senders." the OSTIF said.
"Not only have the emails not arrived, but there is no trace of the
emails in our "sent" folders. In the case of OSTIF, this is the Google
Apps business version of Gmail where these sent emails have
disappeared."

The information linked to the VeraCrypt security audit is so
confidential that the OSTIF instructed QuarksLab research team to give
"any results of this audit directly to the lead developer of VeraCrypt
using heavily encrypted communications."
* * * * * * * * * * * * * * * * * *
All this pleases me greatly. The Snoops of the world are concentrating
on VeraCrypt. That means in all probability they will leave TrueCrypt
7.1a alone, considering it a dead issue - I hope. This is also good
because their immediate interaction so soon with VeraCrypt means
either it will be compromised, or proven usable and secure in the near
future. In any case, doubts will be put to rest.
Post by VanguardLH
At this point, I'll stick with Truecrypt 7.1a. Maybe if and when I go
to Windows 10 then I'll look more deeply into Veracrypt.
Ditto - But I'll never touch Windows 10. I'd go back to DOS on my
TRS-80 Level II BASIC before inviting Redmond into my bedroom,
kitchen, office, and into every other aspect of my life.
Shadow
2017-12-13 10:57:05 UTC
Permalink
Post by jack3,?.com
Post by VanguardLH
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Probably not if it is a newer machine using UEFI instead of MBR BIOS.
As I recall, one of the features of Veracrypt, a variant of the
abandoned TrueCrypt, was to support UEFI.
It's not UEFI.
I'll trust VeraCrytp after some years of news items regarding the
"authorities" taking people to court to force passwords or passphrases
from them. VeraCrypt has to earn my trust over time, same as TrueCrypt
did.
They've never needed to. Ever. Maybe the local cop, but
government TLA's NEVER.
Weird.
Maybe they should stage an "unbreakable iPhone password" drama
and make people believe them.
Post by jack3,?.com
Post by VanguardLH
I don't see the point
of encrypting an entire partition or do whole-drive encryption since
it's pointless to protect the code written by others that is distributed
publicly (Windows, all the programs). I only use a container created by
TrueCrypt to secure some of my data files.
I'm protecting a ton of private info that shows up on Windows during a
forensic search. I use the free Disk Investigator program as a guide
to what Windows XP is poaching from my private stuff before the info
was in it's encrypted state. Disks are full of stuff people never
dream that Windows has stored away. I've seen this with my own eyes.
Don't even mention Redmond's BitLocker to me.
;)
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Ant
2017-12-11 19:58:08 UTC
Permalink
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
--
Quote of the Week: "I really believe I've been a good person. Not
perfect - forget about perfect - but just learning by what I was taught
and living by my own values. I might have stepped on a few ants - and a
few other things as well - but I've never hurt anybody." --Kiri Te
Kanawa
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org &
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
n***@ms.com
2017-12-12 17:21:35 UTC
Permalink
Post by Ant
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
Does VeraCrypt work well under win 10?

I see it had 2,580 downloads in the last week, so people are trusting
this software.

Which of the several spawns from TrueCrypt can I trust with my data?
Ant
2017-12-12 21:22:36 UTC
Permalink
Post by n***@ms.com
Post by Ant
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
Does VeraCrypt work well under win 10?
I used its container features under 64-bit W10. It worked good. I never
tried the whole disk encryptions since I used W10's Bitlocker.
Post by n***@ms.com
I see it had 2,580 downloads in the last week, so people are trusting
this software.
Which of the several spawns from TrueCrypt can I trust with my data?
https://en.wikipedia.org/wiki/TrueCrypt#Alternatives
https://www.comparitech.com/blog/information-security/truecrypt-is-discoutinued-try-these-free-alternatives/
etc.
--
Quote of the Week: "I really believe I've been a good person. Not
perfect - forget about perfect - but just learning by what I was taught
and living by my own values. I might have stepped on a few ants - and a
few other things as well - but I've never hurt anybody." --Kiri Te
Kanawa
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org
/ /\ /\ \ Please nuke ANT if replying by e-mail privately. If credit-
| |o o| | ing, then please kindly use Ant nickname and URL/link.
\ _ /
( )
jack3,?.com
2017-12-13 05:14:40 UTC
Permalink
Post by Ant
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
https://en.wikipedia.org/wiki/TrueCrypt#Alternatives
https://www.comparitech.com/blog/information-security/truecrypt-is-discoutinued-try-these-free-alternatives/
etc.
--
Quote of the Week: "I really believe I've been a good person. Not
perfect - forget about perfect - but just learning by what I was taught
and living by my own values. I might have stepped on a few ants - and a
few other things as well - but I've never hurt anybody." --Kiri Te Kanawa
Oh, boy! One of my favorite gals!!
jack3,?.com
2017-12-13 05:11:37 UTC
Permalink
Post by n***@ms.com
Post by Ant
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
Does VeraCrypt work well under win 10?
I see it had 2,580 downloads in the last week, so people are trusting
this software.
Which of the several spawns from TrueCrypt can I trust with my data?
What's wrong with trusting the original until the other(s) prove their
worth?

https://truecrypt.ch/downloads/

I'm no expert on this stuff. I'm just relying on past performance. I
find that's the best to do with proggies or people.
n***@ms.com
2017-12-14 20:20:35 UTC
Permalink
Post by jack3,?.com
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
What's wrong with trusting the original until the other(s) prove their
worth?
https://truecrypt.ch/downloads/
I'm no expert on this stuff. I'm just relying on past performance. I
find that's the best to do with proggies or people.
According to; https://truecrypt.ch/downloads/

Windows (XP/Vista/7/8) sig TrueCrypt Setup 7.1a.exe

I want to move to win 10, and install a fresh (whole disc?) encryption
product. Is "TrueCrypt Setup 7.1a.exe" compatible with win 10?
VanguardLH
2017-12-14 21:09:56 UTC
Permalink
Post by n***@ms.com
Post by jack3,?.com
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
What's wrong with trusting the original until the other(s) prove
their worth?
https://truecrypt.ch/downloads/
I'm no expert on this stuff. I'm just relying on past performance.
I find that's the best to do with proggies or people.
According to; https://truecrypt.ch/downloads/
Windows (XP/Vista/7/8) sig TrueCrypt Setup 7.1a.exe
I want to move to win 10, and install a fresh (whole disc?) encryption
product. Is "TrueCrypt Setup 7.1a.exe" compatible with win 10?
The last [non-crippled, non-tampered] version of TrueCrypt is 7.1a.
That was released on or before Jan 2013. The public release of Windows
10 didn't come out until Jul 2015. So Windows 10 came out 2 years after
development stopped on TrueCrypt.

Does TrueCrypt support Windows 10? No. Is TrueCrypt compatible with
Windows 10? Probably but also likely only when using Truecrypt
containers, not for whole-disk encryption. Safest procedure would be to
decrypt your data, store offline (separate media), move to Windows 10,
securely wipe free space, install TrueCrypt, test it works, re-encrypt
your data (add back into a TrueCrypt container or the whole-disk
encrypted setup), and do a secure wipe of where you stored offline the
decrypted copies of your files.

As for whole-disk encryption, TrueCrypt never supported UEFI BIOS. It
was developed back when MBR BIOS was still the mainstream boot code.
You'll have to look at what hardware on which you propose to install
Windows 10 or on what hardware you will get a pre-installed instance of
Windows 10. If you upgraded to Windows 10, your might have MBR BIOS in
your hardware. If you bought a pre-built computer with Windows 10
pre-installed, it's UEFI hardware. If you jobbed the hardware yourself
but in the last few years, it's probably UEFI. Part of Veracrypt's
rewrite was to support UEFI. If your hardware uses UEFI, you won't be
doing whole-disk encryption using TrueCrypt. Not even PGP Whole Disk
encryption (now Symantec Drive Encryption) handles UEFI or GPT (before
version 10.3.1). You need something maintained to get UEFI support.

Why do you want to use whole-disk encryption? Do you actually have
compiled code (executables) that you need to secrete? You don't need to
protect code you didn't write and that is publicly available. There's
no point in secreting the OS since anyone can get that code, or any of
the apps you installed that someone else wrote that other users can get.
Do you hibernate Windows or put it in standby instead of shutting it
down while leaving the TrueCrypt container open and while apps are
currently accessing the sensitive files (which means they are currently
descrypted and could have some content in a memory or disk buffer)? If
your computer is the property of your employer and they are concerned
about corporate espionage then it's up to them to figure out how to
secure their computers they give to their employees to take off-site.
Are you really engaged in something so severely illegal that you must
ensure all bits on the disk are encrypted and that all memory (where
data may be cached while unencrypted) gets wiped (but that would only be
on shutdown of the OS and powering down the hardware)? At that point of
paranoia, how did you get the data onto your computer? Did any of it
originate elsewhere and get transferred over a network (whether intranet
or Internet)? If so, is ALL of your network traffic, local or remote,
always encrypted? If using a VPN, how do you know the VPN provider
isn't logging your traffic? Is the VPN server at the endpoint of the
communication route, like a VPN server at your company, or with a
service that operates as an encryption pipe between you and the other
endpoint? Do you want to instill an added layer of instability into
your computing environment using whole-disk encryption rather than
remembering to secure wipe temp file space after decrypting a file to
access it?

Do you want your system to run slower? On-the-fly whole-disk decryption
will incur overhead both for the software to decrypt on read and encrypt
on write along with more data bus I/O and a larger memory footprint. Do
you have bleeding edge hardware so the impact on responsiveness of the
computer will be insignificant to be unnoticed? How are you going to
use that computer? For e-mail, word processing, and other low intensive
processes? Or are you going to play video games (which obviously do not
require encryption since the code belongs to someone else) or do any
high-volume video editing or animation work?

If you're going into whole-disk encryption, and after educating yourself
on how to maintain and troubleshoot that setup and have a platform where
it won't get impacted, you sure you don't want to use something that is
currently maintained and provides some support?

https://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

If you are paranoid about USA (or any other country) that could enforce
backdoors into the encryption software, check the country of origin for
the software. Of course, if their product is really secure then not
even they can resolve a problem of loss of access. If they register a
master key so they can resolve access problems at a later date, well,
they have a key to unlock your whole-disk encrypted computer, so how
susceptible are they to gov't warrants to get at those keys?
Paul
2017-12-14 21:29:26 UTC
Permalink
Post by n***@ms.com
Post by jack3,?.com
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
What's wrong with trusting the original until the other(s) prove their
worth?
https://truecrypt.ch/downloads/
I'm no expert on this stuff. I'm just relying on past performance. I
find that's the best to do with proggies or people.
According to; https://truecrypt.ch/downloads/
Windows (XP/Vista/7/8) sig TrueCrypt Setup 7.1a.exe
I want to move to win 10, and install a fresh (whole disc?) encryption
product. Is "TrueCrypt Setup 7.1a.exe" compatible with win 10?
The comedy of it. The Community score is +874.

https://www.virustotal.com/#/file/e95eca399dfe95500c4de569efc4cc77b75e2b66a864d467df37733ec06a0ff2/details

The article here hints at the practical details.

https://superuser.com/questions/949519/windows-10-upgrade-and-truecrypt

Windows 7 and Windows 10 are similar, in that they're BCD
based, and both Windows 7 and Windows 10 have separate boot
materials someone can manipulate. But in Windows 7, they might
have been using MBR and BIOS boot, rather than the more
futuristic GPT and UEFI boot. As long as you remain conservative
in your choice of setups, Windows 10 has many things in common
with Windows 7.

One of the reasons Windows 7 has System Reserved and C: , is so
that Bitlocker can encrypt C: and leave System Reserved unencrypted.
That allows boot materials to be on System Reserved, and with the
Bitlocker driver and/or control panels loaded, then C: can be
considered. You need a bit of a boot loader, to prepare for
Bitlocker (apparently).

You can also combine boot materials, onto C:, to reduce the
number of primary partitions used on MBR disks. The technique
is shown here. Doing this, would cause problems for applying
Bitlocker to all of C: . For your TrueCrypt, you'd have to
understand where the boot materials are hidden, so that the
entire disk can be encrypted. There has to be a small bootloader
somewhere.

http://www.terabyteunlimited.com/kb/article.php?id=409

For example, right now I have an SSD with Windows 10 on it,
with MBR partition, BIOS boot, and no System Reserved. That
means the BCD file and \boot are on C: .

You should follow the instructions in the TC manual for Windows 7,
and do likewise on Windows 10. If doing an Upgrade Install,
your existing MBR partitioning choice and BIOS boot choice,
should continue to work.

The SuperUser thread, while not authoritative by any means,
suggests decrypting before upgrading. And I have to agree
that's the safest approach. And it doesn't really matter
what set of initial conditions you provide, Upgrade Installs
have a measure of danger, and you should backup first. If
you find, for some reason, that no backup tools do a good
job on an opened TrueCrypt setup, you have the option of
using "dd.exe" and while that drive is a data drive (you're
not using it), you can just dd all the sectors into a large
file for safe keeping. There is always *some* way to do
a backup, if the commercial products are barfing.

http://www.chrysocome.net/dd # usage info is here

http://www.chrysocome.net/downloads/dd-0.6beta3.zip

When I calibrate backup software, I make my first "safety"
backup with dd.exe. If the attempt to restore my backup
using the commercial software fails, then I restore the separately
collected image file using dd.exe. Use an Administrator Command Prompt
window to make your dd.exe backup, as dd.exe needs raw
access to the disk to back up the sectors. You can
even do such "dd" activity from Linux if you want,
as they have a dd too.

And if you did that, backed up a TrueCrypt drive, there's
no point trying to compress the image of the drive.
Encrypted drives are "high entropy" and don't compress.
In other cases, if someone asked, I might suggest
"piping" the output of dd to the command line version
of 7ZIP, to make the file smaller. But if the disk is
encrypted when you try to copy it in an inactive state,
then the file should be in-compressible. If you shove
1TB of data into 7ZIP, you'd get 1.001TB of data out
of it, and no savings accrued.

I don't encrypt things here, because of the "write once,
read never" nature of encryption. Does Truecrypt have
known data recovery techniques ? If the file system
screws up, how does a person get their data back ?
If I did put things in there, it would have to be
things I could afford to lose.

*******

As an example of an experiment I carried out recently,
I tried to boot from a VHD image. Windows allows
adding a VHD file as a second OS, in a multiboot
type technique.

Boot Menu
Win10 Native (on C: partition)
Win10 VHD (a file containing the whole OS, stored on C: )

Well, two things happened. First, the boot screwed up,
with the Windows 10 VHD screen flashing over and over
again. It was a bitch to deal with and shut down (Task
Manager helped). But while I was in there, I also tested
attempting to run an Upgrade in there, using the
16299 ISO image. And the installer flat-out said, it
doesn't support upgrading VHD images. So it's possible, if
you attempt to use a Win10 DVD, that the installer will
announce its policy at the very beginning, before you've
invested a lot of time on it.

*******

As I understand it, the drop-dead date for the
"Free Upgrade" to Win10 is Dec.31 of this year.
For the past little while, the "Accessibility" excuse
was used by Microsoft, for continuing to offer the OS
as a free upgrade to Win7 SP1 and Win 8.1 users.

If you're using a retail boxed copy of Windows 10,
then you have no time constraints on your project,
and can try after Dec.31 if you want.

Paul
Ralph Fox
2017-12-14 22:43:58 UTC
Permalink
Post by n***@ms.com
According to; https://truecrypt.ch/downloads/
Windows (XP/Vista/7/8) sig TrueCrypt Setup 7.1a.exe
I want to move to win 10, and install a fresh (whole disc?) encryption
product. Is "TrueCrypt Setup 7.1a.exe" compatible with win 10?
I have TrueCrypt 7.1a running on Windows 10.

I cannot confirm whether or not TrueCrypt can be used for encrypting
your boot drive in Windows 10. I have never used it for encrypting
the boot drive, only for external disks.

For my use, I have had no problems with TrueCrypt 7.1a on Windows 10.

If you want to encrypt your Windows 10 boot drive, I suggest asking
users in the Windows 10 newsgroup "alt.comp.os.windows-10".
--
Kind regards
Ralph

17th century public notice in Boston, Massachusetts:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PUBLICK NOTICE
The Observation of Christmas having been deemed a Sacrilege, the
exchanging of Gifts and Greetings, dressing in Fine Clothing,
Feasting and similar Satanical Practices are hereby FORBIDDEN with
the Offender liable to a Fine of Five Shillings
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Shadow
2017-12-15 03:09:08 UTC
Permalink
Post by n***@ms.com
Post by jack3,?.com
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
What's wrong with trusting the original until the other(s) prove their
worth?
https://truecrypt.ch/downloads/
I'm no expert on this stuff. I'm just relying on past performance. I
find that's the best to do with proggies or people.
According to; https://truecrypt.ch/downloads/
Windows (XP/Vista/7/8) sig TrueCrypt Setup 7.1a.exe
I want to move to win 10, and install a fresh (whole disc?) encryption
product. Is "TrueCrypt Setup 7.1a.exe" compatible with win 10?
What's the point of installing encryption software on a
keylogger ?
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Shadow
2017-12-13 10:53:24 UTC
Permalink
Post by n***@ms.com
Post by Ant
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
It's fine, as long as you trust government software. Hell,
it'll keep the script kiddies out, if that's what you are worried
about.
Post by n***@ms.com
Does VeraCrypt work well under win 10?
I see it had 2,580 downloads in the last week, so people are trusting
this software.
And millions of downloads of Win 10, so people are trusting
that too.
Post by n***@ms.com
Which of the several spawns from TrueCrypt can I trust with my data?
TrueCrypt 7.1a.
It passed all the audits. None of the others did.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
jack3,?.com
2017-12-13 05:06:05 UTC
Permalink
Post by Ant
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
Use VeraCrypt which is updated based on TrueCrypt: https://www.veracrypt.fr
I answered somewhere else in this thread about why I won't yet use
VeraCrypt.
jack3,?.com
2017-12-16 01:20:59 UTC
Permalink
Post by jack3,?.com
I'm going to move to Win 7. I'm wondering if system disk encryption -
encrypting the entire C: - will work using Win 7?
I found these answers.

https://preview.tinyurl.com/yde5wkf4

Greg00000 replied on
A:
I was unable to upgrade from Windows 7 to 10 while using TrueCrypt
full disk encryption. Once I decrypted my system disk, I upgraded to
Windows 10 without problem. I then re encrypted the Windows 10 drive
using TrueCrypt and it is working fine. I am able to access all
external encrypted drives in Windows 10 without any problems as well.


https://forum.truecrypt.ch/t/windows-10-and-truecrypt-7-1a/438

TrueCrypt works with Windows 10/11, including Whole Disk Encryption
and the protection of Host Protected Area, etc...

1) Use Legacy BIOS, turn of SecureBoot and etc
2) Use MFT/MBR/IDE rather than GPT/UEFI/etc

Nothing to see here folks, TrueCrypt is good for the next ten + years
for as long as mobo manufacturers still support MFT

Use a long strong random and secure password (you should be doing that
anyway) and stop worrying about password hashing altogether. It is
redundant and superfluous. 1000X iterations is more than enough.

Continue reading on narkive:
Loading...