LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 07-18-2014, 09:47 AM   #1
czezz
Member
 
Registered: Nov 2004
Distribution: Slackware/Solaris
Posts: 602

Rep: Reputation: 30
encription software for Linux and Windows / Alternative for TrueCrypt ?


As it has been announced that Truecrypt is not safe anymore, is there any other encryption software that works with Linux and Windows ?
 
Old 07-18-2014, 10:37 AM   #2
kilgoretrout
Senior Member
 
Registered: Oct 2003
Posts: 2,333

Rep: Reputation: 144Reputation: 144
For linux, there's dm-crypt/luks. You could probably access a dm-crypt encrypted partition in Windows by installing a linux vm with virtualbox and mounting the encrypted partition from within the linux vm. I certainly wouldn't trust any windows encryption software that wasn't open source. Truecrypt was open source and I recall hearing rumors that someone outside the US had picked up the code and was working on a new, updated release of a cross platform encryption application based on the old Truecrypt code base:

http://www.rawstory.com/rs/2014/05/2...tery-shutdown/
 
Old 07-18-2014, 10:46 AM   #3
czezz
Member
 
Registered: Nov 2004
Distribution: Slackware/Solaris
Posts: 602

Original Poster
Rep: Reputation: 30
Ya, I heard this same. Some swiss guys here: https://truecrypt.ch/
...smells like NSA trap :/
 
Old 07-18-2014, 11:24 AM   #4
mostlyharmless
Senior Member
 
Registered: Jan 2008
Distribution: Slackware -current (multilib) with kernel 3.16.2
Posts: 1,571
Blog Entries: 13

Rep: Reputation: 182Reputation: 182
You can also open up your truecrypt partitions with dm-crypt
 
Old 07-18-2014, 12:22 PM   #5
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,622
Blog Entries: 1

Rep: Reputation: Disabled
Nothing wrong with 7.1a
 
Old 08-15-2014, 10:09 PM   #6
mhogomchungu
LQ Newbie
 
Registered: Mar 2014
Posts: 14

Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
Nothing wrong with 7.1a
There is something wrong.

TrueCrypt mount volumes with "suid" option by default.It also allows any user who can unlock a volume to
mount it with whatever mount option they want,with the default being "suid" option among others.

The above means,if you can unlock a TrueCrypt volume on a machine,you can get root shell.

Steps to take to show what i just said

1. download "tc.img" from here[1].Thats a TrueCrypt volume.
2. mount it using TrueCrypt
3. browse to the mount point and you will find an executable named "owned".
4. run it with something like "./owned /bin/bash" and you will now have root shell.

Implication:
1. If somebody can use your computer to mount a TrueCrypt volume,that somebody can get root shell in seconds.
2. If there is a linux based public computer with TrueCrypt installed for the public to use to access their TrueCrypt
volumes,then through this trick,any user can get root access on that computer.

[1] https://github.com/mhogomchungu/random_stuff
 
Old 08-16-2014, 06:16 AM   #7
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,622
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by mhogomchungu View Post
There is something wrong.

TrueCrypt mount volumes with "suid" option by default.It also allows any user who can unlock a volume to
mount it with whatever mount option they want,with the default being "suid" option among others.

The above means,if you can unlock a TrueCrypt volume on a machine,you can get root shell.

Steps to take to show what i just said

1. download "tc.img" from here[1].Thats a TrueCrypt volume.
2. mount it using TrueCrypt
3. browse to the mount point and you will find an executable named "owned".
4. run it with something like "./owned /bin/bash" and you will now have root shell.

Implication:
1. If somebody can use your computer to mount a TrueCrypt volume,that somebody can get root shell in seconds.
2. If there is a linux based public computer with TrueCrypt installed for the public to use to access their TrueCrypt
volumes,then through this trick,any user can get root access on that computer.

[1] https://github.com/mhogomchungu/random_stuff
None of that implies anything wrong with TrueCrypt.
If some one has physical access to your host, you have bigger fish to fry.
 
Old 08-16-2014, 06:49 AM   #8
mhogomchungu
LQ Newbie
 
Registered: Mar 2014
Posts: 14

Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
None of that implies anything wrong with TrueCrypt.
Do you not see anything wrong anywhere or you see it but find fault on someone other than TrueCrypt,if yes,who?
 
Old 08-16-2014, 10:00 AM   #9
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,622
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by mhogomchungu View Post
Do you not see anything wrong anywhere or you see it but find fault on someone other than TrueCrypt,if yes,who?
Quote:
Originally Posted by mhogomchungu View Post
1. If somebody can use your computer to mount a TrueCrypt volume,that somebody can get root shell in seconds.
This violates the First Rule of Security, deny physical access.
How is that a TC issue?
 
Old 08-16-2014, 02:17 PM   #10
mhogomchungu
LQ Newbie
 
Registered: Mar 2014
Posts: 14

Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
This violates the First Rule of Security, deny physical access.
How is that a TC issue?
Physical access is not necessary as the exploit can still be carried out remotely if the
user can login and run TrueCrypt.

The problem is that TrueCrypt can be used as a mean to gain "elevated privileges" and hence
the bug if somebody file one will be classified as a "local privilege escalation bug",like this[1] one.
This will be true especially with the second scenario,a scenario you conveniently did not address.

[1] http://timetobleed.com/a-closer-look...cve-2013-2094/
 
Old 08-16-2014, 08:01 PM   #11
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,622
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by mhogomchungu View Post
if the user can login and run TrueCrypt.
On multi-seated installations, I will agree it may pose a problem.
But if you're concerned about it, don't use TC or get better "users".
 
Old 08-28-2014, 08:03 AM   #12
cepheus11
Member
 
Registered: Nov 2010
Location: Germany
Distribution: Gentoo
Posts: 143

Rep: Reputation: 39
To exploit suid access: This requires a security vulnerability known to the attacker in an suid program like su or sudo. mhogomchungu, you provide a downloadable truecrypt volume containing a program with such a vulnerability deliberately built in, to prove truecrypt 7.1a as unsecure? This is not truecrypt's fault, the program "owned" is unsecure.

To anyone who cares about the "suid" mount option:

- Do not have suid programs in your truecrypt container
- or open the encrypted mapping without mounting, and mount yourself with "-o nosuid"
- if you need programs like su or sudo in the container, always keep them up to date. They run with root rights, but they still check passwords.
 
1 members found this post helpful.
Old 08-28-2014, 08:33 AM   #13
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,455

Rep: Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172Reputation: 1172
Anyway, if you need to encrypt a volume, by far the best way to do it is to use a drive, or a controller-card, that is capable of encrypting the data on the media. The very best forms of cryptography are those that are totally invisible to the end-user.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cross-platform encryption alternative to TrueCrypt yzT! Linux - Software 4 06-07-2014 05:24 AM
[SOLVED] PC-BSD(FreeBSD) Truecrypt Alternative Zyblin *BSD 4 12-04-2013 02:11 PM
[SOLVED] Automount Truecrypt, Truecrypt command lline OS Arch Linux yanfaun Linux - Software 5 09-26-2010 08:37 PM
Truecrypt Or Truecrypt Alternative On Centos? b10m3ch4 Linux - Server 5 12-18-2009 04:42 AM
Alternative for windows software in linux sawant priyanka Linux - Software 4 05-14-2009 09:58 AM


All times are GMT -5. The time now is 07:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration