Talk:TrueCrypt

Latest comment: 1 year ago by 2601:646:200:43F0:3C64:C5EC:D2E6:795C in topic merge with TrueCrypt_release_history

edit

Hello fellow Wikipedians,

I have just modified 12 external links on TrueCrypt. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 01:04, 9 September 2017 (UTC)Reply

Druking

edit

Unless google translate is missing something, the sources do not support the claim that "In the special prosecutor investigation for Druking in South Korea, the special prosecutor tried to decrypt files encrypted by TrueCrypt and he succeeded to decrypt some of them."

--Guy Macon (talk) 15:11, 28 August 2018 (UTC)Reply

Regarding these edits,[1][2][3][4] extraordinary claims need extraordinary evidence.
The PBKDF2 key stretching used in TrueCrypt considerably slows down both brute force attacks and dictionary attacks. A dictionary attack against Truecrypt runs at 820 passwords per second on an Intel Core i7-970 system at 3.2GHz.[5][6]
Unless the police in question rented time on a supercompter (something that would surely have been mentioned in the sources) or the criminal was stupid and used "Swordfish" as his password, any claims that they cracked Truecrypt are extremely implausible, and indeed from the Google translate of the Korean sources that Berryball cited, no such claim was made. Instead, I am seeing things like
  • "The FBI can not figure it out"
  • "The Password, a combination of 4 uppercase letters, numbers, and special characters in English...will take 120,000 years"
  • "the spy team was found to have made considerable progress in the investigation.. Druking is trying to solve the secret code by substituting the pattern which is supposed to be used in the password. It is a method of estimating cipher with keywords such as 'Jami Duo' (Chinese astrology), which is known to be believed by Druke, and 'KKM', which refers to Kyosho. It usually takes nine hours to decipher a four-digit password that is a mixture of English uppercase and lowercase letters, numbers and special characters based on one high-performance computer (workstation), the spokesman said. The spokesperson said the decryption process using patterns is fast, considering that it takes a whopping 120,000 years to decipher an 8-digit password without any pattern assignment."
  • "It's encrypted with a program called Truecrypt. It was said that it was difficult for foreign investigators to solve it. That part is hard to solve anymore. I secured enough to help with the investigation. This part of the investigation took up a large part of the investigation. There is also a decryption program, but persuaded the parties. It is one of the more difficult investigations than any other investigation."
Given the evidence available, my conclusion is that the South Korean police did not decrypt the Truecrypt-encoded files, and I have deleted the claims as being unsourced. --Guy Macon (talk) 15:04, 30 August 2018 (UTC)Reply

(The following comment was moved from my talk page. Discussions about the content of an article belong on that article's talk page. --Guy Macon (talk) 06:13, 31 August 2018 (UTC))Reply

I used many Korean newspapers as citations. But you just can't read Korean language at all.
They are issues in South Korea, so they are written by Korean language on Korean newspapers. But you can't read any Korean language. It's just the problem. In your opinion, any Korean things can't be written on English Wikipedia until English newspaper writes about them! South Korea is not USA or Europe, so English newspapers don't write all Korean stuff! Many Korean newspapers write about them, but just you can't read Korean language, so we can't write about them on English Wikipedia? You can use Google Translate.
Maeil Business Newspaper (매일 경제) is one of three major South Korean economic newspapers. Yonhap (연합 뉴스) is the major news source for all South Korean newspapers. Chosun Broadcasting Company (TV 조선) is a daughter company of The Chosun Ilbo (조선 일보) for TV broadcasting. The Chosun Ilbo is the most famous newspaper in South Korea. I used three famous South Korean newspapers as the sources, but you deleted them just because you can't read Korean language. --Berryball (talk) 05:34, 31 August 2018 (UTC)Reply
I just saw Talk:TrueCrypt#Druking. I'm translating sentences one-by-one for you. You can verify them using other translation websites or programs or other Korean people. --Berryball (talk) 06:08, 31 August 2018 (UTC)Reply
I do not believe that "any Korean things can't be written on English Wikipedia until an English newspaper writes about them" please stop putting words in my mouth. Nor did I ever hint that the newspapers you cited were not reliable sources. I said that the the newspapers you cited do not appear to say what you claim they say.
Yes, there are difficulties when someone who doesn't speak Korean evaluates a Korean source using Google Translate. But I am pretty sure that the translation "Druking is trying to solve the secret code" is inaccurate. Please cut and past the exact entence where you believe that one of your sources say that the solved the secret code instead of saying that they are trying to solve the secret code.
Here is your basic problem. You are claiming that Druking did something which is generally considered to be impossible (guessing a 16-character truecrypt password that consists of uppercase letters, numbers, and special characters using a dictionary attack). EXTRAORDINARY CLAIMS NEED TO BE BACKED UP BY EXTRAORDINARY EVIDENCE. --Guy Macon (talk) 06:13, 31 August 2018 (UTC)Reply
I'm sorry. I thought that you deleted these citations because of that. But you already tried to translate them yourself. --Berryball (talk) 07:24, 31 August 2018 (UTC)Reply

I thought you never tried to translate them using Google Translate, but you really did it! I can translate sentences one-by-one for you. You can verify them using other translation websites or programs or asking Korean people about them.


-트루크립트라는 프로그램으로 암호화했다고 하는데.

-(The documents) were encrypted by TrueCrypt.

▲ 외국 수사기관에서도 풀기 어려운 것이라고 했는데, 중요한 건 다 풀었고 일부 풀지 못한 부분이 있다. 그 부분은 더 이상 풀기 어려운 상황이다. 수사에 도움이 될 만한 정도 확보했다. 이 부분이 수사에 많은 부분을 차지했다. 암호 해독 프로그램도 있지만 당사자를 설득했다. 다른 어떤 수사보다 힘들었던 수사 중 하나다.

We decrypted important data and we couldn't decrypt some of them though decryption is difficult even for foreign law enforcement agencies. Some of the data are difficult to decrypt. But we already got some for investigation. This is the major part for the investigation. We have decryption programs but we also persuaded suspects. It is the most difficult investigation.

(NewsPim (뉴스핌) is not famous newspaper in South Korea.)

http://newspim.com/news/view/20180827000369


다만 특검팀이 출범 이후 여권의 정치 공세 속에서도 김씨와 그의 측근들을 집중 조사하고, `트루크립트(TrueCrypt)`라는 암호화 프로그램 일부를 해독해 김 지사와 김씨 간 연결고리를 비교적 상세히 밝혀낸 것은 적잖은 성과라는 평가를 받고 있다.

However, the special prosecutor team found the linkage (Kyeongsangnamdo province) governor Kim (Kyung-soo) and Mr. Kim by decryption of TrueCrypt though the investigation was hampered by the ruling party.

(Maeil Business Newspaper (매일 경제) is one of three major South Korean economic newspapers.)

http://news.mk.co.kr/newsRead.php?year=2018&no=538301


보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.

(보통의 암호는 해당 파일을 열면 패스워드를 입력하는 방식이지만 트루크립트는 파일 자체가 눈에 보이지 않도록 해 놨다는 점이 특징이다. 이 때문에 은닉된 파일이 있는지 확인하는 것조차 어려운 상황이다.) (The author missed one space between words so I inserted a space for translation.)

Ordirnary encryption just using method to input a password, but TrueCrypt hides files. So it is difficult to find whether there is a hidden file or not. (I think it is a hidden volume.)

특검팀은 드루킹이 운영한 경제적공진화모임(경공모) 회원을 상대로 한 암호 해독에 협조를 받으려 했지만, 이들은 의미 있는 자료에 걸린 암호는 기억이 잘 나지 않는다고 주장하는 것으로 전해졌다.

The special prosecutor team tried to get help from the suspects (members of 경제적공진화모임) but they said that they don't remember the passwords for important data.

악조건 속에서도 특검팀은 전날 16자리 암호를 해독하는 등 수사에 상당한 진척을 보이는 것으로 파악됐다. 드루킹 일당이 암호에 사용했을 것으로 추정되는 패턴을 대입해 속속 암호를 풀어내고 있는 것이다.

The special prosecutor team decrypted 16 character (16 digit) password yesterday. The special prosecutor team input pattern as a password that Druking group maybe uses as a password. (The special prosecutor team conjectured the most probable password that Druking group used.)

드루킹이 신봉한 것으로 알려진 '자미두수'(중국 점성술)와 경공모를 지칭하는 'KKM' 등을 키워드로 암호를 추정하는 방식이다.

For example, the special prosecutor team tried to input Zi wei dou shu (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a dictionary attack.)

(Yonhap (연합 뉴스) is the major news source for all South Korean newspapers.)

http://www.yonhapnews.co.kr/bulletin/2018/07/18/0200000000AKR20180718142500004.HTML


특별 검사: "저희가 지금 가장 어려운 부분이 암호, 어, 지난번에도 제가 말씀드렸지만 은닉된 파일을 찾는 것입니다." (video 00:00 - 00:12)

Special prosecutor: "For us, the most difficult part is the encryption. I said last time too, it is to find the hidden files." (video 00:00 - 00:12)

특별 검사: "이 암호의 특징은 보통 우리가 한글 파일이라든지 이런 것을 보면, 파일은 보이는데 패스워드 암호를 입력하도록 되어 있어서 눈에 보이는 암호가 대부분인데 트루크립트는 눈에 보이질 않습니다. 은닉돼있는 암호구요. 그래서 파일이 있는지 없는지조차도 확인하기 어려운데 그것을 확인하고 있습니다." (video 02:05 - 02:35)

Special prosecutor: "Ordinary encryptions use just passwords but this encryption's character (nature) is to hide files so we can't see the hidden files. It is a hidden encryption. So it is difficult to know whether there are files or not, but we tried to check there are files or not." (video 02:05 - 02:35)

(Though this video broadcasts on The Dong-a Ilbo(동아 일보)'s website, this video's source is OBS Gyeongin TV.)

http://voda.donga.com/3/all/39/1394189/1

경공모가 이중삼중으로 걸어놓은 암호파일들이 특검팀에 의해 풀리기 시작한 것도 이들의 진술변화에 한몫했습니다.

Kyeong-gong-mo's attitude in the investigation was changed after the encrypted files were decrypted by the special prosecutor team.

드루킹 일당은 과거 대공사범들이 주로 사용하던 '트루크립트'라는 암호화 프로그램까지 동원해 사용기록을 감췄는데, 특검팀내 검경 포렌식 전문가들이 풀기 시작한 겁니다.

Druking group used TrueCrypt that spies usually used, but forensic specialists in the special prosecutor team decrypted some of them.

(Chosun Broadcasting Company (TV 조선) is a daughter company of The Chosun Ilbo (조선 일보) for TV broadcasting. The Chosun Ilbo is the most famous newspaper in South Korea.)

http://news.tvchosun.com/site/data/html_dir/2018/07/18/2018071890102.html

--Berryball (talk) 07:03, 31 August 2018 (UTC)Reply

Druking didn't use random 16 character passwords. He input some words into the passwords and the special prosecutor team knows what words he likes!

And nobody uses random passwords because it is difficult to remember random passwords. Instead that, people use very long passphrases including words to encrypt data. (For instance, 20 or 40 character passphrases.)

--Berryball (talk) 07:07, 31 August 2018 (UTC)Reply

Ah. I see where you went wrong. Above you wrote "For example, the special prosecutor team tried to input Zi wei dou shu (Purple Star Astrology) and KKM as a part of the passwords. (I think it is a dictionary attack.)" That's not a dictionary attack. That's attempting to guess the passphrase based upon knowledge about the person who chose the passphrase. A dictionary attack is attempting to guess the passphrase using every word in a dictionary as the first word, plus every word in a dictionary as the second word, and so on. A guessing attack is a common technique used by police, and works well if the person picked a guessable passphrase such as his birthday, name of his dog, favorite sports team., etc. A dictionary attack doesn't work on truecrypt. It takes a very long time to check each passphrase and the attacker dies of old age before trying 0.01% of the phrases from the dictionary.
I suggest that you re-add the material, but instead of making the false claim about a dictionary attack, you simply say that the special prosecutor team guessed his passphrase based upon information they knew about him. --Guy Macon (talk) 15:22, 31 August 2018 (UTC)Reply
I see. --Berryball (talk) 16:05, 31 August 2018 (UTC)Reply

the web page for true crypt

edit

the web link to truecrypt needs to be deleted as it is discontinued Superusergeneric (talk) 08:23, 25 August 2021 (UTC)Reply

"Development continues on two forks, VeraCrypt and CipherShed"

edit

VeraCrypt is active. Ciphershed is dead. The last CipherShed release was 0.7.4.0 (February 1, 2016). The last post to the CipherShed Forum was in 2016. Please correct the article.

Also see Project Dead? and Giving Up on CipherShed 22:43, 24 March 2022 (UTC)2600:1700:D0A0:21B0:B858:3590:F10E:CA10 (talk)

Duly noted. Waysidesc (talk) 02:34, 25 March 2022 (UTC)Reply

Druking

edit

This doesn't seem to make any sense;

"He decrypted some of encrypted files by trying words and phrases the druking group had used elsewhere as parts of the passphrase in order to make educated guesses."

That's not even how it works, is it? You can't just decrypt random files piecemeal with individual passwords. You either determine the key/password and are able to decrypt the drive, or you don't, in which case you have no access to the encrypted material whatsoever.

I see this claim has already been argued about and had been removed in the past, it should be removed again for the exact same reasons it already was. Even the translated material does not back this claim up. But the claim itself seems to be objectively impossible anyway and suggests a fundamental misunderstanding of the subject matter on the part of whoever put it there.Lordlylightofjesus (talk) 20:19, 17 March 2023 (UTC)Reply

merge with TrueCrypt_release_history

edit

TrueCrypt_release_history 2601:646:200:43F0:3C64:C5EC:D2E6:795C (talk) 17:38, 20 November 2023 (UTC)Reply