Hacker News new | past | comments | ask | show | jobs | submit login
SpiderOak removes its warrant canary (reddit.com)
235 points by dannyw on Aug 6, 2018 | hide | past | web | favorite | 93 comments



SpiderOak tweeted three days ago [1] that it's replacing the warrant canary with a transparency report that'd be updated every six months.

This is what the tweet said/says: [1]

"We just released our most recent transparency report, available at https://spideroak.com/transparency/ . This will replace our #warrantcanary. The final version of the canary is available at https://spideroak.com/canary . The transparency report will be updated every six months."

The transparency report, updated a few days ago this month, shows zeros for every kind of request, which means there haven't been any kind of court orders for information from February to August 2018. [2]

Are there still reasons to be concerned? I don't understand how they can list NSLs in the transparency report, since those are the ones with the gag orders necessitating legally confounding workarounds like a warrant canary.

[1]: https://twitter.com/SpiderOak/status/1025488889564327936

[2]: https://spideroak.com/transparency/


My hunch is that they were indeed served with an NSL. The transparency report bullshit is an extra thing they've done to have mercy of NSA or whatever at the expense of confusing (quite) a few people (people mentioned that canary practice wasn't confirmed as illegal or legal by any court proceeding).

One thing to realise is that they (AFAIR) never said they'd quit the business if they ever get served with an NSL.


> I don't understand how they can list NSLs in the transparency report

Correct. You can list the ones you don't have, but not the ones you do. So to a first approximation, the transparency report will always say "0".

Now, the theory behind a warrant canary is that the government can compel your silence but (maybe!) it cannot compel you to make false statements. And if that applies to NSLs and gag orders, and thus makes warrant canaries valid, it might apply to the transparency report too.

And in that case maybe we can take the "0" at face value, and we can assume that they haven't received an NSL, but if they do they'll just silently drop that section from the transparency report. (Their warrant canary had some cryptographic signatures, but as far as I know, that's totally irrelevant. If a court decides to compel you to lie and say you haven't received a NSL when you have, then they can compel you to sign the canary too. If they opt not to compel speech, then they won't compel a false transparency report. The crypto is window dressing.)

But while on paper it looks to me like the transparency report is probably just as meaningful as the canary, the ham-handed way they've announced it leaves me suspicious.


Just to add on, the compelling of speech is made more difficult by the fact that the signing keys were held by people of three different nationalities, in three different countries.

The US Government can't force someone to do something if they aren't a US citizen and not on their territory. Their best option is extradition, but that would raise more eyebrows than they'd want.


Their best option is to simply ask the foreign government to do something to their own citizens on its behalf because they have evidence of some sort of potential criminal activity. Quid pro quo ensues, no extradition needed.


I don't think there's any way to change from having a warrant canary to not having the warrant canary, even if your new approach nominally conveys the same information, that isn't rather suspicious.


Isn't the point of the crypto on the warrant canary for the case where your servers get seized?


Before you receive a NSL, you do not have any gag orders. It is the gag order that prevents publication; not the law.

So you can legally say you’ve received no NSLs; until you get a NSL.


Right. That was my understanding too. But they’d have to remove that NSL section if they receive an NSL (assuming their honesty or desire to be so is not in question here) — as Lazare explained in another comment here. That’s almost the same as the canary, without the signing.


My understanding is they are served simultaneously, so you do not have that luxury.


If that were the case, the concept of a warrant canary would have died long ago in court.

A gag order doesn't compel you to lie; it compels you not to talk about the topic in question. Removing a statement testifying to no NSL is in compliance with a gag order.


> If that were the case, the concept of a warrant canary would have died long ago in court.

Was it ever challenged? If not, you can't say anything about them. Probably FBI/NSA/et-al simply did not care if there was no real disclosure.


Wow, did you downvote me for adding to the conversation? Here are sources that disagree with you and align with my previous comment. You should provide sources next time.

> A judge does not have to approve the NSL or an accompanying gag order.

https://www.eff.org/issues/national-security-letters/faq

> The letters come with a life-long gag order, so businesses that receive such letters are prohibited from revealing to anyone, including customers who may be under investigation, that the government has requested records of transactions.

https://www.wired.com/2010/08/nsl-gag-order-lifted/#ixzz0wcP...

> NSLs are almost exclusively served in secret alongside an indefinite gag order, which prevents anyone from disclosing the contents of the letter to anyone.

https://www.zdnet.com/article/national-security-letters-ever...

> Since the first national security letter (NSL) statute was passed in 1986 and then dramatically expanded under the USA PATRIOT Act, the FBI has issued hundreds of thousands of such letters seeking the private telecommunications and financial records of Americans without any prior approval from courts. In addition to this immense investigatory power, NSL statutes also permit the FBI to unilaterally gag recipients and prevent them from criticizing such actions publicly. This combination of powers — to investigate and to silence — has coalesced to permit the FBI to wield enormous power and to operate without meaningful checks, far from the watchful eyes of the judicial branch. Not surprisingly, this lack of checks has contributed to a dramatic expansion in the use of these tools across the country. Indeed, for the period between 2003 and 2006 alone, almost 200,000 requests for private customer information were sought pursuant to various NSL statutes.

https://www.eff.org/issues/national-security-letters


I think that you are getting downvoted because people don't understand what you are trying to say. I don't understand it either.

Yes, the NSL and gag order are effectively one and the same. However, the point of these "warrant canaries" is that they don't have to talk about the request to let people know that they have likely received one. They simply remove their existing statement that they have never previously seen one.

The theory is that the government cannot compel you to continue to make a statement now that it is false and your removal doesn't technically constitute a disclosure of the NSL.

AFAIK, this theory has never been tested in court.


What I mean is:

Before you have received any NSL, you are not bound by any gag order. (Because they come together).

So, before you have received any NSLs, you can say you received 0 NSL.

(I did not downvote you).


But then you are basically compelled to lie, otherwise you'd violate the gag order.

If the gag order would only prohibit the disclosure of the contents, then businesses could simply show the list of NSLs received (basically the date and time of when they got it and when they complied with it).


Umm. So what I am understanding is that statement 1 "I have not received any NSL" is a true statement 100% of the way and they can say it for as long as they do not receive any NSL.

The moment they recv an NSL, they cannot say statement 1 anymore. So they say something different... not sure what that is.


They remove that statement. Basically people can know what happened running a diff between reports.


I don't know anything about SpiderOak, except occasionally having browsed their front page, but they do seem to have some clue about security and secure software. If that is true, they must have known from the outset that once you decide to install a canary, you cannot discontinue it except to signal that it has died.

That canary has now died. It did so along with a statement [1][2] that signing a canary every 6 months with an airgapped computer is too impractical, which isn't very plausible as this is a perfectly schedulable event which will take at most an hour for every person involved, twice a year. I suppose they sign their (APT, RPM) releases in the same way (please ask them; seems answerable). Additionally, they were three days late with their statement about moving away from the canary, which is otherwise irresponsibly late for an event that can completely erode trust in them as a security company.

The irony is that their conclusion in [1] that the "canary’s effectiveness as a tool has been questioned, the usage of it at other companies is not consistent, and verifying it and keeping track of it is complicated for users" is spot on; the confusion that can be created about whether the canary is dead or merely deprecated, that after it has died once it cannot be reinstated, and that the only recourse for users is to move away from the service, makes it a pretty useless signal to act upon.

[1] https://spideroak.com/articles/transparency-report/

[2] https://twitter.com/SpiderOak/status/1025488889564327936


There is no confusion. There is a simple bargain with a canary: no matter what confusion is thrown up by bad actors, once it's activated, you assume the target is compromised.

If they're not really compromised? You don't need to ask that; trust is based on evidence, not some abstract Truth. When the trigger activates, you deprecate trust. It's really that simple.


> once it's activated, you assume the target is compromised

I don’t think it’s helpful to think in such absolutist terms. Coal mine canaries died of natural causes. A canary is meant to prompt investigation (and heightened vigilence), not conclude it.


I'm not sure the comparison to the actual canary in a coal mine is particularly relevant here. Clearly that inspired the name, but beyond that...

Assuming it is a good comparison - if you are the one in the coal mine and the carnary keels over, are you going to start trying to figure out the exact cause of death or just hurry up and get the hell out of the mine?


I wonder why more organisations don't do a globally distributed Canary with people in differing jurisdictions signing it. Not that it is likely to reduce overall liability but surely if it has to signed by someone in US, Switzerland, Hong Kong, South Africa, Lebanon etc then its going to spread the single point of failure?


Would global distribution of signed canaries be a decent use case for a blockchain sort of technology?


> Would global distribution of signed canaries be a decent use case for a blockchain sort of technology?

No. There is no need to add an economic element. You could post a bunch of PGP-signed messages, but even that’s excessive.


Coincidentally, the signing key for their RPM has been changed a few days ago and they recommend you reinstall from a direct download instead.

https://support.spideroak.com/hc/en-us/articles/360009029531...


Hmmm the language used to justify dropping the Canary sounds very similar to other services which ditched it in the past. Cant remember exactly but IIRC Reddit and Riseup said something like this.


Here's a question that crossed my mind: what if you ignore a gag order? You receive a secret court order to hand over data, and you tell them you're not giving it to them unless you're allowed to tell the world about it.

Will they give you a fine? And what if you don't pay the fine? Will they arrest you? And if they do, how can they prevent people from finding out about it?


Given that national security letters originate from the patriot act, I presume the consequences are grave. Certainly, jail time seems probable. In general, if a court says do X, and you refuse, that is contempt of court. The court can then decide to fine you, and put you in jail until you are willing to comply.

Given gag-orders, and waving the word 'national security'. I expect the court proceeding dealing with your arrest / punishment would be sealed.

Heck, if certain things are marked as US government secrets and you publish them, that is treason which can be punished by death.


> I expect the court proceeding dealing with your arrest / punishment would be sealed.

Sure, but at a certain point, surely they will have to come and pick you up? What if there are journalists present who ask that you are being put away for? "We can't tell" surely isn't an answer they won't accept? That's eerily close to arbitrary detention.



Was it by mistake? The warrant canary is back: https://spideroak.com/canary

Edit: it seems they had removed it on purpose and added it back to elaborate on the decision and that it wasn't removed to signal something --- seemingly: "So after thinking about this ... we have decided to move away from ... canaries and instead publish a ... report located at ..."


Doesn't matter. The moment the canary died, they became a compromised agent whose further statements are to be interpreted as being manipulated by secret court order.

If your canary dies, you can buy a new one, but you still have deadly gas in your mine. You can't trust the words or actions of someone who just declared they have been compromised.


>Doesn't matter. The moment the canary died, they became a compromised agent whose further statements are to be interpreted as being manipulated by secret court order.

I don't think you can draw that conclusion. As I understand it, the NSL can only compell them to shut up about it, but it cannot compell them to dish out arbitrary lies and false justifications for taking the canary down.


We can and should draw that conclusion. Anything less compromises the canary system. I'm not going to bet my security on someone who frivolously shouts fire in a crowded theater, even if they later say they were only kidding.


You can of course do whatever you want as a consequence of what they are saying or doing.

What I'm saying is that it doesn't logically follow from the legal situation that their "further statements are to be interpreted as being manipulated by secret court order".

The FBI cannot arbitrarily manipulate SpiderOak's further statements.


Whether or not they are actually being manipulated is not important. They should be treated as if they are.

the logical flow is:

1: "I declare that if this canary is removed for any reason, it is to be assumed that I have been served an NSL and I may no longer be trusted"

2: Canary is removed.

3: You are no longer trusted.

4: Further statements are made, but they can not be trusted.

QED


You are drawing conclusions from a false premise.

They never declared that if the warrant canary dies they can no longer be trusted in anything they say or do ever again.

We know exactly what they can and cannot legally say or do once an NSL has been served. Therefore we also know that they cannot be legally compelled to make false statements.


You're right, it's more likely they are putting out the statement because they don't want their business to be ruined by having admitted to receiving an NSL. There are many ways someone can be coerced, and I don't need to guess the one in play here to discount their further excuses out of hand. At the point at which the canary is removed, their untrustworthiness is tautological; there is no combination of truth values which result in them being considered trustworthy.

That is the feature of canaries that makes them respected, and the need for such features is why secret courts are so corrosive to our society.


While I agree the canary should be considered dead on principle, I don't find this particular argument very convincing.

I think the main point here needs to be that the entire notion of a canary only works if we can count on them being killed only for the purpose they were created. If it becomes acceptable to kill canaries because the signers are tired of signing them then we have a bit of a problem.

Now, for this specific case...

It sounds like you are arguing that a NSL has compelled them to make false statements. This seems fairly unlikely given what we know about the current legal situation. The idea that they may be lying for the sake of their business is more convincing.

However, if they are lying for whatever reason, why not just continue to sign the canary? The only plausible reason to do this is some sort of malicious compliance with a sloppily worded order compelling them to lie. It would make no sense for them to decide to lie for the sake of the business and then do all of this instead of just signing the canary.

If they have received a NSL this basically leaves two sequences of events, both of which contain some rather unlikely events. If I had to bet, I'd probably bet against them having received a NSL.

However, the canary should still be considered dead. They literally killed the canary. Their reasoning provided for it is really quite bad. Basically they ask users to trust their unsigned website because users already trust their (closed source) code. So they have either received a much more powerful NSL than thought legally possible, or are doing the worlds worst job of lying about not receiving a NSL, or they have not received a NSL and view a regular page on their website as a suitable alternative to their previous solution which involved three people in three different countries signing the canaries with keys stored on air-gapped computers. If you are counting on them for security, none of options are good.


I think there's an argument to be made that the canary continuing to live is not sufficient to establish trust, for the reason you outlined. However, given that it is in fact dead, this is sufficient to revoke trust-- as you also pointed out, none of the scenarios are good for them.

As for why they would kill the canary and then backtrack, I think a plausible story could be that the canary was killed by an engineer, and then the backtracking happened by management because they don't want to own the consequences. This could explain why there was a delay between removing the canary and putting out a cover story.

Collectively as an organization, they're either acting in bad faith for whatever reason, or else they're incompetent.


I mean, a canary is only as good as your trust in the people putting it out.

As for the engineer/management idea,their statement revoking it was signed the same as their canary. Aside from the exceptional circumstances I described earlier, if you trusted their canary then the statement should be trusted too.

Like I said, I think we're most likely looking at incompetence.


If, for the sake of argument, a hostile (to the security of SpiderOak users) government actor was able to arbitrarily manipulate SpiderOak's further statements for purposes of furthering said government agency's goals, what might they have it say and how would those government-sourced statements differ from what we're seeing?


It doesn't have to be direct manipulation, and it doesn't have to further a government agency's goals. It could be a voluntary self-interested act by SpiderOak, and they should still have trust removed.


Oh, I agree that they cannot now be trusted. I was just trying to indirectly make the point that from our POV SpiderOak acknowledging they made a mistake, or them deliberately covering for a NSL look identical.


> The FBI cannot arbitrarily manipulate SpiderOak's further statements.

Maybe not directly, but they could be coerced into it. A sort of "it's in your best interest to redact XYZ.. or else" unwritten statement would do the trick for most folks.


you should never base your decision on something published on the web site. you should rather base your decision on review of open source code, and on-device key management.

right?


Since none of this has been tested in court, the subsequent statements could be insurance on their part to avoid a bad outcome. Conceivably a prosecutor could argue that by removing the canary, they've published one bit of information in violation of the gag order. By publishing a bunch of excuses for their action, they give a jury reason to disagree.


That's a possibility, but it seems rather contrived. Maybe the FBI threatened to challange their canary in the courts unless they came up with some sort of credible excuse for killing it.


I'm sure canaries died of natural causes in the mines occasionally...


And when they did, miners rightly evacuated the area until the canary's cause of death could be confirmed.


Can someone explain what a Warrant Canary is and why it needs to be removed?

From my understanding, a Warrant Canary is a provision to disclose subpoena(s) that a company is not allowed to disclose and now SpiderOak is shutting down that provision?


Canaries were used in coal mines to detect deadly gas. If your canary dies, it means you might have a problem.

A warrant canary dies when a warrant is served. If a company has a statement that says "We have not been served a warrant as of X date" and they update it monthly, then they suddenly stop updating it or remove that statement, the canary has died. They might have been served with a warrant.

It's also possible that the canary died of natural causes, of course. It could be that a lawyer told them it was a bad idea, or maybe a shift in management removed it. But there's no way to know.


To expand on this.

This is done as it is usually presumed the government can legally force your silence, but can't force you to say something (e.g we hadn't received secret warrant, last updated: Aug, 08)


And to even further expand on it, the reason why they usually have a date is because it would be possible to argue that a company could be forced to keep an existing document on their website (since they aren't being forced to say something against their will, so much as being forced to not stop saying something they've already said). So the expiry is quite important in the function of a warrant canary.

Although it should be noted that as far as I'm aware, warrant canaries haven't actually gone through the court system to determine if they are actually a legal way of circumventing gag orders. Not to mention that the legality of warrant canaries has mostly only been discussed by internet lawyers in relation to US laws -- in other jurisdictions they may not work at all (I've spoken to some Australian lawyers and they think that even the basis of the theoretical arguments don't apply in Australia).

On the other hand, I don't know of any company that has actually used warrant canaries (and has "activated them" like Reddit did) which ended up being tried for violation of the NSL's gag order.


Miners used to bring canary birds with them when mining. If they hit poisonous gas, the canary would die before the miners, alerting them to the gas.

The government can issue secret warrants to companies that they are not allowed to disclose, requiring them to hand over customer data. A warrant canary is a periodical statement from a company that they have not received such a warrant. The idea is that if they do receive a warrant, they will stop publishing the warrant, and the court can't compel them to.


A warrant canary states "We have not complied with any subpoenas that disclosed user data". All that has to happen upon complying with a warrant that requires user data is to remove / not republish the canary.

The idea being that a gag order cannot force you to speak, only prohibit you from speaking. Thus, a gag-order cannot force you to continue publishing a canary. Often, canaries have an 'expiry date' after which they will be republished. This is to avoid 'removing a document' as being interpreted as speech, and thus prohibited by gag order.

Now spideroak had a canary with an expiration of 1 aug. They did not republish; and 3 days later, gave an explanation why. In this explanation they state they will switch to a slightly different, non-cryptographically signed document that is much like a warrant canary. The 3 day gap is most notable here. Spideroak states that the cryptographic signing wasn't useful because you need to trust the signers, who are the same people that publish on the website.


Regardless of the stated reason for the canary to be removed, there is a responsibility in deploying a warrant canary that must be upheld. In this case, the canary is dead and the responsibility is now on users to judge what they should make of that.

I, for one, would not use their service going forward.


Isn't it anyway safe to assume that Internet providers worldwide have to give access to security services etc. (or are even happy to cooperate without any legal pressure)?


I've had some mixed feelings about SpiderOak in the past, but at least they did this right.

Props to them for making a canary and then following through on it.


Or it doesn't mean anything. Who knows, that's the beauty of it.


SpiderOak basically said "if we do this, you should stop using us" (well, if you care about warrant canaries). And then they did it.

It doesn't mean that they received a warrant, but it does mean SpiderOak is telling you not to use them, and I think that when a service tell you that, for whatever reason, it means quite a lot. :)

(Even if, as you suggest further down, they received legal advice that warrant canaries were a bad idea and they needed to take it down, the way they handled the entire process makes it clear that they aren't taking this seriously. Posting a warrant canary, updating it regularly, and then taking it down while not telling the real (legit) reason is reckless at best, and in my view is basically the worst way they could handle it.)

Whatever a realistic estimation of SpiderOak's security was before this news, I think it has to be strictly lower now, right?

(Mind you...on further reflection I'm not convinced the transparency report is any more - or less - meaningful than the canary. The theory behind both is that the government cannot compel false speech. If that's true, then both are equally protective; if it's false, both are equally pointless. SpiderOak did say "if we stop updating this stop using us", and then they stopped updating it, but...then they published a transparency report saying "0 NSLs". So...maybe they're just really awful at communication.)


I think nobody really needs to know exactly what's happening to make the right decision.

People that are serious about opsec/etc. will read this (fuzzy/distorted) signal and jump ship. They will not be dwelling on the nature of this signal.


I have a hard time believing that People that are serious about opsec/etc. even care about the warrant canary to begin with.

People with real concerns aren't going to rely on an untested legal gizmo.


If it's gone, it means that have received a warrant.

That's the whole point of the warrant canary.


Well no, it means that either they've been compromised and thus shouldn't be trusted anymore, or they forgot (?) to update their canary which means they shouldn't be trusted anymore.

Don't "who knows?" on this subject, it makes you look like a government shill trying to lull privacy conscious people into indifference.


> makes you look like a government shill

We're on a site where we strive to assume good faith, avoid name calling, reply to the argument not the person, take the strongest possible form of what someone is saying (iron man not straw man), etc.

https://news.ycombinator.com/newsguidelines.html


What if their lawyer explained to them that removing the canary for a reason was likely to be criminal and they removed it preemptively?

Unless you want to cite a bunch of jurisprudence that warrant canaries actually work, I'm gonna stick on "who knows", even though I'm not a government shill (I'm more "pragmatic about who really has the power in that particular relationship").


It doesn't matter what kind of excuses they give. Once a canary is dead, everyone should behave as if the target has been compromised. That is what the canary is for, and once you sign it, you can't just go back.

If you don't continue updating a deadman's switch, it doesn't matter if you died or not: it activates.


> What if their lawyer explained to them that removing the canary for a reason was likely to be criminal and they removed it preemptively?

Then a nice solution would be to say "our lawyer explained to us that removing the canary for a reason is likely to be criminal, so we're letting you know we're going to remove it in 2 months to make you more sure we're not doing it in response to a current issue".


And people would have precisely the same primary reaction (as they should) but then would also get angry at SpiderOak for "poisoning the well" with doubts about the legality of warrant canaries. To be clear, as far as I know there is no legal precedent that says warrant canaries are a legal way of subverting gag orders (then again, the fact there is no such legal case even though Reddit activated their warrant canary could point in the favour that the US government doesn't want to try their luck in court).


Technically, this is why the canary had an expiration. This means they did not need to remove the canary, just let it expire and refuse to publish a new canary.


also note earlier in their feed, a few hours before they announced the death of the canary, they had a 'full system outage due to a poorly communicated maintenance by their ISP'. To me, this screams "Narus box at our edge" or similar shady behavior.


I've been using spideroak and encryptr for a while and I'm assuming the data stored by them up until now is secure given that it was a zero knowledge service. Any opinions on this?


Unless you manually manage your keys, it's only zero knowledge if you never log into their website or use their Android app, either of which gets your key onto their servers.


Give that it looks like the canary just did its job, it would be prudent to assume SpiderOak is now compromised in some way. Therefore, it's probably safer to assume that all data stored on it up to this point is also somehow compromised too.


That would depend on whether you trust that they are zero-knowledge. It is certainly possible to build a client that works like that, but their client wasn't open source, so there is no way to confirm this.

However, if you trust them on the canary, why distrust them on the claim their service was zero-knowledge. It might make sense if they are 'amoral enough' to lie about being zero-knowledge, but 'moral enough' to admit to being served a warrant. I think space for that level of morality exists, but is small. The other issue would be if they weren't zero-knowledge through an unintended bug.

I can't really give a definitive judgement.


If your threat model includes any sovereign state's intelligence agency then a warrant canary is worse than useless. Given their other widely abused powers it is likely trivial to force a normal company to continue business as normal and make any statement.

I submit that warrant canaries are at best legally and politically naive virtue signalling and at worst deliberate obfuscation of the actual threat model.


Why do these companies not make use of international, cross border solutions?

I am bound by the law of France but my associate in the US could not care less and vice versa. If we cross check, say, code daily and I see a discrepancy then I raise an alert on my .fr page, controlled by myself. He would not be involved.


IIRC their yum repository is having some GPG signing issues as well. This isn't increasing my confidence.


Any ideas on how many people in the company would know about it? If it's quite a few, one would take the chance on writing anon to a tech writer /activist. But that too is easier said than done...FBI would not be happy and they have a lot of cards in their hand.


don't be mad. This is exactly what a canary is for.


If you look at the comment they debate that a candy can mean the service is not as secure as it was, like truecrypt did use its canary.


If the meaning of the removal of a warrant canary is debatable, it has not done its job very well. Presumably, there are people who would prefer that whatever the removal implies does not become the widely accepted view, and one tactic they could use, against it so becoming, is to raise doubts about what its removal does mean.


I think you're wrong about Truecrypt, it's still safe but just won't ever be updated.

https://www.grc.com/misc/truecrypt/truecrypt.htm


I get their point, but just as it might be "foolish" to assume that software which was audited is no longer secure just because the developers have stopped working on it, it is also "foolish" to use cryptographic software that is not being worked on actively by experts. And since TrueCrypt is proprietary, people should not be using it anyway (not because you cannot read or modify the source code but because the license itself is "full of traps" according to the fedora-legal team[1])-- Linux's dm-crypt can decrypt TrueCrypt volumes (though it's read-only from memory) if you need legacy support.

[1]: https://lists.freedesktop.org/archives/distributions/2008-Oc...


With the level of uncertainty and the suspicious circumstances behind the author you can’t really consider it’s safe to use considering the threat model.


Truecrypt may be secure, but linking to GRC is going to persuade me that it isn't.


Who can you trust? I use trucrypt to encrypt my windows machine but I've been thinking about moving away from it because it seems to cause issues with some windows updates. So if not Truecrypt, what, bitlocker?


You can upgrade to VeraCrypt [1] which is a continuation of TrueCrypt. It's backwards compatible with TrueCrypt volumes but also fixes a bunch of issues that have been found in TrueCrypt code. It also supports newer features like EFI boot and Windows 10 big updates.

--

[1] https://www.veracrypt.fr/


Hi strom,do you have experience using this? I tried it a couple of years back on a new pc but I had some issue (I cant't remember what it was) with full disk encryption which caused me to go with Truecrypt.


Yes I used to use TrueCrypt but have been using VeraCrypt on all my computers for about a year now. Most recent issue I had was with EFI boot and major Windows 10 updates, but the latest beta of VeraCrypt addresses that issue as well.


Good to know, I'll definitely give it as go as the windows update issue with Truecrypt is a pain. Thanks.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: