Windows system partition encryption: yes or no?

Heated discussions about long term goals please. Pretty much everything goes.

Windows system partition encryption: yes or no?

Postby diskobolos » Mon Jun 09, 2014 6:14 pm

Hi there;

I would like to suggest that Windows system partition encryption be removed from the "TC-continuation" project considered by this group. I was proposing the same, both (before it was introduced!) on the old TC forum, and recently on the short-lived truecrypt.ch site forum.

My arguments, in brief, are as follows:

It is of questionable value: MS Windows is unlikely to be used by anybody who really needs a high degree of computer security. It creates a false sense of security among the computer-naive users which might nevertheless have a real and pressing need to protect their data.

It adds a lot of complexity to the product and it is very expensive to maintain.

It is becoming increasingly difficult to keep up to date with new versions of the OS, as Microsoft is determined to make the early boot sequence ever more arcane and ever more closely integrated with the hardware and the BIOS and its descendants.

It practically guarantees that the build of MS Windows version of the program is impractical for an overwhelming majority of users.

It is brittle, and thus results in frequent data loss by inexperienced users.

It is a feature only available for one of the three OS-es that TC supports.

This was as brief as I could make it. If there is enough of a support for this to be seriously discussed, I will be more than glad to elaborate and address essential points from those that hold an opposite view.

Diskobolos
diskobolos
 
Posts: 2
Joined: Mon Jun 09, 2014 5:38 pm

Re: Windows system partition encryption: yes or no?

Postby Merlin » Mon Jun 09, 2014 6:27 pm

Essential points in opposition.

I have portable hardware, I require preboot authentication that's proof against transplanting my drive to another machine.

Windows leaks info like a sieve, at least with system encryption it's inaccessible with the machine shut down. This makes system encryption vital, rather than the reverse.

Many people don't trust self encrypting drives, Manufacturers may very well have means to bypass the encryption (I beleive there have been examples).

The whole hidden volume thing breaks down completely owing to OS leaks, unless you either support both system and hiddenOS encryption, or work from a live CD.

Everyone and his brother will scream, and just move to a different fork that still supports it if any such proposal were adopted (me included).

I'd use bitlocker (under protest) before I'd use such a lobotomised system, I wouldn't be the only one by one hell of a lot.
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby Resonance » Mon Jun 09, 2014 7:01 pm

Both sides make good points. I think a lot depends on the Ciphershed (let's call it Csh) team and how much time they have. Which leads me to a question: Do the Csh guys have a calendar worked out, or any idea how long it will take to replace TC names and logos?
User avatar
Resonance
 
Posts: 41
Joined: Sun Jun 08, 2014 11:02 am

Re: Windows system partition encryption: yes or no?

Postby Merlin » Mon Jun 09, 2014 7:45 pm

I'm afraid the OP's argument is equivalent to "nobody really serious about not getting burgled fits a wooden front door.. we should stop making locks for them!

Not everyone needs an armour plate door.

I couldn't care about three letter agencies, nor could most people, they just want their data protected if they leave their laptop on the bus/train/coffe shop table by accident.

System encryption is perfect for the job, if I needed higher security I'd take the trouble to either jump through the extra hoops windows requires (not completely impossible, just difficult) or use an alternative.

Many people are locked into Windows by applications they must run, they might indeed need high security, the fact it's hard is a reason to make the effort, not to give up and strand them.
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby diskobolos » Mon Jun 09, 2014 8:05 pm

Merlin wrote:I'd use bitlocker (under protest) before I'd use such a lobotomised system, I wouldn't be the only one by one hell of a lot.

If I knew your threat model and operational restrictions in some detail, my response might be different. However, making some assumptions, this is exactly what I believe you should do: use Bitlocker. You must trust Microsoft to some small degree; use what they are providing (a partially trusted solution?) for the operating system and whatever "leaked" data you are worried about. Use TC (a completely trusted solution) for a data partition ("d:" drive) and the bulk of your data.

I am not worried about a few snippets of C-code lines that might be left among the operating system files. I am worried about 50k lines of source code in an documented and organized local source repository, all of which belongs to my client. If a handfull of those lines are reconstructed by a competent forensic examiner of my OS system partition, there is no damage done whatsoever. Same with a laptop with a full database of thousands of patients or millions of taxpayers. Is your threat model so much diferent?

Diskobolos
diskobolos
 
Posts: 2
Joined: Mon Jun 09, 2014 5:38 pm

Re: Windows system partition encryption: yes or no?

Postby Sabbath » Mon Jun 09, 2014 8:57 pm

Hi Diskobolos

I see you are continuing your rather odd campaign to remove the single best feature from TC.

Removing the ability to encrypt the main drive of a computer from an encryption program is bizarre and almost certain death for the project. The only rational explanation is you have interests a competing product.

Your suggestion was defeated on the TC forum some years ago and more recently again on the truecrypt.ch forum.

Diskobolos wrote:It is of questionable value: MS Windows is unlikely to be used by anybody who really needs a high degree of computer security. It creates a false sense of security among the computer-naive users which might nevertheless have a real and pressing need to protect their data.


This is nothing more than operating system snobbery and also misleading. Should a windows users hard drive be stolen and it is not WDE a thief could effortlessly access all the data on the disk.

Are you actually trying to make us believe that a WDE drive is less or as equally secure as an unencrypted drive ?

Diskobolos wrote:It is brittle, and thus results in frequent data loss by inexperienced users.


I have used WDE since it was first released, never had a single issue with it. You are trying to frighten people unnecessarily.

Diskobolos wrote:It is a feature only available for one of the three OS-es that TC supports.


Nothing more than Windows envy, why not buy yourself a copy of Win7 and run your Linux distributions in a VM, you could have the best of both worlds.

Or better still make a feature request to have WDE for Linux.

Your argument appears to be if Linux users cannot have WDE security then you don't want windows user to enjoy it.

I was pleased to see Merlin seems to have dismissed your argument successfully, without the need for my intervention.
Sabbath
 
Posts: 49
Joined: Sat Jun 07, 2014 9:05 am

Re: Windows system partition encryption: yes or no?

Postby Merlin » Tue Jun 10, 2014 2:42 am

My threat model is irrelevent Microsoft no longer sell upgrades from win7 pro to ultimate, I'm stuck without bitlocker even if I wanted it, and for what the licences I can find cost I could buy a better laptop, which I also can't afford.

By all means make a feature request as Sabbath suggests, I'll streightaway post Macs should get it first, Linux already has open source encryption options..

And encryption of a second partition with Truecrypt results in data loss far more often than system encryption, people don't unassign the drive letter, and eventually the offer to format gets accepted.
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby WaywardGeek » Tue Jun 10, 2014 1:16 pm

This is a very interesting topic. The VeryCrypt guy thinks we should move from BIOS to UEFI, which would allow us to upgrade to a modern 32-bit compiler. How bad would it be to drop BIOS boot? Also, booting from an encrypted TrueCrypt disk is still vulnerable to the Evil Maid Attack, which I read about in the audit report. Another question is whether or not it makes sense to support TPM boot, which provides some (not perfect) defense against the Evil Maid Attack.

These ideas, along with several others I read today belong on a wish-list. How can we make one? Maybe a wiki page?
WaywardGeek
 
Posts: 40
Joined: Sat Jun 07, 2014 8:38 am

Re: Windows system partition encryption: yes or no?

Postby Merlin » Tue Jun 10, 2014 1:47 pm

Dropping BIOS boot would break TC for the majority of existing users, including absolutely me, I simply don't own a machine that supports UEFI, realistically you'll need to support both for some time (years), till win7/server 2008 hit EOL would be a minimum I'd think, they typically shipped preinstalled in a BIOS boot mode and changing requires a reinstall of the OS if the hardware even supports it.

Evil Maid is interesting, but then if your adversary is sophisticated and has repeated physical access to the machine, you're pretty much screwed anyway, you'd have to decide if TPM support is worth the trouble for the mitigation of some attacks it provides, versus the work involved to add it, then assign a priority accordingly. Incidentally, for anyone wanting to stop Evil Maid dead, with the existing setup, just nuke the on hard disk bootloader, and boot from the rescue image every time (cd or usb). TPM has to be optional, many older machines, especially desktops, don't have them, and many paranoids won't willingly use them.
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby compul » Tue Jun 10, 2014 1:54 pm

Im my opinion Evil Maid should definately be considered. There's enough scenarios I can imagine that scare me with it. Then again I'm paranoid. Then again that's a good thing.
User avatar
compul
Site Admin
 
Posts: 69
Joined: Fri Jun 06, 2014 6:15 pm

Next

Return to Long-Term Goals / Wish List

Who is online

Users browsing this forum: No registered users and 1 guest