Starting from version 1.26.7, VeraCrypt discontinued support for the TrueCrypt format to prioritize the highest security standards. However, recognizing the transitionary needs of our users, we have preserved version 1.25.9, the last to support the TrueCrypt format.
On this page, users can find download links for version 1.25.9, specifically provided for converting TrueCrypt volumes to the more secure VeraCrypt format. We strongly recommend transitioning to VeraCrypt volumes and using our latest releases for ongoing encryption needs, as they encompass the latest security enhancements.
ZKLP system allows apps to confirm user presence in a region without exposing exactly where
Computer scientists from universities in Germany, Hong Kong, and the United Kingdom have proposed a way to provide verifiable claims about location data without surrendering privacy.
The technique, referred to as Zero-Knowledge Location Privacy (ZKLP), aims to provide access to unverified location data in a way that preserves privacy without sacrificing accuracy and utility for applications that might rely on such data. It's described in a paper [PDF] presented this week at the 2025 IEEE Symposium on Security and Privacy.
The original leak site that never sold out, never surrendered //
Obituary John Young, the co-founder of the legendary internet archive Cryptome, died at the age of 89 on March 28. The Register talked to friends and peers who gave tribute to a bright, pugnacious man who was devoted to the public's right to know.
Before WikiLeaks, OpenLeaks, BayFiles, or Transparency Toolkit, there was Cryptome - an open internet archive that inspired them all, helped ignite the first digital crypto war, and even gave Julian Assange his start before falling out with him on principle. //
The feds launched an investigation into Zimmermann and PGP under the Arms Export Control Act. That investigation was dropped and the source code was eventually published in print, but it inspired Young to launch Cryptome in 1996. His goal: publish documents about encryption and other matters that the government didn't necessarily want people to know, so that people could make up their own minds.
GaidinBDJ Ars Scholae Palatinae
11y
1,266
Subscriptor
actor0 said:
Why do people think E2R encryption means the data can't be decrypted?
Probably a gross misunderstanding of encryption in general.ANYONE with access to the keys can unlock it.
The ones with access to the keys own the platform.
The one who own the platform are legally required to submit your info to Subpoena, Homeland Security warrants, and Patriot Act related actions.
This is totally incorrect.
With end-to-end encryption, the platform doesn't have the keys. The clients exchange keys through the platform, but it's done in a way that the platform doesn't know what they are. A subpoena doesn't let them provide information they don't have. The platform may have metadata about your message, but not the contents.
On the Wikipedia page for Diffie-Hellman key exchange there's a good diagram explaining the concept of how you can exchange private keys through public transport. It's the one down the page a bit where they use paint colors. In the real world, it's done with math, but the paint concept is sound to understand the underlying idea.
A team of researchers confirmed that behavior in a recently released formal analysis of WhatsApp group messaging. They reverse-engineered the app, described the formal cryptographic protocols, and provided theorems establishing the security guarantees that WhatsApp provides. Overall, they gave the messenger a clean bill of health, finding that it works securely and as described by WhatsApp.
They did, however, confirm a behavior that should give some group messaging users pause: Like other messengers billed as secure—with the notable exception of Signal—WhatsApp doesn’t provide any sort of cryptographic means for group management.
“This means that it is possible for the WhatsApp server to add new members to a group,” Martin R. Albrecht, a researcher at King's College in London, wrote in an email. “A correct client—like the official clients—will display this change but will not prevent it. Thus, any group chat that does not verify who has been added to the chat can potentially have their messages read.” //
By contrast, the open source Signal messenger provides a cryptographic assurance that only an existing group member designated as the group admin can add new members. //
Most messaging apps, including Signal, don’t certify the identity of their users. That means there’s no way Signal can verify that the person using an account named Alice does, in fact, belong to Alice. It’s fully possible that Malory could create an account and name it Alice. (As an aside, and in sharp contrast to Signal, the account members that belong to a given WhatsApp group are visible to insiders, hackers, and to anyone with a valid subpoena.)
Signal does, however, offer a feature known as safety numbers. It makes it easy for a user to verify the security of messages or calls with specific contacts. When two users verify out-of-band—meaning using a known valid email address or cell phone number of the other—that Signal is displaying the same safety number on both their devices, they can be assured that the person claiming to be Alice is, in fact, Alice.
- Airgapped raspberry pi computer with touch screen and camera
- Featuring LUKS full disk encryption
- For secure offline blockchain transactions and for secure encrypted messaging
- Move files across the airgap to other devices using QR-Codes
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation.
It’s full of good advice. I especially appreciate this warning:
When deciding whether to use Advanced Cryptography, start with a clear articulation of the problem, and use that to guide the development of an appropriate solution. That is, you should not start with an Advanced Cryptography technique, and then attempt to fit the functionality it provides to the problem.
And:
In almost all cases, it is bad practice for users to design and/or implement their own cryptography; this applies to Advanced Cryptography even more than traditional cryptography because of the complexity of the algorithms. It also applies to writing your own application based on a cryptographic library that implements the Advanced Cryptography primitive operations, because subtle flaws in how they are used can lead to serious security weaknesses.
To avoid having to deal with further issues relating to RSA keys, I've decided to migrate all my SSH keys to Ed25519.
Potential issues with RSA keys
- Key length growth: Will gradually require more bits to stay secure as compute capacity advances (Current minimum: 2048 bits)
- Not future proof: Potentially vulnerable to breaking by quantum computers
Advantages of Ed25519 (EdDSA) keys: - Performance: Ed25519 is the fastest performing algorithm across all metrics
- Security: EdDSA provides the highest security level as compared to other algorithms with the same key length (Source)
- Dummy proof: No need to specify number of bits when generating keys
- Shorter public keys: No wrangling with unwieldily long public key strings like in RSA 4096-bit
For context, 253 bits EdDSA is equivalent in strength to RSA ~3000 bits. As you can see, Ed25519 blows all other cryptographic algorithms out the water in terms of performance.
It’s hard to have a conversation with anyone in Washington these days without using Signal. I hate the app. It’s just one more messaging app that must be checked. Everyone in Washington, it seems, has Signal. Government officials use it. Reporters use it. Politicians on Capitol Hill use it. Hillary Clinton used an insecure email server. Everyone else just uses Signal, which, at least, is end-to-end encrypted.
With China thoroughly infiltrating our telecom system, no officials in DC are using built in phone messaging apps or voice to communicate important information now. Apple’s iMessage is robust and secure if the bubbles are blue. But someone may have their iCloud backup turned on, which would capture the chat. What’s App is fine and secure. But, again, someone might have a backup. Signal is secure and once a message is deleted, it is deleted. It is the preferred app.
For members of the Trump Administration, which last term saw rogue embedded progressives leaking classified information and even now has seen ICE raid information leak, bypassing government approved means of communications for Signal makes sense — the rogue bureaucrats provided the incentive.
But that is no excuse to add a reporter to a secure group chat trading information related to bombing the Houthis as the Trump national security team did. //
- This whole mess really does suggest that the Trump Administration, like the Biden Administration, has no clue how to get the Chinese out of our telecom networks.
The U.K. government appears to have quietly scrubbed encryption advice from government web pages, just weeks after demanding backdoor access to encrypted data stored on Apple’s cloud storage service, iCloud.
Once the backdoor exists, others will attempt to surreptitiously use it. A technical means of access can’t be limited to only people with proper legal authority. Its very existence invites others to try. In 2004, hackers—we don’t know who—breached a backdoor access capability in a major Greek cellphone network to spy on users, including the prime minister of Greece and other elected officials. Just last year, China hacked U.S. telecoms and gained access to their systems that provide eavesdropping on cellphone users, possibly including the presidential campaigns of both Donald Trump and Kamala Harris. That operation resulted in the FBI and the Cybersecurity and Infrastructure Security Agency recommending that everyone use end-to-end encrypted messaging for their own security. //
It’s a question of security vs. security. Yes, we are all more secure if the police are able to investigate and solve crimes. But we are also more secure if our data and communications are safe from eavesdropping. A backdoor in Apple’s security is not just harmful on a personal level, it’s harmful to national security. We live in a world where everyone communicates electronically and stores their important data on a computer. These computers and phones are used by every national leader, member of a legislature, police officer, judge, CEO, journalist, dissident, political operative, and citizen. They need to be as secure as possible: from account takeovers, from ransomware, from foreign spying and manipulation. Remember that the FBI recommended that we all use backdoor-free end-to-end encryption for messaging just a few months ago.
Securing digital systems is hard. Defenders must defeat every attack, while eavesdroppers need one attack that works. Given how essential these devices are, we need to adopt a defense-dominant strategy. To do anything else makes us all less safe. //
Stéphan • February 26, 2025 7:37 AM
It will be interesting to see if the UK Govt is satisfied with the disabling of ADP, because that would confirm the backdoor is already in place for non-ADP iCloud accounts. Which would mean it is likely also in place for non-E2E-encrypted cloud services like Google and MS365 accounts. With this move Apple came up with a clever canary about the true underlying situation.
End-to-end encryption for things that matter.
Keybase is secure messaging and file-sharing.
When the FBI urges E2EE, you know it's serious business. //
In the wake of the Salt Typhoon hacks, which lawmakers and privacy advocates alike have called the worst telecoms breach in America's history, the US government agencies have reversed course on encryption.
After decades of advocating against using this type of secure messaging, "encryption is your friend," Jeff Greene, CISA's executive assistant director for cybersecurity, told journalists last month at a press briefing with a senior FBI official, who also advised us to use "responsibly managed encryption" for phone calls and text messages.
In December, CISA published formal guidance [PDF] on how to keep Chinese government spies off mobile devices, and "strongly urged" politicians and senior government officials — these are "highly targeted" individuals that are "likely to possess information of interest to these threat actors" — to ditch regular phone calls and messaging apps and instead use only end-to-end encrypted communications.
It's a major about-face from the feds, which have historically demanded law enforcement needs a backdoor to access people's communications — but only for crime-fighting and terrorism-preventing purposes.
"We know that bad guys can walk through the same doors that are supposedly built for the good guys," Virtru CEO and co-founder John Ackerly told The Register. "It's one thing to tap hardline wires or voice communication. It's yet another to open up the spigot to all digital communication." //
Pete 2Silver badge
Who's who?
"We know that bad guys can walk through the same doors that are supposedly built for the good guys,"
Although which are the good / bad guys is increasingly difficult to determine. //
Aleph0
Reply Icon
Re: Who's who?
The Patrician to Captain Vimes, in Guards! Guards!: "I believe you find life such a problem because you think there are the good people and the bad people," said the man. "You're wrong, of course. There are, always and only, the bad people, but some of them are on opposite sides.". //
Al fazed
Reply Icon
WTF?
Re: I bet . . .
and the only people interested in spying on you are good people, who have your best interests at heart.
A few of us don't believe this bullsh*t, even here in the UK.
ALF. //
Caffeinated Sponge
Reply Icon
Re: I bet . . .
The last I heard, British Conservatives were still all over the idea that 'only people with something to hide should want encryption'.
Of course, as with the Sir Pterry quote above, whilst this is actually true it is built around the easy to sell misconception that the only people with anything to hide are bad people.
Ente Auth
Open source 2FA authenticator, with end-to-end encrypted backups
Secure Backups
Auth provides end-to-end encrypted cloud backups so you don't have to worry about losing your tokens. Our cryptography has been externally audited.
Cross platform sync
Auth has an app for every platform. Mobile, desktop and web. Your codes sync across all your devices, end-to-end encrypted.
Let’s go through the entire Tailscale system from bottom to top, the same way we built it (but skipping some zigzags we took along the way). With this information, you should be able to build your own Tailscale replacement… except you don’t have to, since our node software is open source and we have a flexible free plan.
What was missed in almost all the reports covering Salt Typhoon was the FBI’s precise warning. “Responsibly managed” encryption is a game-changer. None of the messaging platforms which cyber experts and the media urged SMS/RCS users to switch to are “responsibly managed” under this definition.
The FBI has now expanded on its warning last week, telling me that “law enforcement supports strong, responsibly managed encryption. This encryption should be designed to protect people’s privacy and also managed so U.S. tech companies can provide readable content in response to a lawful court order.”. //
There are just three providers of end-to-end encrypted messaging that matter. Apple, Google and Meta—albeit Signal provides a smaller platform favored by security experts. These are the “U.S. tech companies” the FBI says should change platforms and policy to “provide readable content in response to a lawful court order.”
This doesn’t mean giving the FBI or other agencies a direct line into content, it means Meta, Apple and Google should have the means, the keys to provide content when warranted to do so by a court. Right now they cannot, Police chiefs and other agencies describe this situation as “going dark” and they want it to change. //
This is a dilemma. Apple, Google and Meta all make a virtue of their own lack of access to user content. Apple, by way of example, assures that “end-to-end encrypted data can be decrypted only on your trusted devices where you're signed in to your Apple Account. No one else can access your end-to-end encrypted data—not even Apple—and this data remains secure even in the case of a data breach in the cloud.” //
The argument against “responsible encryption” is very simple. Content is either secure or it’s not. “A backdoor for anybody is a backdoor for everybody.” If someone else has a key to your content, regardless of the policies protecting its use, then your content is exposed and at risk. That’s why the security community feels so strongly about this—it’s seen as black and white, as binary. ///
Oh the irony! The Chinese are exploiting the very backdoor that the FBI insisted that phone companies had to install, and the FBI is doubling down on having a backdoor into encrypted communication.
A US government security official urged Americans to use encrypted messaging as major telecom companies struggle to evict Chinese hackers from their networks. The attack has been attributed to a Chinese hacking group called Salt Typhoon.
There have been reports since early October that Chinese government hackers penetrated the networks of telecoms and may have gained access to systems used for court-authorized wiretaps of communications networks. Impacted telcos reportedly include Verizon, AT&T, T-Mobile, and Lumen (also known as CenturyLink).
T-Mobile has said its own network wasn't hacked but that it severed a connection it had to a different provider whose network was hacked. Lumen has said it has no evidence that customer data on its network was accessed. //
Despite recognizing the security benefits of encryption, US officials have for many years sought backdoors that would give the government access to encrypted communications. Supporters of end-to-end encryption have pointed out that backdoors can also be used by criminal hackers and other nation-states.
"For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys," cryptographer Bruce Schneier wrote after the Chinese hacking of telecom networks was reported in October.
Noting the apparent hacking of systems for court-ordered wiretap requests, Schneier called it "one more example of a backdoor access mechanism being targeted by the 'wrong' eavesdroppers." //
These telecommunications companies are responsible for their lax cybersecurity and their failure to secure their own systems, but the government shares much of the blame," US Sen. Ron Wyden (D-Ore.) wrote in an October 11 letter to the FCC and Justice Department. "The surveillance systems reportedly hacked were mandated by federal law, through the Communications Assistance for Law Enforcement Act (CALEA). CALEA, which was enacted in 1994 at the urging of the Federal Bureau of Investigations (FBI), forced phone companies to install wiretapping technology into then-emerging digital phone networks. In 2006, acting on a request from the FBI, the Federal Communications Commission (FCC) expanded this backdoor mandate to broadband Internet companies."
The headline is pretty scary: “China’s Quantum Computer Scientists Crack Military-Grade Encryption.”
No, it’s not true.
This debunking saved me the trouble of writing one. It all seems to have come from this news article, which wasn’t bad but was taken widely out of proportion.
Cryptography is safe, and will be for a long time
At the start of WWII, the US armed forces used various means for enciphering their confidential traffic. At the lowest level were hand ciphers. Above that were the M-94 and M-138 strip ciphers and at the top level a small number of highly advanced SIGABA cipher machines.
The Americans used the strip ciphers extensively however these were not only vulnerable to cryptanalysis but also difficult to use. Obviously a more modern and efficient means of enciphering was needed.
At that time Swedish inventor Boris Hagelin was trying to sell his cipher machines to foreign governments. He had already sold versions of his C-36, C-38 and B-211 cipher machines to European countries. He had also visited the United States in 1937 and 1939 in order to promote his C-36 machine and the electric C-38 with a keyboard called BC-38 but he was not successful (1). The Hagelin C-36 had 5 pin-wheels and the lugs on the drum were fixed in place. Hagelin modified the device by adding another pin-wheel and making the lugs moveable. This new machine was called Hagelin C-38 and it was much more secure compared to its predecessor.
In 1940 he brought to the US two copies of the hand operated C-38 and the Americans ordered 50 machines for evaluation. Once the devices were delivered, they underwent testing by the cryptologists of the Army’s Signal Intelligence Service and after approval it was adopted by the US armed forces for their midlevel traffic. Overall, more than 140.000 M-209’s were built for the US forces by the L.C. Smith and Corona Typewriters Company. (2) //
‘Report of interview with S/Sgt, Communications Section 79 Inf Div, 7th Army’. (dated March 1945) (51):
"The US Army code machine #209 was found to be something that hampered operations. It would take at least half hour to get a message through from the message center by use of this code machine and as a result the codes of particular importance or speed, for instance mortar messages, were sent in the clear."
Also, from the ‘Immediate report No. 126 (Combat Observations)’ - dated 6 May 1945 (52): ‘Information on the tactical situation is radioed or telephoned from the regiments to corps at hourly or more frequent intervals. Each officer observer averages about 30 messages per day.………………The M-209 converter proved too slow, cumbersome and inaccurate for transmission of those reports and was replaced by a simple prearranged message code with excellent results’.
This blog is reserved for more serious things, and ordinarily I wouldn’t spend time on questions like the above. But much as I’d like to spend my time writing about exciting topics, sometimes the world requires a bit of what Brad Delong calls “Intellectual Garbage Pickup,” namely: correcting wrong, or mostly-wrong ideas that spread unchecked across the Internet.
This post is inspired by the recent and concerning news that Telegram’s CEO Pavel Durov has been arrested by French authorities for its failure to sufficiently moderate content. While I don’t know the details, the use of criminal charges to coerce social media companies is a pretty worrying escalation, and I hope there’s more to the story.
But this arrest is not what I want to talk about today.
What I do want to talk about is one specific detail of the reporting. Specifically: the fact that nearly every news report about the arrest refers to Telegram as an “encrypted messaging app.”
This phrasing drives me nuts because in a very limited technical sense it’s not wrong. Yet in every sense that matters, it fundamentally misrepresents what Telegram is and how it works in practice. And this misrepresentation is bad for both journalists and particularly for Telegram’s users, many of whom could be badly hurt as a result.