Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [23:50] --> You (~valdikss@92.42.31.58) have joined the channel #truecrypt.
- [23:50] *** The channel topic is "TrueCrypt v7.1a (07-Feb-2012) @ http://truecrypt.org/ - Please ask your question and stay a while (don't leave us)! :)".
- [23:50] *** The topic was set by Raccoon!wayward@unaffiliated/raccoon on 12.03.14 23:08.
- [23:50] *** Channel URL: http://www.truecrypt.org
- [23:50] <ValdikSS> hi
- [23:50] <froax> but remember truecyrpt is not a free software, the entiere free software is tc-play ;)
- [23:50] *** Channel modes: g, no messages from outside, topic protection
- [23:50] *** This channel was created on 16.06.10 02:50.
- [23:50] <ValdikSS> what's going on?
- [23:50] <hazardous> hi
- [23:50] <hazardous> yes we know don't touch it
- [23:50] <Darky> linking the development of TC with MS's end of support for XP makes no sense to me
- [23:50] <-- froax (~froax@unaffiliated/froax) has left this channel ("Leaving").
- [23:50] <hazardous> so who owns this channel lol
- [23:51] <Darky> Raccoon does
- [23:51] <Darky> but he's afk
- [23:51] <plus> is raccoon a TC dev
- [23:51] <Darky> no
- [23:51] <plus> welp
- [23:51] <Darky> well maybe, but TC devs have never told who they are
- [23:51] <ValdikSS> Is only the site got hacked?
- [23:51] <ValdikSS> Not downloads?
- [23:52] <znf> don't download that .exe
- [23:52] <znf> it's most likely changed
- [23:52] <plus> The files listed have all been recently changed
- [23:52] <plus> Definitely do not download them
- [23:52] <Darky> I wouldn't download them
- [23:52] <ValdikSS> Let's check signatures
- [23:52] <hazardous> otoh i just downloaded all of them and uploaded them to f-secure hydra
- [23:52] <ValdikSS> Do you guys have old keys?
- [23:52] <znf> Last version was 7.1 afaik?
- [23:52] <hazardous> btw, do `curl http://www.truecrypt.org/xxxxxxxx'
- [23:53] <ValdikSS> extra/truecrypt 1:7.1a-2
- [23:53] <ValdikSS> Free open-source cross-platform disk encryption software
- [23:53] <hazardous> or use a browser that ignores redirects
- [23:53] --> bontibon (~bontibon@unaffiliated/bontibon) has joined this channel.
- [23:53] <plus> hazardous: specifically that url?
- [23:53] <hazardous> anything
- [23:53] <hazardous> /* redirects to a custom page now
- [23:53] <hazardous> i assumed it was just the frontpage
- [23:53] <hazardous> but apparently not
- [23:53] <ValdikSS> it's front for me
- [23:53] <ValdikSS> <meta http-equiv="refresh" content="2;URL='http://truecrypt.sourceforge.net/'" />
- [23:54] <ValdikSS> so guys
- [23:54] <ValdikSS> does anybody has keys?
- [23:54] <ValdikSS> old keys
- [23:54] <Darky> ValdikSS: they got the site, and the sourceforge page
- [23:54] <hazardous> yea
- [23:54] <hazardous> https://www.google.com/search?q="C5F4+BAC4+A7B2+"
- [23:54] <Darky> the keys could have been compromised too for all we know
- [23:55] <plus> https://twitter.com/cynicalsecurity/status/471739884680794112
- [23:56] <plus> according to this guy the new binaries are signed with the same keys
- [23:56] <ValdikSS> hey
- [23:56] <ValdikSS> there is shasum in archlinux pkgbuild
- [23:56] <ValdikSS> i'll check now
- [23:56] <hazardous> i want to know if the 7.2 src matches the exe
- [23:56] <plus> shasum will be different
- [23:56] <hazardous> because for all we know, exe and dmg might be tampered
- [23:56] <plus> because the binaries have been changed
- [23:56] <hazardous> but source might not be
- [23:56] --> maciek (maciek@unaffiliated/maciek) has joined this channel.
- [23:56] <Darky> but the source might be... someone has to check
- [23:56] <maciek> hi?
- [23:56] <ValdikSS> md5sum should be 102d9652681db11c813610882332ae48
- [23:57] <Darky> also the fact they they removed all the old versions from sourceforge is really fishy
- [23:57] <plus> ValdikSS: checksums aren't going to tell you anything
- [23:57] <maciek> someone hacked truecrypt's website on SF?
- [23:57] <plus> they are going to be different whether or not this is legit
- [23:57] <ValdikSS> plus: and the sig is saved actually
- [23:57] --> genii (~quassel@ubuntu/member/genii) has joined this channel.
- [23:57] <Darky> pretty sure that's the case yes, not only that but everything else too.
- [23:57] <ValdikSS> ftp://ftp.archlinux.org/other/tc/truecrypt-7.1a.tar.gz
- [23:57] <ValdikSS> ftp://ftp.archlinux.org/other/tc/truecrypt-7.1a.tar.gz.sig
- [23:58] <ValdikSS> but that may be custom build, not sure
- [23:58] <plus> I'm pretty sure the signatures in the archlinux repository are going to be by the archlinux repository maintainers, not upstream.
- [23:59] <ValdikSS> https://www.alchemistowl.org/arrigo/truecrypt-7.1a-7.2.diff.gz diff!
- [23:59] --> BlueMatt (~BlueMatt@unaffiliated/bluematt) has joined this channel.
- [23:59] <ValdikSS> The signature of the TrueCrypt .exe was made on Tue May 27 12:58:45 2014 EDT using DSA key ID F0D6B1E0.
- [23:59] <hazardous> pub 1024D/F0D6B1E0 uid TrueCrypt Foundation
- [00:00] <ValdikSS> there was an email from sourceforge on may 22
- [00:00] <ValdikSS> they switched to another hash algo for passwords
- [00:00] --> Wessie (~Wessie@ip5651e009.adsl-surfen.hetnet.nl) has joined this channel.
- [00:00] <ValdikSS> and wanted everybody to change their passwords
- [00:00] <hazardous> do you have a copy of that
- [00:00] <ValdikSS> sure
- [00:02] <hazardous> http://sourceforge.net/blog/sourceforge-net-password-reset-required/
- [00:02] <ValdikSS> http://pastebin.com/PMgmXPYj
- [00:03] <hazardous> i want to know why that is vaguely worded
- [00:03] <hazardous> incredibly vaguely worded
- [00:03] --> cnu_ (~u@s8635.dmz.se) has joined this channel.
- [00:03] <genii> Did the site get compromised?
- [00:03] --> ivan (~ivan@unaffiliated/ivan/x-000001) has joined this channel.
- [00:04] <ValdikSS> https://defuse.ca/files2/TrueCrypt-Foundation-Public-Key.asc old key
- [00:04] <hazardous> ValdikSS: the way they worded that
- [00:04] <ValdikSS> strings TrueCrypt-7.2.exe | grep "Using TrueCrypt is not secure"
- [00:04] <Darky> genii: probably yes, the site and everything else
- [00:04] <hazardous> seriously sounds like someone got the sf userdb or something
- [00:04] --> baizon (~baizon@unaffiliated/baizon) has joined this channel.
- [00:05] <baizon> !admin
- [00:05] <baizon> website was hacked :/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement