SHARE
TWEET

Untitled

a guest May 28th, 2014 1,151 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [23:50] --> You (~valdikss@92.42.31.58) have joined the channel #truecrypt.
  2. [23:50] *** The channel topic is "TrueCrypt v7.1a (07-Feb-2012) @ http://truecrypt.org/ - Please ask your question and stay a while (don't leave us)! :)".
  3. [23:50] *** The topic was set by Raccoon!wayward@unaffiliated/raccoon on 12.03.14 23:08.
  4. [23:50] *** Channel URL: http://www.truecrypt.org
  5. [23:50] <ValdikSS> hi
  6. [23:50] <froax> but remember truecyrpt is not a free software, the entiere free software is tc-play ;)
  7. [23:50] *** Channel modes: g, no messages from outside, topic protection
  8. [23:50] *** This channel was created on 16.06.10 02:50.
  9. [23:50] <ValdikSS> what's going on?
  10. [23:50] <hazardous> hi
  11. [23:50] <hazardous> yes we know don't touch it
  12. [23:50] <Darky> linking the development of TC with MS's end of support for XP makes no sense to me
  13. [23:50] <-- froax (~froax@unaffiliated/froax) has left this channel ("Leaving").
  14. [23:50] <hazardous> so who owns this channel lol
  15. [23:51] <Darky> Raccoon does
  16. [23:51] <Darky> but he's afk
  17. [23:51] <plus> is raccoon a TC dev
  18. [23:51] <Darky> no
  19. [23:51] <plus> welp
  20. [23:51] <Darky> well maybe, but TC devs have never told who they are
  21. [23:51] <ValdikSS> Is only the site got hacked?
  22. [23:51] <ValdikSS> Not downloads?
  23. [23:52] <znf> don't download that .exe
  24. [23:52] <znf> it's most likely changed
  25. [23:52] <plus> The files listed have all been recently changed
  26. [23:52] <plus> Definitely do not download them
  27. [23:52] <Darky> I wouldn't download them
  28. [23:52] <ValdikSS> Let's check signatures
  29. [23:52] <hazardous> otoh i just downloaded all of them and uploaded them to f-secure hydra
  30. [23:52] <ValdikSS> Do you guys have old keys?
  31. [23:52] <znf> Last version was 7.1 afaik?
  32. [23:52] <hazardous> btw, do `curl http://www.truecrypt.org/xxxxxxxx'
  33. [23:53] <ValdikSS> extra/truecrypt 1:7.1a-2
  34. [23:53] <ValdikSS>     Free open-source cross-platform disk encryption software
  35. [23:53] <hazardous> or use a browser that ignores redirects
  36. [23:53] --> bontibon (~bontibon@unaffiliated/bontibon) has joined this channel.
  37. [23:53] <plus> hazardous: specifically that url?
  38. [23:53] <hazardous> anything
  39. [23:53] <hazardous> /* redirects to a custom page now
  40. [23:53] <hazardous> i assumed it was just the frontpage
  41. [23:53] <hazardous> but apparently not
  42. [23:53] <ValdikSS> it's front for me
  43. [23:53] <ValdikSS> <meta http-equiv="refresh" content="2;URL='http://truecrypt.sourceforge.net/'" />
  44. [23:54] <ValdikSS> so guys
  45. [23:54] <ValdikSS> does anybody has keys?
  46. [23:54] <ValdikSS> old keys
  47. [23:54] <Darky> ValdikSS: they got the site, and the sourceforge page
  48. [23:54] <hazardous> yea
  49. [23:54] <hazardous> https://www.google.com/search?q="C5F4+BAC4+A7B2+"
  50. [23:54] <Darky> the keys could have been compromised too for all we know
  51. [23:55] <plus> https://twitter.com/cynicalsecurity/status/471739884680794112
  52. [23:56] <plus> according to this guy the new binaries are signed with the same keys
  53. [23:56] <ValdikSS> hey
  54. [23:56] <ValdikSS> there is shasum in archlinux pkgbuild
  55. [23:56] <ValdikSS> i'll check now
  56. [23:56] <hazardous> i want to know if the 7.2 src matches the exe
  57. [23:56] <plus> shasum will be different
  58. [23:56] <hazardous> because for all we know, exe and dmg might be tampered
  59. [23:56] <plus> because the binaries have been changed
  60. [23:56] <hazardous> but source might not be
  61. [23:56] --> maciek (maciek@unaffiliated/maciek) has joined this channel.
  62. [23:56] <Darky> but the source might be... someone has to check
  63. [23:56] <maciek> hi?
  64. [23:56] <ValdikSS> md5sum should be 102d9652681db11c813610882332ae48
  65. [23:57] <Darky> also the fact they they removed all the old versions from sourceforge is really fishy
  66. [23:57] <plus> ValdikSS: checksums aren't going to tell you anything
  67. [23:57] <maciek> someone hacked truecrypt's website on SF?
  68. [23:57] <plus> they are going to be different whether or not this is legit
  69. [23:57] <ValdikSS> plus: and the sig is saved actually
  70. [23:57] --> genii (~quassel@ubuntu/member/genii) has joined this channel.
  71. [23:57] <Darky> pretty sure that's the case yes, not only that but everything else too.
  72. [23:57] <ValdikSS> ftp://ftp.archlinux.org/other/tc/truecrypt-7.1a.tar.gz
  73. [23:57] <ValdikSS> ftp://ftp.archlinux.org/other/tc/truecrypt-7.1a.tar.gz.sig
  74. [23:58] <ValdikSS> but that may be custom build, not sure
  75. [23:58] <plus> I'm pretty sure the signatures in the archlinux repository are going to be by the archlinux repository maintainers, not upstream.
  76. [23:59] <ValdikSS> https://www.alchemistowl.org/arrigo/truecrypt-7.1a-7.2.diff.gz  diff!
  77. [23:59] --> BlueMatt (~BlueMatt@unaffiliated/bluematt) has joined this channel.
  78. [23:59] <ValdikSS> The signature of the TrueCrypt .exe was made on Tue May 27 12:58:45 2014 EDT using DSA key ID F0D6B1E0.
  79. [23:59] <hazardous> pub 1024D/F0D6B1E0 uid TrueCrypt Foundation
  80. [00:00] <ValdikSS> there was an email from sourceforge on may 22
  81. [00:00] <ValdikSS> they switched to another hash algo for passwords
  82. [00:00] --> Wessie (~Wessie@ip5651e009.adsl-surfen.hetnet.nl) has joined this channel.
  83. [00:00] <ValdikSS> and wanted everybody to change their passwords
  84. [00:00] <hazardous> do you have a copy of that
  85. [00:00] <ValdikSS> sure
  86. [00:02] <hazardous> http://sourceforge.net/blog/sourceforge-net-password-reset-required/
  87. [00:02] <ValdikSS> http://pastebin.com/PMgmXPYj
  88. [00:03] <hazardous> i want to know why that is vaguely worded
  89. [00:03] <hazardous> incredibly vaguely worded
  90. [00:03] --> cnu_ (~u@s8635.dmz.se) has joined this channel.
  91. [00:03] <genii> Did the site get compromised?
  92. [00:03] --> ivan (~ivan@unaffiliated/ivan/x-000001) has joined this channel.
  93. [00:04] <ValdikSS> https://defuse.ca/files2/TrueCrypt-Foundation-Public-Key.asc old key
  94. [00:04] <hazardous> ValdikSS: the way they worded that
  95. [00:04] <ValdikSS> strings TrueCrypt-7.2.exe | grep "Using TrueCrypt is not secure"
  96. [00:04] <Darky> genii: probably yes, the site and everything else
  97. [00:04] <hazardous> seriously sounds like someone got the sf userdb or something
  98. [00:04] --> baizon (~baizon@unaffiliated/baizon) has joined this channel.
  99. [00:05] <baizon> !admin
  100. [00:05] <baizon> website was hacked :/
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top