If you visit the TrueCrypt website you will now see the following message. Not sure if it's legit?
Sources: truecrypt.org / truecrypt.sourceforge.net
The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.
Last edited by Arthur; 28th May 2014 at 09:47 PM.
Looks pretty legit to me. Shame!
Bring on eDrive for SSD's
I can't see it being true some how.
Looks like the NSA are finally burning bridges after been outed as the authors of truecrypt by Edward snowden.
Code audit found the NSA back door? Or perhaps they've had sufficent court orders, they are just closing shop like a crypto-email outfit last year?
I wouldn't trust Bitlocker for anything personal. I use Sophos Safeguard at work - but that's work!
The way the Windows executables are digitally signed is slightly different, although the DNS records for truecrypt.org haven't been modified since 2012 so it can't have been hijacked? I suppose their SourceForge account could have been hacked though?
- https://github.com/timothyarmstrong/...e/master...7.2 (Forked copy)
^ Source code diffs.
No trojans have been found (so far) in the new v7.2 EXE.
Last edited by Arthur; 29th May 2014 at 12:08 AM.
Back-door nonsense « System Integrity Team Blog - MSDN Blogs
Two weeks ago BBC News published an article speculating about a possible “back door” in BitLocker. The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data.
Over my dead body.
Well, maybe not literally---I'm not ready to be a martyr quite yet---but certainly not in any product I work on. And I’m not alone in that sentiment. The official line from high up is that we do not create back doors. And in the unlikely situation that we are forced to by law we’ll either announce it publicly or withdraw the entire feature. Back doors are simply not acceptable. Besides, they wouldn’t find anybody on this team willing to implement and test the back door.
So - what to use now then?
How about GPG?
speckytecky (29th May 2014)
I'm waiting for more information, while leaning towards "warrant canary" because this is an odd way to announce the end of a project. You usually get a ranty "I hate you guys and I'm closing the project", a "We just don't have any free time to continue working on the code, so we're closing the project" or (best case) "we've open-sourced the code, it'll be here for $foo long, fork if you want".
This just seems odd and not nearly petulant enough for a bunch of devs having a tantrum.
There are currently 1 users browsing this thread. (0 members and 1 guests)