Sign in / up

back to article TrueCrypt considered HARMFUL – downloads, website meddled to warn: 'It's not secure'

The website of popular drive-encryption software TrueCrypt has been ripped up and replaced with a stark warning to not use the crypto-tool. It's also distributing a new version of the software, 7.2, which appears to have been compromised. It's feared the project, run by a highly secretive team of anonymous developers, has been …

COMMENTS

House rules Send corrections
This topic is closed for new posts.

Page:

    1. PrivateCitizen
      Reply Icon

      Re: Hmm.

      TrueCrypt was more than just whole disk encryption.

      TrueCrypt provided a tool which allowed users to create portable storage and deniable containers - all in one cross platform bundle.

      It will be missed but even if it does return, will anyone ever be able to trust it again?

      0 0
  2. A J Stiles
    Holmes

    Hmm .....

    I smell an attempt by a proprietary software vendor to discredit Open Source software.

    Would they resort to this sort of tactics? Undoubtedly.

    I'm keeping an ear out for what the OpenBSD folks have to say about this. They are one of the few development teams I trust, and they don't distribute crap; if something isn't fit for OpenBSD, then they either patch it or drop it.

    2 2
    1. Destroy All Monsters Silver badge
      Reply Icon

      Re: Hmm .....

      if something isn't fit for OpenBSD, then they either patch it or drop it

      OpenSSL says that this is not so

      0 1
      1. A J Stiles
        Reply Icon

        Re: Hmm .....

        Looks like patching from where I'm sitting .....

        1 0
  3. PrivateCitizen

    TAILS and Sans

    Tails has been trying to get rid of Truecrypt for a while now:

    https://labs.riseup.net/code/issues/5373 and https://tails.boum.org/blueprint/replace_truecrypt.

    Looking at the changelog, zuluCrypt was added as an option on 19 May but the bit about "recent concerns" was added 29 May.

    Also, there is a SANS forensics presentation from 2010 which (on slide 23) covers Truecrypt and states "removed at the request of US government" - http://digital-forensics.sans.org/summit-archives/2010/18-lord-cryptanalysis.pdf

    0 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: TAILS and Sans

      Indeed.

      Sadly the nice zuluCrypt GUI (nicer than TC itself IMO) has so far been refused acceptance into Debian: https://bugs.debian.org/703911

      Seems there's a bit of a disagreement over permissions. Haven't looked into that AT ALL yet but obviously any binary operating on block devices must have appropriate authority... but wouldn't that be cryptetup/tcplay rather than a UI?

      I hope this TC implosion is taken as motivation to get the matter resolved, rather than an opportunity to suppress. The developer certainly seems willing and forthcoming. I wonder if we'll be made to watch him bang his head on a wall of excuses until he gives up and goes away...

      1 0

Page:

This topic is closed for new posts.

Other stories you might like