Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TrueCrypt End of Life ?!


  • Please log in to reply
4 replies to this topic

#1 SpywareDoctor

SpywareDoctor

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 29 May 2014 - 10:31 AM

Schneier on Security > TrueCrypt WTF

I have no idea what's going on with TrueCrypt. There's a good summary of the story at ArsTechnica, and Slashdot, Hacker News, and Reddit all have long comment threads. See also Brian Krebs and Cory Doctorow.

Speculations include a massive hack of the TrueCrypt developers, some Lavabit-like forced shutdown, and an internal power struggle within TrueCrypt. I suppose we'll have to wait and see what develops.

Tags: encryption, TrueCrypt
Posted on May 29, 2014 at 8:02 AM42 Comments

 

BC AdBot (Login to Remove)

 


m

#2 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 29 May 2014 - 10:38 AM

Details posted here.

 

 

 

http://www.bleepingcomputer.com/forums/t/535875/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/



#3 mikrop

mikrop

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 30 May 2014 - 01:51 PM

We don't really know what happened and what caused the TrueCrypt developers to shut it down and walk away. However, the fact that truecrypt.org started warning people against using TrueCrypt does not make sense because it was , all of a sudden, not secure, and recommending "migration" from TrueCrypt to "Bitlocker…?!?", which is proprietary disk encryption software, included in Microsoft's Ultimate/Enterprise versions of Windows and is known to have a backdoor and is compromised. Rule# 1: Don't touch anything that comes with Microsoft Windows as these corporate entities are hand in glove with the alphabet agencies.

 

As I said previously in another post, the recommendation to migrate from TrueCrypt to "Bitlocker…?!?" is so much against the very reason for the creation of TrueCrypt. TrueCrypt was created because nothing else could be trusted. Things just don't add up. There is something very fishy here. What comes to mind right away is the probability that the TrueCrypt developers might have been contacted and bullied by one of the "alphabet agencies" to create a backdoor in the encryption software, to which the TrueCrypt developers simply said "no!" and decided to shut it down the way Lavabit did.

 

Thankfully, the efforts are already underway at truecrypt.ch to revive and resurrect TrueCrypt.



#4 SpywareDoctor

SpywareDoctor
  • Topic Starter

  • Members
  • 256 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 30 May 2014 - 02:11 PM

Yep, that's what the were saying over on The Register: TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead

...
One intriguing possibility – and one that's it's very difficult to either prove or disprove – is that this is a warrant canary triggered by pressure on TrueCrypt's developers by the feds to backdoor the software – which is favoured by the likes of Edward Snowden and his journo pals. Effectively, it would be a signal to the world that something is not right, without breaching any gagging order that may also be in place.

It could even be in response to a threat to unmask the development team.

"Somebody was about to de-anonymize the Truecrypt developers, and this is their response," suggested Prof Green.

Veteran security world watcher Graham Cluley said: "Whether hoax, hack or genuine end-of-life for TrueCrypt, it’s clear that no security-conscious users are going to feel comfortable trusting the software after this debacle. It’s time to start looking for an alternative way to encrypt your files and hard drive."

The outlook for those who rely on TrueCrypt to encrypt their drives and/or files just became overcast with doubt.

Johannes Ullrich of the SANS Technology Institute recommended FileVault and LUKS, for Mac OS X and Linux users, respectively, as potential alternatives. "Sadly, these are not compatible with each other. You will need to find a replacement for portable media that need to move between operating systems. PGP/GnuPG comes to mind as an option," he advised.

An earlier list of alternatives to TrueCrypt put together by security expert The Grugq can be found here.
...

 

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:27 AM

Posted 30 May 2014 - 06:19 PM

The primary discussion on this topic is in this link as noted by frankp316 in Post #2. It would be best to post any further comments on this subject in that discussion thread.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users