TrueCrypt shuts down due to alleged 'security issues'


Recommended Posts

TrueCrypt, leading encryption software touted and used by no less than Edward Snowden and Glenn Greenwald, now appears to be dead, according to its recently updated website, but no one seems to know why?or if the program's ominous warning is legitimate.

 

?WARNING,? the site reads in large red letters. ?Using TrueCrypt is not secure as it may contain unfixed security issues.?

 

A 10-year-old application, TrueCrypt has long been used for encrypting hard drives and USB sticks on Windows, Linux, and Macs.

 

The open source program was developed by the pseudonymous TrueCrypt team, who have made no public comment since the program?s site changed drastically, leaving many to wonder if the website was hacked or if the warning is legitimate.

 

However, the newest version of TrueCrypt 7.2 has the same ominous warning message now showing to users, suggesting that this isn?t simply a website-related issue.

 

More...

Link to comment
Share on other sites

Wth? This is weird! What other options are there?

Well, according to TrueCrypts own page on SourceForge, another option is BitLocker. Which may be fair enough, but makes this seem all the more strange.

Link to comment
Share on other sites

I think truecrypt shut down years ago, it was on 7.1 forever...

 

but bitlocker? not every computer has a TPM chip in it


Well, according to TrueCrypts own page on SourceForge, another option is BitLocker. Which may be fair enough, but makes this seem all the more strange.

yeah I found it odd also, Bitlocker is an odd suggestion from a 3rd party security point of view

Link to comment
Share on other sites

but bitlocker? not every computer has a TPM chip in it

It's not a set-in-stone requirement, you can bypass the restriction via group policy.
Link to comment
Share on other sites

you shouldn't have to bypass anything

It's just a setting, one among hundreds... by default it's set to the more secure configuration. Would you prefer they didn't give you the option or have it less secure out of the box?
Link to comment
Share on other sites

Since TrueCrypt had an official code review, I guess they decided fixing the issues was not feasible.

 

I'm still using 7.1a on Windows 8.1, and I am not having any issues, so for the time being will continue to do so. But at the same time, I will do some research into BitLocker as well.

Link to comment
Share on other sites

ok, something is seriously wrong with the 7.2 code, installed it in a protected VM environment and it's doing some odd things network wise... I don't think file that is begin served right now is legit... I've never had truecrypt try to make network connections in the past

Link to comment
Share on other sites

ok, something is seriously wrong with the 7.2 code, installed it in a protected VM environment and it's doing some odd things network wise... I don't think file that is begin served right now is legit... I've never had truecrypt try to make network connections in the past

 

I wouldn't be surprised if the site was hacked and you have just installed an infected boot/root kit.

 

Lucky you used a VM.

Link to comment
Share on other sites

I wouldn't be surprised if the site was hacked and you have just installed an infected boot/root kit.

 

Lucky you used a VM.

that's why I did it in a VM...... we never trust security software until we audit it first

Link to comment
Share on other sites

Still my favorite method of sanitizing hard drives.  This hard drive was beginning to fail, so I sanitized it before trashing it.

post-125978-0-59116600-1401319724.jpg

Link to comment
Share on other sites

Still my favorite method of sanitizing hard drives.  This hard drive was beginning to fail, so I sanitized it before trashing it.

 

eh, we use Acetylene Tourches and melt the things into a ball... makes work fun *LOL*

Link to comment
Share on other sites

bitlocker has an NSA backdoor built-in. Documents leaked to cryptome.org about 2yrs ago showed that law enforcement can unencrypt it.

 

Link?

 

Are you sure they can unencrypt it without your key? last I heard was they were cold-booting them and getting the key from memory.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.