TrueCrypt shuts down due to alleged 'security issues'


Recommended Posts

FiB3R

TrueCrypt, leading encryption software touted and used by no less than Edward Snowden and Glenn Greenwald, now appears to be dead, according to its recently updated website, but no one seems to know why?or if the program's ominous warning is legitimate.

 

?WARNING,? the site reads in large red letters. ?Using TrueCrypt is not secure as it may contain unfixed security issues.?

 

A 10-year-old application, TrueCrypt has long been used for encrypting hard drives and USB sticks on Windows, Linux, and Macs.

 

The open source program was developed by the pseudonymous TrueCrypt team, who have made no public comment since the program?s site changed drastically, leaving many to wonder if the website was hacked or if the warning is legitimate.

 

However, the newest version of TrueCrypt 7.2 has the same ominous warning message now showing to users, suggesting that this isn?t simply a website-related issue.

 

More...

Link to post
Share on other sites
Osiris

Well only one way to be secure now

/microwaves hdds, put on tin foil hat

  • Like 3
Link to post
Share on other sites
DrJohnSmitherson

Wth? This is weird! What other options are there?

Link to post
Share on other sites
i_was_here

I hope there is some cross-platform alternative to TrueCrypt. I would at least like something I can use on both Windows and Linux.

Link to post
Share on other sites
FiB3R

Wth? This is weird! What other options are there?

Well, according to TrueCrypts own page on SourceForge, another option is BitLocker. Which may be fair enough, but makes this seem all the more strange.

Link to post
Share on other sites
DrJohnSmitherson

Apparently it's been infected with malware or something

Link to post
Share on other sites
neufuse

I think truecrypt shut down years ago, it was on 7.1 forever...

 

but bitlocker? not every computer has a TPM chip in it


Well, according to TrueCrypts own page on SourceForge, another option is BitLocker. Which may be fair enough, but makes this seem all the more strange.

yeah I found it odd also, Bitlocker is an odd suggestion from a 3rd party security point of view

Link to post
Share on other sites
Max Norris

but bitlocker? not every computer has a TPM chip in it

It's not a set-in-stone requirement, you can bypass the restriction via group policy.
Link to post
Share on other sites
Aergan

????

Link to post
Share on other sites
neufuse

It's not a set-in-stone requirement, you can bypass the restriction via group policy.

you shouldn't have to bypass anything

Link to post
Share on other sites
Max Norris

you shouldn't have to bypass anything

It's just a setting, one among hundreds... by default it's set to the more secure configuration. Would you prefer they didn't give you the option or have it less secure out of the box?
Link to post
Share on other sites
neufuse

also a little odd that version 7.2 which they just put out is smaller by a good bit than 7.1a

Link to post
Share on other sites
BoondockSaint

Since TrueCrypt had an official code review, I guess they decided fixing the issues was not feasible.

 

I'm still using 7.1a on Windows 8.1, and I am not having any issues, so for the time being will continue to do so. But at the same time, I will do some research into BitLocker as well.

Link to post
Share on other sites
neufuse

ok, something is seriously wrong with the 7.2 code, installed it in a protected VM environment and it's doing some odd things network wise... I don't think file that is begin served right now is legit... I've never had truecrypt try to make network connections in the past

  • Like 1
Link to post
Share on other sites
Toysoldier

ok, something is seriously wrong with the 7.2 code, installed it in a protected VM environment and it's doing some odd things network wise... I don't think file that is begin served right now is legit... I've never had truecrypt try to make network connections in the past

 

I wouldn't be surprised if the site was hacked and you have just installed an infected boot/root kit.

 

Lucky you used a VM.

Link to post
Share on other sites
neufuse

I wouldn't be surprised if the site was hacked and you have just installed an infected boot/root kit.

 

Lucky you used a VM.

that's why I did it in a VM...... we never trust security software until we audit it first

Link to post
Share on other sites
123456789A

Wth? This is weird! What other options are there?

 

ROT-13 or 1024-bit NSAKey

  • Like 2
Link to post
Share on other sites
timster

ROT-13 or 1024-bit NSAKey

lol NSAKey :shiftyninja:

Link to post
Share on other sites
Gerowen

Still my favorite method of sanitizing hard drives.  This hard drive was beginning to fail, so I sanitized it before trashing it.

post-125978-0-59116600-1401319724.jpg

Link to post
Share on other sites
neufuse

Still my favorite method of sanitizing hard drives.  This hard drive was beginning to fail, so I sanitized it before trashing it.

 

eh, we use Acetylene Tourches and melt the things into a ball... makes work fun *LOL*

  • Like 5
Link to post
Share on other sites
xendrome

Yeah this looks like a domain/sourceforge page hijack...

Link to post
Share on other sites
torrentthief

bitlocker has an NSA backdoor built-in. Documents leaked to cryptome.org about 2yrs ago showed that law enforcement can unencrypt it.

Link to post
Share on other sites
Toysoldier

bitlocker has an NSA backdoor built-in. Documents leaked to cryptome.org about 2yrs ago showed that law enforcement can unencrypt it.

 

Link?

 

Are you sure they can unencrypt it without your key? last I heard was they were cold-booting them and getting the key from memory.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.