![]() Two projects forked from TrueCrypt: VeraCrypt (active) and CipherShed (abandoned). Though development of TrueCrypt has ceased, an independent audit of TrueCrypt (published in March 2015) has concluded that no significant flaws are present. On, the TrueCrypt website announced that the project was no longer maintained and recommended users find alternative solutions. It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device ( pre-boot authentication). ![]() TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). ![]() TrueCrypt License 3.1 ( source-available freeware) It's really fascinating to watch! I hope the original authors are enjoying the drama :-) At this point, I think the new team is going to do amazing things.English, Arabic, Basque, Belarusian, Bulgarian, Burmese, Catalan, Chinese (Simplified), Chinese (Hong Kong), Chinese (Taiwan), Czech, Danish, Dutch, Estonian, Finnish, French, Georgian, German, Greek, Hungarian, Indonesian, Italian, Japanese, Korean, Latvian, Norwegian (Nynorsk), Persian, Polish, Portuguese (Brazil), Russian, Slovak, Slovenian, Spanish, Swedish, Turkish, Ukrainian, Uzbek (Cyrillic), Vietnamese Now they're self-organizing like some sort of slime mold, creating order out of chaos. So, I said "Follow me!" on the forum, and signed up geeks as fast as I could at the site that became. Also true to the Pirate Party spirit, they don't really know how to organize a team of geeks to work together in a common direction. True to the Pirate Party spirit, they even pirated the TrueCrypt name: truecrypt.ch. It's like kicking an ant hill.ĭid it work? You bet! A bunch of geeks like me said, "I want to help!" A couple of Swiss Pirate Party dudes said, "We'll lead the effort", and before the weekend was over, they had thousands of offers for help. Now he's kicking back with a beer and watching the world go nuts. He pulled that amazing stunt, complete with recommending everyone use Microsoft BitLocker. One of the developers decided to force the world to take action. Instead, for two years, there were no security updates, and no credible fork. Everyone assumed that since it's open source, some new guys would come along to take over the project. They had a party, said goodbye, and moved on with their lives. These guys released their best version ever, 7.1a, in Febuary 2012. Even if it was without bugs, what good is it? Not to mention the weird way they walked away from their software. Why else would they go through so much effort to get rid of it? Somebody badly wants TrueCrypt 7.1a to disappear and be abandoned, the question is who and why.ħ.2 was stripped of encryption functions. So while I wouldn't trust anything they do from now on, the older code looks good. ![]() If they had said nothing at all and TrueCrypt had stayed at versjon 7.1a for another few years I'd still use it and despite what looks to me like a best effort they can't go back in time and sabotage their old release. But I think they're lying about knowingly withholding anything, that they're not working on the code and not maintaining it isn't the same as deliberately avoiding fixing issues. That doesn't mean TrueCrypt is bug free, of course it may have bigger and smaller issues. The developers don't know of any critical issues with 7.1a, but they're being pressured to or want to kill it. But there's no reason for any agency to kill off a version that has a backdoor and if there really was a government backdoor wouldn't the best way to be a whistleblower be to point it out? Why this ominous yet vague FUD? The answer that makes the most sense is that they're lying about everything. Why are they lying to us? I don't know, either they're pressured to it or working for commercial alternatives or threw a hand grenade to start conspiracy theories and get everyone reviewing the code or just went plain nuts I don't know. I don't think and you probably also don't think that it's because XP support has ended and we should now all go use Bitlocker, so they're lying to us now. I mean they don't just want to shut down their project, they want tarnish the name, burn it to the ground and salt the earth after them and you really have to ask: Why? Which brings us over to the next issue, they claim there's critical bugs but they won't tell anyone where they are so others can fix them nor fix them themselves. ![]() And if they're under any kind of pressure now, it would be to discredit the software they made years ago that doesn't contain any backdoors. It wouldn't really make a lot of sense either, if it was compromised back in 2012 and you wanted to be a whistleblower why wait well over 2 years to do it? It's not like NSA or whomever would let that sort of gag order expire. First of all, they said TrueCrypt has unfixed critical bugs not that it was compromised. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |