Jump to content
Thailand Visa Forum by Thai Visa | The Nation
Sign in to follow this  
mesquite

Mysterious announcement from Truecrypt declares the project insecure and dead

Recommended Posts

http://boingboing.net/2014/05/29/mysterious-announcement-from-t.html

in part,

"The abrupt announcement that the widely used, anonymously authored disk-encryption tool Truecrypt is insecure and will no longer be maintained shocked the crypto world--after all, this was the tool Edward Snowden himself lectured on at a Cryptoparty in Hawai'i."

Edited by mesquite

Share this post


Link to post
Share on other sites

Is it insecure?

There seems to be some doubt about the announcement regarding, the reason it was made, who made it and if genuine what it actually means. Proposed reason vary from a hacked site (unlikely) to a discreet warning from the creators that pressure has been put upon them to create a back door that can be used by everybody's favourite spy agency who's name I will Not Speak Aloud here. It will also be interesting to see what the ongoing audit result of the programme is.

I for one will continue to use it until an equally good open source cross platform alternative is offered.

but then again I use it only to keep prying eyes away from personal information and I am not hiding anything from people who would water-board me for the password anyway.

  • Like 1

Share this post


Link to post
Share on other sites

everybody's favourite spy agency who's name I will Not Speak Aloud here

No Stupid Acronyms?

tongue.png

  • Like 1

Share this post


Link to post
Share on other sites

And the plot thickens.

See the warning on the TrueCrypt Site: http://truecrypt.sourceforge.net/

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

There is a hidden message! Take the first letters of the warning:

“uti nsa im cu si” now put this in the google translator, from Latin to English and you receive…

“If I wish to use the NSA”

Coincidental? Hmm.

  • Like 1

Share this post


Link to post
Share on other sites

Very strange announcement indeed. And telling users to use Microsoft Bitlocker!! <deleted>! Nobody seriously uses MS products for security, now do they? MS has been practically in bed with NSA for years now.

However, not all is lost. The TrueCrypt project has been restarted on http://truecrypt.ch with v7.1a download, and the source is now available on github. Doubt that NSA has much jurisdiction in Switzerland.

Share this post


Link to post
Share on other sites

And the plot thickens.

See the warning on the TrueCrypt Site: http://truecrypt.sourceforge.net/

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

There is a hidden message! Take the first letters of the warning:

“uti nsa im cu si” now put this in the google translator, from Latin to English and you receive…

“If I wish to use the NSA”

Coincidental? Hmm.

Your point is well taken. I find this quote , taken from the truecrypt link you posted, particularly telling: "The development of TrueCrypt was ended in 5/2014 after "Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images""

The bolding is my own. Methinks the "integrated support" that MS is so generously offering may contain some unwanted components.

Share this post


Link to post
Share on other sites

meh, or truecrypt was a NSA / CIA front all along.... (seeing as we're all playing conspiracy theory quiz night)

Share this post


Link to post
Share on other sites

Has anyone ever lost any data in a Truecrypt volume by virtue of the hard disk it was on becoming bad? If you ever run Scandisk from time to time, it will as you know occasionally pick up bad sectors and offer to fix them.

I once tried to simulate a disk going bad and losing a few sectors by editing a couple of bytes of a large Truecrypt volume in a hexeditor. Once you do this, you can no longer open the volume with the password and the data is lost.

It seems to me if you have a large Truecrypt volume of several gigabytes sitting on a hard disk for long enough, it's only a matter of time before a couple of sectors go bad and you lose all your data?

Or is this unlikely to happen?

Edited by katana

Share this post


Link to post
Share on other sites

Is it true that the developers of Truecrypt have never identified themselves? If so, then it was never to be trusted.

Share this post


Link to post
Share on other sites

Is it true that the developers of Truecrypt have never identified themselves? If so, then it was never to be trusted.

It is well known that the FBI could not decrypt these hard drives. So I trust the developers. Something went terribly wrong this week with those guys and I hope they are ok.

Share this post


Link to post
Share on other sites

Is it true that the developers of Truecrypt have never identified themselves? If so, then it was never to be trusted.

It is well known that the FBI could not decrypt these hard drives. So I trust the developers. Something went terribly wrong this week with those guys and I hope they are ok.

My post above may have been premature, for which I apologise wai.gif.pagespeed.ce.ptXUXgG4cA.gif

This article and the links within http://www.theregister.co.uk/2014/05/29/truecrypt_analysis/ are very interesting. The Register is a very reliable source in my experience.

I am following this story with great interest, and as I have no further FACTS to offer won't conjecture further.

Share this post


Link to post
Share on other sites

Has anyone ever lost any data in a Truecrypt volume by virtue of the hard disk it was on becoming bad? If you ever run Scandisk from time to time, it will as you know occasionally pick up bad sectors and offer to fix them.

I once tried to simulate a disk going bad and losing a few sectors by editing a couple of bytes of a large Truecrypt volume in a hexeditor. Once you do this, you can no longer open the volume with the password and the data is lost.

It seems to me if you have a large Truecrypt volume of several gigabytes sitting on a hard disk for long enough, it's only a matter of time before a couple of sectors go bad and you lose all your data?

Or is this unlikely to happen?

I do not know the answer but I can say I have had a completely encrypted hard disk (and the laptop/disk is at least 7 years old) and several containers in various storage devices for a few years and I have not come across this situation yet.

  • Like 2

Share this post


Link to post
Share on other sites

topt

Thanks. I currently use an old encryption program called Kruptos but it doesn't allow you direct access to the files like Truecrypt does after you mount the container. It would be nice to change over to a progam giving you easier access to encrypted files..

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

BANGKOK 13 December 2017 14:24
Sponsors
×