Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Thursday May 29 2014, @04:03AM   Printer-friendly
from the Another-one-bites-the-dust dept.

The TrueCrypt website has been changed it now has a big red warning stating "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues". They recommend using BitLocker for Windows 7/8, FileVault for OS X, or (whatever) for Linux. So, what happened? The TrueCrypt site says:

This page exists only to help migrate existing data encrypted by TrueCrypt. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

Did the TrueCrypt devs (or SourceForge?) get a NSL? They are offering a "new" version (7.2), but apparently the signing key has changed and a source code diff seems to indicate a lot of the functionality has been stripped out. What's up?

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Funny) by Anonymous Coward on Thursday May 29 2014, @06:35AM

    by Anonymous Coward on Thursday May 29 2014, @06:35AM (#48593)

    The audit revealed the true encryption algorithm was ROT13. Further development was deemed impossible without breaking backward compatibility.

    Starting Score:    0  points
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  

    Total Score:   1  
  • (Score: 2) by maxwell demon on Thursday May 29 2014, @07:28AM

    by maxwell demon (1608) Subscriber Badge on Thursday May 29 2014, @07:28AM (#48614) Journal

    The audit revealed the true encryption algorithm was ROT13. Further development was deemed impossible without breaking backward compatibility.

    Those were security people. They certainly knew that these days you need triple-rot13 to be truly secure.
    The problem the audit found was that the second step wasn't a decryption step, as triple-rot13 requires, but an additional encryption step.

    --
    The Tao of math: The numbers you can count are not the real numbers.