SoylentNews is people
SoylentNews
from the some-settling-of-contents-may-have-occurred dept.
According to a German researcher, Mattias Schlenker, we are to expect that the reason for TrueCrypt's recent shutdown is not a National Security Letter, but a serious security flaw in how TC container files are created on Windows.
He expects the flaw to become public within a week.
What gives this chap some credibility is that he's one of the developers of "desinfec't", a Knoppix-based live Linux that comes with several virus scanners and is distributed by well-renowned German computer magazine c't (whose mother company/publishing house, Heise, hosts the forum where he made his announcement).
Link to his original German posting: http://www.heise.de/security/news/foren/S-Re-Warum -TrueCrypt-nicht-in-Desinfec-t-enthalten-ist/forum -280432/msg-25289876/read/
See our earlier coverage: TrueCrypt Discontinued, Compromised.
(Score: 2) by frojack on Saturday May 31 2014, @01:15AM
That may or may not be true, we don't know when this error slipped in.
To date, I'm not aware of anyone successfully breaking into it, nor of any exploits in the wild.
What makes this story sound suspicious, is that the normal response would be to Warn of the issue, so users could take extra care, fix the problem and publish a method of re-creating your encrypted containers.
Instead, they throw up their hands and walk away. !!!
Is it THAT broken? Did life get in the way, new jobs, new wife, just pissed off?
No, you are mistaken. I've always had this sig.