SoylentNews is people
SoylentNews
from the they-don't-seem-as-secretive-anymore dept.
Last month, SoylentNews reported that TrueCrypt was discontinued. Many have speculated that a fork would happen, but the TrueCrypt license makes that complicated. Now, Ars Technica reports about contact with a TrueCrypt developer on the subject:
In the days immediately following last month's TrueCrypt retirement, Johns Hopkins University professor Matt Green asked one of the secretive developers if it would be OK for other software engineers to use the existing source code to start an independent version. The developer responded:
"I am sorry, but I think what you're asking for here is impossible. I don't feel that forking truecrypt would be a good idea, a complete rewrite was something we wanted to do for a while. I believe that starting from scratch wouldn't require much more work than actually learning and understanding all of truecrypt's current codebase.
I have no problem with the source code being used as reference."
So, it looks like a fork won't happen after all. But a commenter there noted the existence of FreeOTFE, and I had previously noted tc-play. So even without a TrueCrypt fork, maybe developers won't have to start completely from scratch.
[Ed'sNote: At the time of posting, the Wikipedia entry for FreeOTFE notes that the domain has been dormant for some time. Whether work continues on FreeOTFE is uncertain. The concept sounds very much like the full disk encryption that has been available for linux for quite some time, but which does not provide plausible deniability. If I am wrong in these assumptions, I would welcome being corrected!]
(Score: 4, Informative) by Ken_g6 on Friday June 20 2014, @02:46PM
tc-play is pretty much a full TrueCrypt cleanroom implementation. Except it only works in Linux, using dm-crypt and it has no GUI.
FreeOTFE is a Windows dm-crypt implementation, with a GUI, but it has limited support at best for TrueCrypt.
But tc-play is BSD-licensed, and FreeOTFE has a BSD-like license. So if someone were to merge their codebases on Windows, in theory you could have a full TrueCrypt cleanroom implementation, on Windows, with a GUI. Then someone could probably backport the GUI to Linux. I don't see a path to Mac or other OSes, but Windows+Linux would be a good start.
(Score: 2) by Marand on Friday June 20 2014, @08:51PM
FreeOTFE is also a pain in the ass on Win7 and beyond thanks to Microsoft's idiotic driver signing requirements. I had hoped that would have been fixed by now, but apparently the project has been abandoned since 2010, so I guess the dev gave up instead.
I evaluated it with the idea that I would use dm-crypt on a dual-boot machine a while back, and eventually gave up on the entire idea because of Windows being actively hostile to unsigned drivers and the lack of a signed dm-crypt implementation.