The flaws, which were apparently missed in an earlier independent audit of the TrueCrypt source code, could allow attackers to obtain elevated privileges on a system if they have access to a limited user account.
The original authors of TrueCrypt, who have remained anonymous, abruptly shut down the project in May 2014 warning that "it may contain unfixed security issues" and advised users to switch to BitLocker, Microsoft's full-disk encryption feature that's available in certain versions of Windows.
At that time a crowd-funded effort was already underway to perform a professional security audit of TrueCrypt's source code and its cryptography implementations. The first phase, which analyzed the TrueCrypt driver and other critical parts of the code, had already been completed when TrueCrypt was discontinued. The auditors found no high-severity issues or evidence of intentional backdoors in the program.
It's impossible to tell if the new flaws discovered by Forshaw were introduced intentionally or not, but they do show that despite professional code audits, serious bugs can remain undiscovered
(Score: -1, Redundant) by Anonymous Coward on Wednesday September 30 2015, @06:53PM
Straight up. That comment has everything you need to know in one shot.
(Score: 4, Funny) by Anonymous Coward on Wednesday September 30 2015, @07:34PM
However, it leaves very little room to inject comments about NSA, Snowden, derogatory comments about "the sheeple", remarkably un-insightful comments regarding bread and circuses from people who think they are being insightful. In short, it removes the need for 95% of the obligatory comments we need in every story, so perhaps his comment was a bit too effective.
(Score: 1, Funny) by Anonymous Coward on Wednesday September 30 2015, @07:47PM
wait. are you paid by the government to lead people into shutting up about the government? i mean... who else would say such nasty things about our insightful views into the conspiracy to generate a sheeple of illiterate oblivious corporate minions?
(Score: 2) by http on Thursday October 01 2015, @04:08AM
Bingo, sir.
I browse at -1 when I have mod points. It's unsettling.
(Score: 2, Touché) by Marand on Wednesday September 30 2015, @07:50PM
However, it leaves very little room to inject comments about NSA, Snowden, derogatory comments about "the sheeple", remarkably un-insightful comments regarding bread and circuses from people who think they are being insightful. In short, it removes the need for 95% of the obligatory comments we need in every story, so perhaps his comment was a bit too effective.
That's okay, because it's a Windows bug. That means we can still make snarky remarks about "M$" and criticise people for using "Windoze" while pointing out that if people used $preferred_os_of_poster everything would be 100% safe, no bugs would ever happen again, and their computers would start ejecting gold coins out of the dvd drives (for any old-timers that still have them)
Or, more likely, people will just not read frojack's post and still inject the NSA/etc. comments anyway. :)
(Score: 2) by dyingtolive on Wednesday September 30 2015, @09:30PM
This just in: SNOWDEN AND AHMED MELTED STEEL BEAMS WITH BREAD AND CIRCUSES UNDER THE INFLUENCE OF GAMEMAKER ON ORDER FROM NSA! 9/11 CONFIRMED!
I think that covers most of the rest.
Don't blame me, I voted for moose wang!
(Score: 0) by Anonymous Coward on Thursday October 01 2015, @06:33AM
What about MyCleanPC?
(Score: 2) by aristarchus on Wednesday September 30 2015, @10:16PM
perhaps his comment was a bit too effective.
That's our frojack! Winning the internet and killing SoylentNews!
(Score: 0) by Anonymous Coward on Thursday October 01 2015, @06:39AM
Well, there is a reason people say those things. When you have hordes of people who don't care about or even support unconstitutional mass surveillance, what other conclusions can you draw? They are simply ignorant fools.