Here are checksums for it from a security audit... https://madiba.encs.concordia.ca/~x_decarn/truecrypt-binaries-analysis/ My money is a Lavabit type of response to an NSL or equivalent... Eric On Wed, May 28, 2014 at 10:08 PM, Michael Butash wrote: > I saw that, thought mostly the same, don't think it's a scam, probably > just more hassle than it was worth to fend of legal aspects of giving free > and *actual* secure crypto, it it ever was. I saw someone paid Schneier to > audit it, and he found it fairly robust, but with some flaw as well, but > relatively minor all in all. I only used it on usb keys as I didn't think > luks volumes mounted under windoze, but found that they actually might, or > at least truecrypt gave a link to something that seemed to be a windoze app > to mount them. Link was dead, but I plan on looking to see. > > I'd love to see a real audit of luks too, as the last one standing for the > most part for any kind of open whole disk encryption versatile enough to > handle lower and higher level disk i/o adequately under linux. > > Truecrypt seemed decent, but only as a medium between linux, windoze, and > even occasionally mac systems that I needed to mount them on. Sadly it > really is asking a lot that there be some sort of standard around this > cross-platform, with each systems' unique flaws and potentials for making > the environments insecure for everyone around them a "feature". > > I think there is more bad reason than good these methods don't exist in a > complete secure fashion, as presumably most governments, corporations, and > just about any profit center wants the options open for full exploitability > of their choosing should they desire to see what anyone has. I doubt it's > a debatable option even at this point that on all levels, all things remain > exploitable to some extent through purpose or simple error, but either way > generally still exist. > > Layers... I use full encryption on all my personal systems now, but its > impossible to trust everything. I don't do ecryptfs atop luks, as I'd like > some reasonable expectation of performance and not overkilling my SSD's. > I'd love to otherwise. > > Someone comes and heists every computer, tablet, or phone in your house > with a warrant in a "crime" with law enforcement officers, your data is > forfeit by and large, encrypted or not. Scary part is what occurs when > they don't bother to come physically, or tell you. > > -mb > > > On 05/28/2014 09:33 PM, Bryan O'Neal wrote: > >> WTF!!! No! Say it is not so! >> If it was actually insecure where are the exploits? Bitlocker has had >> cracked and is known to be flawed. I have heard that the US government >> has been putting pressure on true crypt to provide a dedicated back >> door for some time but I thought that was just smoke. I love true >> crypt and move encrypted disks freely between windows, mac, and linux. >> >> I is sad :( >> >> >> On Wed, May 28, 2014 at 5:39 PM, Derek Trotter >> wrote: >> >>> Today I read at The Register that the truecrypt site redirects to their >>> sourceforge page, and that has a statement saying development has been >>> discontinued. I checked and saw for myself. >>> >>> I'm wondering if this is for real or if the truecrypt people have been >>> hacked. >>> >>> http://www.theregister.co.uk/2014/05/28/truecrypt_hack/ >>> >>> If this is for real, are there any alternatives? >>> >>> -- >>> "I get my copy of the daily paper, look at the obituaries page, and if >>> I’m >>> not there, I carry on as usual." >>> >>> Patrick Moore >>> >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >