I saw that, thought mostly the same, don't think it's a scam, probably just more hassle than it was worth to fend of legal aspects of giving free and *actual* secure crypto, it it ever was. I saw someone paid Schneier to audit it, and he found it fairly robust, but with some flaw as well, but relatively minor all in all. I only used it on usb keys as I didn't think luks volumes mounted under windoze, but found that they actually might, or at least truecrypt gave a link to something that seemed to be a windoze app to mount them. Link was dead, but I plan on looking to see.
I'd love to see a real audit of luks too, as the last one standing for the most part for any kind of open whole disk encryption versatile enough to handle lower and higher level disk i/o adequately under linux.
Truecrypt seemed decent, but only as a medium between linux, windoze, and even occasionally mac systems that I needed to mount them on. Sadly it really is asking a lot that there be some sort of standard around this cross-platform, with each systems' unique flaws and potentials for making the environments insecure for everyone around them a "feature".
I think there is more bad reason than good these methods don't exist in a complete secure fashion, as presumably most governments, corporations, and just about any profit center wants the options open for full exploitability of their choosing should they desire to see what anyone has. I doubt it's a debatable option even at this point that on all levels, all things remain exploitable to some extent through purpose or simple error, but either way generally still exist.
Layers... I use full encryption on all my personal systems now, but its impossible to trust everything. I don't do ecryptfs atop luks, as I'd like some reasonable expectation of performance and not overkilling my SSD's. I'd love to otherwise.
Someone comes and heists every computer, tablet, or phone in your house with a warrant in a "crime" with law enforcement officers, your data is forfeit by and large, encrypted or not. Scary part is what occurs when they don't bother to come physically, or tell you.
-mb
On 05/28/2014 09:33 PM, Bryan O'Neal wrote:
WTF!!! No! Say it is not so!
If it was actually insecure where are the exploits? Bitlocker has had
cracked and is known to be flawed. I have heard that the US government
has been putting pressure on true crypt to provide a dedicated back
door for some time but I thought that was just smoke. I love true
crypt and move encrypted disks freely between windows, mac, and linux.
I is sad :(Today I read at The Register that the truecrypt site redirects to their
sourceforge page, and that has a statement saying development has been
discontinued. I checked and saw for myself.
I'm wondering if this is for real or if the truecrypt people have been
hacked.
http://www.theregister.co.uk/2014/05/28/truecrypt_hack/
If this is for real, are there any alternatives?
--"I get my copy of the daily paper, look at the obituaries page, and if I’m
not there, I carry on as usual."
Patrick Moore
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss