at0m Posted May 29, 2014 The truecrypt website has been taken moved to http://truecrypt.sourceforge.net/ and there is now a rather ominous warning. "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" It's not really known what's happened yet, it's very sudden and without explanation. Here's what we do know: The binary currently on the website (7.2) is decrypt only. It's signed with the keys previously used to sign TC binaries It's really strange. What we don't know is why... Some theories include: Hacked. Their website & keys somehow got compromised. This is pretty big if it is. Canary. This is their way of saying "We're in trouble. Stop using our stuff". Dead Man's Switch. Similar to the above but could also happen in-case of death/arrest. Internal issues with the team. Power struggle, rouge, psychological issues. Huge implementation issue/vulnerability/bug. Only option was to pull the plug so they don't have to disclose it to the public/LEO and put everyone at risk (they were recently privately audited so this is plausible) I'll try keep you guys up to date if anything else comes to light. 2 Share this post Link to post Share on other sites
at0m Posted May 29, 2014 Truecrypt is/was the most commonly used drive/container encryption program out there. Make storage devices (USBs, external hard drives, etc) or 'containers' (virtual drives) completely unreadable to anyone that doesn't have the password/key. https://en.wikipedia.org/wiki/TrueCrypt 2 Share this post Link to post Share on other sites
Schrodinger's Khat Posted May 29, 2014 Sounds like some bad, bad joo joo 1 Share this post Link to post Share on other sites
Auxin Posted June 4, 2014 The not secure warning is meant as a long term one. The devs have stopped developing truecrypt and so no new security updates will come in the future. Theres no shortage of guesses as to why they stopped, but my gut says those guys spent a decade giving us a wonderfully high quality product, theyre tired of doing it, and they dont want to hand it over to others who might ruin it. So far theres no evidence it was compromised. 7.1a will probably last us a good long while as we wait for a equally good and safe replacement. 2 Share this post Link to post Share on other sites