Cryptic warning baffles TrueCrypt users

By on
Cryptic warning baffles TrueCrypt users

TrueCrypt site claims product is not secure, recommends Microsoft.

Open source disk encryption utility TrueCrypt appears to have closed down today, with no explanation from its developers beyond unverified messages on the project's source code site that claim the application is no longer secure.

TrueCrypt's SourceForge page currently warns users against using the program, saying it is not secure as it may contain unfixed security issues.

The page goes on to recommend uses to switch to the built in Microsoft Bitlocker in newer versions of Windows.

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms. You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

BitLocker is a full-disk encryption utility that does not contain a backdoor for government access, according to Microsoft.

Furthermore, the source code for the Windows version of the new TrueCrypt 7.2 version at the Github repository contains a similar warning message.

The sudden shutdown of TrueCrypt - which was developed anonymously by unknown developers - has left security experts and user of the program baffled, suspecting the website message is an elaborate hoax or possibly even a hack.

Cryptography lecturer Matthew Green at John Hopkins University in Maryland believes the SourceForge page is authentic.

I think it unlikely that an unknown hacker (a) identified the Truecrypt devs, (b) stole their signing key, (c) hacked their site.

— Matthew Green (@matthew_d_green) May 28, 2014

Green has been unable to contact TrueCrypt developers to verify what actually happened.

Nadim Kobeissi, developer of encrypted messaging app CryptoCat tweeted that the immediate lesson from the TrueCrypt debacle is that you can't trust software made by unknown people.

TrueCrypt was first released in 2004, and supported all popular operating systems such as Microsoft Windows, Apple OS X, *BSD and Linux distributions.

It rose to fame this year as it was revealed that former United States National Security Agency contractor Edward Snowden used TrueCrypt to encrypt hard drives and USB memory sticks.

The application was partly security audited this year, with no backdoors discovered. 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bitlocker encryption infosec security truecrypt windows xp
In Partnership With

Most Read Articles

Telstra and Optus secure round four mobile blackspot sites

Telstra and Optus secure round four mobile blackspot sites
Coles quietly expands Uber Eats deliveries to essentials like bread, milk, Netflix

Coles quietly expands Uber Eats deliveries to essentials like bread, milk, Netflix
Bendigo Bank outage takes down online banking

Bendigo Bank outage takes down online banking
Credit cards cancelled as Kathmandu reveals online store hacked

Credit cards cancelled as Kathmandu reveals online store hacked
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Guide to Fully-Composable Software-Defined Private Cloud
Guide to Fully-Composable Software-Defined Private Cloud
Is slow data silently killing your business? Here's why you should care.
Is slow data silently killing your business? Here's why you should care.
Cloud, AI, infosec: Is your IT strategy keeping up?
Cloud, AI, infosec: Is your IT strategy keeping up?
Australian business moves to a new cloud era
Australian business moves to a new cloud era
Automate and secure IOT for Business
Automate and secure IOT for Business

Events

Log In

Username / Email:
Password:
  |  Forgot your password?