Cryptic warning baffles TrueCrypt users

By on
Cryptic warning baffles TrueCrypt users

TrueCrypt site claims product is not secure, recommends Microsoft.

Open source disk encryption utility TrueCrypt appears to have closed down today, with no explanation from its developers beyond unverified messages on the project's source code site that claim the application is no longer secure.

TrueCrypt's SourceForge page currently warns users against using the program, saying it is not secure as it may contain unfixed security issues.

The page goes on to recommend uses to switch to the built in Microsoft Bitlocker in newer versions of Windows.

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms. You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

BitLocker is a full-disk encryption utility that does not contain a backdoor for government access, according to Microsoft.

Furthermore, the source code for the Windows version of the new TrueCrypt 7.2 version at the Github repository contains a similar warning message.

The sudden shutdown of TrueCrypt - which was developed anonymously by unknown developers - has left security experts and user of the program baffled, suspecting the website message is an elaborate hoax or possibly even a hack.

Cryptography lecturer Matthew Green at John Hopkins University in Maryland believes the SourceForge page is authentic.

I think it unlikely that an unknown hacker (a) identified the Truecrypt devs, (b) stole their signing key, (c) hacked their site.

— Matthew Green (@matthew_d_green) May 28, 2014

Green has been unable to contact TrueCrypt developers to verify what actually happened.

Nadim Kobeissi, developer of encrypted messaging app CryptoCat tweeted that the immediate lesson from the TrueCrypt debacle is that you can't trust software made by unknown people.

TrueCrypt was first released in 2004, and supported all popular operating systems such as Microsoft Windows, Apple OS X, *BSD and Linux distributions.

It rose to fame this year as it was revealed that former United States National Security Agency contractor Edward Snowden used TrueCrypt to encrypt hard drives and USB memory sticks.

The application was partly security audited this year, with no backdoors discovered. 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bitlocker encryption infosec security truecrypt windows xp

Sponsored Whitepapers

Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Technology skill development: The strategy for building better teams
Technology skill development: The strategy for building better teams

Events

Most Read Articles

Services Australia shifts most Centrelink payments to SAP S/4 HANA

Services Australia shifts most Centrelink payments to SAP S/4 HANA
Any Android security app is better than Google Play Protect

Any Android security app is better than Google Play Protect
Toll Group starts to scale out intelligent automation

Toll Group starts to scale out intelligent automation
Australia Post is building a new event management system on Google Cloud

Australia Post is building a new event management system on Google Cloud

Log In

Email:
Password:
  |  Forgot your password?