Kitz Forum

Computer Software => Security => Topic started by: guest on May 29, 2014, 09:05:21 AM

Title: TrueCrypt binaries compromised
Post by: guest on May 29, 2014, 09:05:21 AM

If any of you are using TrueCrypt versions past 7.1 (or possibly 7.1.a) then it appears the project has been compromised. It further appears that the installer has likely been compromised for some considerable time.

Tinfoil hat time but my guess is that the devs were served with a subpoena (much like Lavasoft) requiring them to give the US government means to decrypt hidden volumes.

El Reg is a decent starting point for info.

Moral of story is to refuse to deal with any US companies (as far as humanly possible) for they cannot be trusted.

Title: Re: TrueCrypt binaries compromised
Post by: roseway on May 29, 2014, 10:12:26 AM

The El Reg article mentions that TrueCrypt was used by Edward Snowden, so your guess about the source of the problem sounds very plausible.

http://www.theregister.co.uk/2014/05/28/truecrypt_hack/

Title: Re: TrueCrypt binaries compromised
Post by: guest on May 29, 2014, 11:31:58 AM

I have to confess I've always been a bit dubious about TrueCrypt due to the "anonymous" status of the developers, hence why I tend to use BestCrypt (www.jetico.com) over the last decade or so. Admittedly the developer of BestCrypt now seems to be doing a significant amount of business with companies like Lockheed-Martin so I probably need to review that decision ASAP even though Jetico is a Finnish company.