[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

So about Truecrypt. It's now unsafe

Good day,

so Truecrypt, you know, one of the most often used pieces of software, when it comes to encrypting your files/drives is now unsafe. A new bug has been found inside the Source-code of Truecrypt, which allows an attacker to get high privileges (privilege escalation (so higher rights then the user has)) under windows which allow an attacker absolute access to the attacked PC. That’s why it is now deemed unsafe to use Truecrypt, since the project mysteriously got discontinued about a year ago. However, there are a few alternatives like VeraCrypt (which is based on TC, however the bug has been fixed on there, according to the developers), or LUKS (which is integrated right into the Linux-Kernel). So using one of these alternatives is recommended now over using TC, even though these pieces of software didn’t get a professional audit, like TC did, which is why the people who did said audit back then recommended against using alternatives based on the old TC code, since those didn’t get audited. The irony is, that the audit actually did not find said fault, rather it was James Forshaw, who works for Google Project Zero, which is a special team employed by Google to search for different security issues in a variety of software. Oh and before I forget to say it, even though this bug is limited to Windows, the fact that such major flaws got overlooked at the audit, is reason enough, to use on of the (on-board) alternatives on Linux or Mac OS X as well.

So stay safe and inform yourself about which alternative fits best to you, if you’re still using TC,

Ego

Source; https://veracrypt.codeplex.com/wikipage?title=Release%20Notes

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]