Truecrypt no longer safe? Or have they been hacked?
If you now go to truecrypt's website you find a message telling you truecrypt is no longer safe.
If you download their latest version 7.2 you get the same message, along with a bunch of anti-viruses reacting to the executable.
http://arstechnica.com/security/2014/05 ... tly-warns/However, there is still something fishy going on here. The new encryption program suggested is actually bitlocker for windows, a medium encryption software that most probably provides its master keys to the goverment and can really not be trusted. This is quite unusual coming from the truecrypt developers.
However, there is one possibility left that could explain this all without truecrypt being unsafe.
This is an attempt by the NSA to get everyone to drop their reliable encryptions for something that they can open up easily.
What if this was some TrueCrypt dev's last attempt to warn that the project was no longer under their control. This would explain the correct keys, certificate etc, also the shoddy nature of the explanation. When this is all sorted out, I don't know if TrueCrypt will still be TrueCrypt...
What are your thoughts?
Truecrypt 7.1 hasn't been updated for 2 years and might have exploits.
But Bitlocker is a fucking joke. There is no way I'm using that shit.
Should we wait and see, or should we act? No matter what we do, there seems to be a great risk.
Is it time to wipe all disks and burn them?
Updatethis may very well be a hacking incident after all. The new version has been signed WITH A DIFFERENT SIGNED KEY, and not the old official one.
I'll get back to you for more info once we get to the bottom of this shit