At the start of this month OSTIF (the Open Source Technology Improvement Fund) announced that it had agreed a plan to get the open source disk encryption tool VeraCrypt independently audited. The audit, which would look for security holes and weaknesses in VeraCrypt’s code, would be done in co-ordination with vulnerability researchers from QuarksLab. So
A Russian language version of TrueCrypt contains a secret backdoor trojan, researchers discover.
However, because it was careful to pick and choose who was targeted, the malware distribution has gone unnoticed for a long time.
The attacker who stole Hacking Team’s data gained access to an employee’s computer while the victim was still logged in, as Simon PG Edwards explains.
Is this crazy talk or have internet users really stumbled across a secret message from the developers of TrueCrypt alleging an NSA backdoor?
A team of developers are hoping to rescue TrueCrypt, or – at the very least – develop a new product based upon its code.
Whether hoax, hack or genuine end-of-life for TrueCrypt, it’s clear that no security-conscious users are going to feel comfortable trusting the software after this debacle. It’s time to start looking for an alternative way to encrypt your files and hard drive.