Originally posted by HeavensRevenge
View Post
Announcement
Collapse
No announcement yet.
TrueCrypt Has Been Potentially Compromised
Collapse
X
-
-
Originally posted by sarmad View PostSo, if that turns out to be legitimate, what other alternatives do we have on Linux that works in a similar way? I need a tool that creates an encrypted file-based virtual drive as I am using it to encrypt USB thumbdrives that I may access on more than one machine.
ecryptfs for directory hierarchies
gpg for single files
Leave a comment:
-
Originally posted by sarmad View PostSo, if that turns out to be legitimate, what other alternatives do we have on Linux that works in a similar way? I need a tool that creates an encrypted file-based virtual drive as I am using it to encrypt USB thumbdrives that I may access on more than one machine.
Leave a comment:
-
Originally posted by sarmad View PostSo, if that turns out to be legitimate, what other alternatives do we have on Linux that works in a similar way? I need a tool that creates an encrypted file-based virtual drive as I am using it to encrypt USB thumbdrives that I may access on more than one machine.
a project called zuluCrypt[1] makes it possible to create and open TrueCrypt volumes as well as luks volumes using a GUI tool.
[1] https://code.google.com/p/zulucrypt/
Leave a comment:
-
Originally posted by chuckula View PostLMFAO... this is transparently and obviously BS that a fourth grader could spot.
When Heartbleed came out last month, was there an amateur-hour scare announcement on the OpenSSL website to abandon OpenSSL in favor of Microsoft(!!???!?)
Real security vulnerabilities in a program... and Truecrypt might have them, just like practically every complex program in existence has, are handled professionally through a disclosure and patching/mitigation process. Ever see "CVE" numbers? (http://cve.mitre.org/)
This is basically a hack on a sourceforge website that anyone can see is intended as a bad joke. That host could very well be compromised and any "updated" software that has been through zero vetting process is OBVIOUSLY the malware.
fourth grader? go fuck yourself, dumb ass.
Leave a comment:
-
Originally posted by ninez View PostI'm going to guess it's not BS, given that it has already been demonstrated that TrueCrypt is not secure.
When Heartbleed came out last month, was there an amateur-hour scare announcement on the OpenSSL website to abandon OpenSSL in favor of Microsoft(!!???!?)
Real security vulnerabilities in a program... and Truecrypt might have them, just like practically every complex program in existence has, are handled professionally through a disclosure and patching/mitigation process. Ever see "CVE" numbers? (http://cve.mitre.org/)
This is basically a hack on a sourceforge website that anyone can see is intended as a bad joke. That host could very well be compromised and any "updated" software that has been through zero vetting process is OBVIOUSLY the malware.
Leave a comment:
-
https://twitter.com/amidvidy/status/471759299468083200 :
TrueCrypt signing key was changed 3 hours before latest binaries were released: http://sourceforge.net/p/truecrypt/a...309d5eeee49ebd
Leave a comment:
-
Originally posted by Britoid View PostThis seems very fish.
I'm going to guess it's BS and the page has just been hijacked. The page uses a redirect, rather than actually being on the website, and it has no reasoning.
The binaries posted on the page also possibly contain malware.
their website[s]; http://opencryptoaudit.org/ && http://istruecryptauditedyet.com/
indiegogo campaign; https://www.indiegogo.com/projects/the-truecrypt-audit
Phase one audit report - by iSecPartners; https://opencryptoaudit.org/reports/...Assessment.pdf
I'm going to guess it's not BS, given that it has already been demonstrated that TrueCrypt is not secure.
Leave a comment:
-
Originally posted by HeavensRevenge View PostDo you have any idea how bad this is? This better be false/FUD because this is no laughing matter. Also my subscription to your premium service will also end. If i cannot trust you and you're just gaining bullshit clicks I'll tell everyone to never trust this sites information again.
Leave a comment:
-
Damn
So, if that turns out to be legitimate, what other alternatives do we have on Linux that works in a similar way? I need a tool that creates an encrypted file-based virtual drive as I am using it to encrypt USB thumbdrives that I may access on more than one machine.
Leave a comment:
Leave a comment: