![]() Forking the project has been seen as a problem by many because of the implications of its non-standard licence. ![]() The VeraCrypt interface is essentially the same as TrueCrypt’s, and the application even retains the TrueCrypt licence in the source code listings at SourceForge and at installation. There is a slight disadvantage in that VeraCrypt volumes are not compatible with TrueCrypt volumes, because of the changes in the encryption implementation, but presumably the implementation will now remain fixed for the foreseeable future. VeraCrypt is claimed to be an enhanced version of TrueCrypt, with further development planned. It has now become VeraCrypt, available here on SourceForge, and also as a free download from Idrix, which is presumably Idrassi’s company. Intriguingly, the TrueCrypt project appears to have been forked in June 2013 by a French developer, Mounir Idrassi, who has obtained the full TrueCrypt source code, going by his changelog. The most recent version, 7.2, currently available at the TrueCrypt site, will only decrypt volumes, pending their transference to another product or system – for full-disk encryption, the developers are recommending BitLocker, unfortunately only available on high-end versions of Windows (Windows 7 Ultimate and Enterprise, Windows 8.1 Pro and Enterprise).Īt the moment, the TrueCrypt site redirects to its SourceForge project page, with the heading: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”. That outcome would mean that the last-released full version, 7.1a, could be regarded as safe and fit for purpose. If all goes well the report will reassure the software community that the application can be trusted. The Open Crypto Audit Project has stated: “ We are continuing forward with formal cryptanalysis of TrueCrypt 7.1 as committed, and hope to deliver a final audit report in a few months“. ![]() The audit has been funded by Indiegogo and FundFill campaigns which in the case of Indiegogo has raised over double the target amount, $46,420 of the $25,000 goal, showing the keen interest in the user and business community in establishing TrueCrypt’s status. This is no more than is to be expected from non-commercial volunteer developers. The closure of the project was all the more unexpected because an initial audit of the code has recently been completed (“ iSEC Completes TrueCrypt Audit“) culminating in a report ( iSec TrueCrypt Audit Report) which gave it a clean bill of health in most of the major areas in which it was examined – no backdoors, no dodgy code, just a few minor weaknesses and a certain untidiness about the code organisation, readability, and version control. There has been much wild speculation recently about the sudden and apparently suspicious demise of TrueCrypt, including some interesting conspiracy theories. Not only should it keep its status as the top encryption software for the general user, if not for business purposes, but in spite of the fact that the developers have apparently shut down the project, it continues – same code, different name. Good news – there’s probably no need to stop using TrueCrypt.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |