[liberationtech] Not an Emergency: Has TrueCrypt.org been Hijacked?
Rich Kulawiec
rsk at gsp.org
Thu May 29 02:12:19 PDT 2014
On Wed, May 28, 2014 at 07:42:02PM -0400, Griffin Boyce wrote:
> My suspicion is that either they were hacked (and had their key
> stolen), or that they were ordered to shutdown and recommend
> Microsoft's (presumably backdoored) BitLocker as a replacement.
> BitLocker's enterprise documentation makes me *incredibly*
> suspicious that it is susceptible to monitoring by third-parties.
If it's the latter, and I'll certainly grant that's a possibility,
then it was a short-sighted move on the part of whoever's responsible,
since TrueCrypt's source is available to anyone who wants to restart
the project elsewhere. Someone will, and they'll use the results of
the just-completed code audit to improve it.
(And yes, I presume BitLocker is quite thoroughly backdoored.)
> Pardon my tinfoil hat.
Not a problem: the bar for "tinfoil hat" has been raised considerably
in the last year.
---rsk
More information about the liberationtech
mailing list