You can only decrypt data and no longer encrypt it (reinforced by a myriad of warning messages when you actually run the software). What's more, the installer on the website now offered for download has undergone some very significant changes. A quick review of the code shows it is littered with changes and comments such as the rather alarming “INSECURE_APP”. The source code and binaries (installers) for TrueCrypt on the site have been heavily modified. The announcement advocates users migrate from TrueCrypt to Microsoft BitLocker, but this change is far more than a recommendation and warning page. That said, caution is strongly advised as you will see below. Tempting though it is to think of this as a fake, there is far more evidence to support the fact that this is a genuine (albeit oddly styled) announcement and that the widely used open source encryption solution is no more. As you can see below the page looks somewhat basic and the announcement is widely regarded as rather abrupt (even to some of those involved in the project). There has been no announcement to suggest SourceForge was hacked and they have clearly stated it is to enhance their security procedures for storing passwords, perhaps learning from the mistakes of eBay. On first inspection I was convinced this must be some kind of hoax, hijack or perhaps a hack given Sourceforge last week forced users through a password change process. Such integrated support is also available on other platforms… You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform” Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues… The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. If you have not come across TrueCrypt and why it has become so popular see the below section ‘why do people use TrueCrypt’. Over the past 24 hours the website for TrueCrypt (a very widely used encryption solution) was updated with a rather unusually styled message stating that TrueCrypt is “considered harmful” and should not be used. Or as some in the industry would put it, or is it? Establishing trust in crypto (and thus in technology as a whole), now more than ever with the revelations of the past 18 months, is difficult and the following news therefore potentially comes as a significant blow to online privacy and security. From protecting your sensitive details when you log on to Internet banking to protecting data on your laptop or mobile phone if it is lost or stolen, ‘crypto’ (the oft used shortened version of cryptography which includes the wonderful art and science of encrypting information) is a supporting pillar of the global economy and most of the digital world we all touch day to day. Encryption is a silent, unsung hero of our modern connected society.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |