[kwlug-disc] Truecrypt

Bob Jonkman bjonkman at sobac.com
Fri May 30 13:49:59 EDT 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Unsolicited wrote:
> So how could Microsoft's end of support for XP have anything to do
>  with an encrypted file format?

The message on the TrueCrypt site doesn't imply correlation, never mind
causation: "The development of TrueCrypt was ended in 5/2014 after
Microsoft terminated support of Windows XP."  This is true, as is "Bob
replied to unsolicted after eating breakfast".

The latest news is provided by
https://twitter.com/stevebarnhart/status/472200478345150464

> Shocked, but received 2 replies from an e-mail previously used by a
>  "David". "There is no longer interest" [...]  He said Bitlocker is
>  "good enough" and Windows was original "goal of the project". No 
> mention of audit in reply.

David on relicensing and forking the source:

> diplomatic orig reply. "personally" feels that fork is harmful.
> "The source is still available as a reference though"

And putting to rest that the impending audit scared off the developers:

> "I were happy with the audit, it didn't spark anything. We worked 
> hard on this for 10 years, nothing lasts forever."


"David" is likely David Tesarik from the Czech Republic. As a
non-native English speaker, it would account for some of the odd
phrasing in the announcement.

(from
https://translate.google.com/translate?hl=en&sl=ru&tl=en&u=http%3A%2F%2Fnews.softodrom.ru%2Fap%2Fb19702.shtml
)

I can understand that he lost interest.  A third-party audit of his
software raised some $70,000 in funds, probably several orders of
magnitude more than any donations made for TrueCrypt itself. I can't
imagine something more depressing.


And for anyone contemplating BitLocker as an alternative: You'll lock
yourself into a closed system that's likely already compromised (with
no chance of a code review or security audit) that only runs on one
proprietary OS. Consider if this is really beneficial for your
clients, or merely easier for the SysAdmins.

- --Bob.


On 14-05-30 01:27 PM, unsolicited wrote:
> I think the first one covers it:
> 
> Red Flag! Run away!!! "It's only a bunny." "But that rodent has a 
> mean streak a mile wide! Look at all the bones" "You're a looney."
> 
> So how could Microsoft's end of support for XP have anything to do
>  with an encrypted file format? Only if that file format was
> actually a catepillar pretending to be a snake on a iPhone held
> hostage in Oz. I swear, the world just keeps getting stranger each
> and every day. And I am more and more smug that I only use Linux,
> Free Software encryption the only t
> oahtthalhglkhfk;ngkm,njhovahv,anv,!!
> 
> On 14-05-29 10:20 AM, Khalid Baheyeldin wrote:
>> Many theories floating around ...
>> 
>> With secret court orders no one can be sure of anything ...
>> 
>> But there are other possibilities.
>> 
>> See the comments here (change to threshold 3 or 4 to limit to the
>>  highest rated ones)
>> 
>> http://soylentnews.org/article.pl?sid=14/05/29/0243223
>> 
>> 
>> On Thu, May 29, 2014 at 10:16 AM, Chris Irwin
>> <chris at chrisirwin.ca <mailto:chris at chrisirwin.ca>> wrote:
>> 
>> I wanted to see what everybody's thoughts are about the truecrypt
>>  "annoucement" yesterday.
>> 
>> Quoted from their website:
>> 
>>> WARNING: Using TrueCrypt is not secure as it may contain
>>> unfixed
>> security issues
>>> 
>>> This page exists only to help migrate existing data encrypted
>>> by
>> TrueCrypt.
>>> 
>>> The development of TrueCrypt was ended in 5/2014 after
>>> Microsoft
>> terminated support of Windows XP. Windows 8/7/Vista and later 
>> offer integrated support for encrypted disks and virtual disk 
>> images. Such integrated support is also available on other 
>> platforms (click here for more information). You should migrate
>> any data encrypted by TrueCrypt to encrypted disks or virtual
>> disk images supported on your platform.
>> 
>> There is discussion on slashdot, hacker news, and many other 
>> sites. So far, there is no consensus on what is going on? 
>> Half-hearted compliance with a US NSL? Dead-man switch
>> prematurely activating?
>> 
>> Does anybody else have thoughts or insights?
>> 
>> I'm a dmcrypt user personally, but I know several folks on the 
>> list use truecrypt.
>> 
>> -- Chris Irwin <chris at chrisirwin.ca
>> <mailto:chris at chrisirwin.ca>>
>> 
>> _______________________________________________ kwlug-disc
>> mailing list kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org> 
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>> 
>> 
>> 
>> 
>> -- Khalid M. Baheyeldin 2bits.com <http://2bits.com>, Inc. Fast 
>> Reliable Drupal Drupal optimization, development, customization
>> and consulting. Simplicity is prerequisite for reliability. --
>> Edsger W.Dijkstra Simplicity is the ultimate sophistication. --
>> Leonardo da Vinci For every complex problem, there is an answer
>> that is clear, simple, and wrong." -- H.L. Mencken
>> 
>> 
>> _______________________________________________ kwlug-disc
>> mailing list kwlug-disc at kwlug.org 
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>> 
> 
> 
> _______________________________________________ kwlug-disc mailing
>  list kwlug-disc at kwlug.org 
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability

iEYEARECAAYFAlOIxL4ACgkQuRKJsNLM5ermAgCfZV0PvMby1Cj3d5QbpRc6fwwO
9p0An3X1YLkq2BABCIkczfyDVUNNXLTm
=jmLv
-----END PGP SIGNATURE-----

More information about the kwlug-disc mailing list