Friday, May 30, 2014

My take on the Truecrypt situation

I've used Truecrypt a fair amount in the past, but never to encrypt a whole drive. I've used it to store private things in an unmarked file before. I know there is wild speculation about what may have happened and the end of life of Windows XP seems like a convenient excuse. I lean more towards the developer(s) getting tired of it and wanting to move on. After all it's been out for 10 years and they are not getting paid for it.

But there are strange things happening - like the endorsement of bitlocker. Even more strange is the wayback machine people excluding truecrypt.org from their database. Here's what you see:

Sorry.

This URL has been excluded from the Wayback Machine.

Why should Wayback care about a site like truecrypt.org unless someone told them to erase it or are they simply being overloaded with too many queries? Just a thought.

There are calls to fork the development. Legal issues with a fork aside, this effort looks very promising: http://truecrypt.ch/  (It appears that they may be using bootstrap too. Our sites will all be using bootstrap soon.)

I agree with Steve Gibson - continue using it until it's proven to have a severe problem and I guess we will see what happens after the crowd funded code audit is finished. Mr Gibson has kindly posted the 7.1a Windows and Linux installers and source code here:
https://www.grc.com/misc/truecrypt/truecrypt.htm

Open source is going to be scrutinized even more now that this has happened and so soon after the OpenSSL heartbeat thing...

Kirk

NetScanTools Pro v11.61 Released May 9, 2014

This release fixed an urgent algorithm problem in the Whois tool that was introduced in v11.60. And we added 50 new top level domain Whois servers in addition to the 180+ added in v11.60 – the IANA has been busy. This includes servers for new TLDs like ‘.wtf’ and ‘.fail’.

Another minor change is that the DNS entry boxes labeled ‘DNS Server’ now all accept up to 48 entries. Some were only accepting 16 before old entries would age out of the list. As usual, the other databases were all updated.

Users with active maintenance plans can click on Help/Check for New Version for update instructions.