-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/29/2014 4:38 PM, Crypto wrote:

On 5/29/2014 4:22 PM, rysiek wrote:

...

Dnia czwartek, 29 maja 2014 21:23:27 NullDev pisze:

...

With exquisite timing, I bought a new external HDD yesterday (28.05.14) and set about encrypting it with TrueCrypt. I installed via the terminal as I'm on Linux, ie:

wget http://www.truecrypt.org/download/truecrypt-7.1a-linux-x64.tar.gz

...

...

I extracted it, and encrypted my drive. The TrueCrypt website was

...

looking it's normal self at that point: I referred to it a few times during the encryption.

However, no sooner had it finished at about 4pm UK time yesterday, I received the first email from someone on the list about Truecrypt pulling the plug. Their site had been changed to the one we see today, recommending we switch to an alternative like, ahem, something as fabulously secure as Bitlocker.

Ironic timing, huh? So, I have what was possibly the last download of a version 7.1a tarball before everything went titsup, and if you read what The Register said about Truecrypt's V.7.2 being corrupted/infected/backdoored here:

http://www.theregister.co.uk/2014/05/28/truecrypt_hack/

Then theoretically I have something to wonder about. However, it would appear that the date, checksum and verification are ok on what I downloaded. It *seems* clean.

It would be interesting to see if it's in anyone's scope to compare the source code with other versions of 7.1a for Linux: it's beyond mine, apologies. If anyone wants me to send them the tarball I'll be happy to oblige.

Let me know if I can be of assistance.

...

Upload it on Github somewhere, and let's use this tool to compare different 7.1a versions publicly? If we trust GitHub, that is. ;)

I have some older Windows binaries that I'll upload to Mediahub and publish the URLs.

Hmm. Looking through my recent backups the only copy of Truecrypt I have at the moment is: http://www.mediafire.com/download/a88i4622qh6v7ku/TrueCrypt_Setup_7.1a.exe Anyone that wants it is welcome to it. - -- Crypto -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTh6s6AAoJEDhzgt+U8WIyoyIQAMchWBEwb+dSPx6sKLskCWDk QnYfaLYk0A2y/SruT0m1+6gwRYNA5GFxPz1dHypxlt17hFHKPSbXAnwFzIoYwZYx SipFjWiAFkPRdHur8G6rDt7v3Be6nWo88DOWovFjAqI/KWC0buiBf7bmJbvUho9v cc8vmno0qVxqU3wxSk+OjDrKtZJfNb0xgHibkmj1DP8IbQYZciNRORBtZcac2ssi V4BosymZ8tyX5VV72k4LL4wXQIaon5aQs42G3+20uqzHBUBBphqWCvQQKf2GQTrV swAFM/VtUiLo3XciOEKBOhFHJxm+FaJYDfxVoltgYegKGLstqFA+7Uh+MmwVL2Tz rbWIvN3RIyF6BGx9sPD57losHhuH6CvlbU+F1Ls7r6Jp8O98myi5IZwMdhzc04eR CHdUFaBcUptuxIK6AbcD9Isa4ilOineSCaJo5IgGlR8/ByGcnaxEY/LKsdyeL8Uf 5cx7atzv8Y4ILZVSheQv+EwroRtOGXyZKTLtIKQ7Zq+6sCsRVwKaHbbMa5zCuJUX koEbD8Hce5PFM/9j8uE5CzFwhgdrWSksgCmLbLbSbYGFSgRNb25emlvOPScvooeg ms67lNnIU5f2pbAjBNMlp5HkANEPh2cggy8bUSRt6kp2rHR72v9hfdhnOuLMXVip lZN27UvoNZ02TixIs9EG =nzKi -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/30/2014 5:30 AM, 42 wrote:

On Thu, 29 May 2014 21:23:27 +0100 NullDev wrote:

...

It would be interesting to see if it's in anyone's scope to compare the source code with other versions of 7.1a for Linux: it's beyond mine, apologies. If anyone wants me to send them the tarball I'll be happy to oblige.

I have downloaded all the 7.1a TrueCrypt versions long before that shutdown, and made them available here: https://enigmabox.net/truecrypt/

According to http://truecryptcheck.wordpress.com/, my versions seem sane.

I've also found a repository of TrueCrypt versions. It seems to be fairly complete. I've put it up for download. Please feel free to share. http://www.mediafire.com/download/aw640r58904ohb3/truecrypt-archive-master.z... - -- Crypto -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTiGEDAAoJEDhzgt+U8WIyGvEP/imCvvdgq9nh12EJ22XY8Hef U80Cdo0TZyyheHEQgjr2hQ2ouJGiJQzN66LeJ4L+I+gUpCmwaQohWDN2/XFBFB50 K1Ab7GGnNrjpjJudhfis/ACaxli03SrnyHFDEly+pdxkoJFijU2vwkWykh7oimMm AjtBlJL0fWs9KLmOeHP4JaH1t0X8w4cRionEK/OJtD3mm/lIr34bVhqtYxpo2JSh MTxBXCi/6U7LPf4M4FJ530OOtuFOFO/gZOrbqg/zvDEZ8vVhtECer8o2PgsFb2ob lOHHJS+UYCX6rhkvuYeoe1CSI49OM0CpZZ+JM538yifQK3e7bGU21hKJo+JLiZlr ZqlHy62kxM6Tef1RMHcT2tv2zHjAmB3OIUdDqXoPWQinhvsblnJslxP/O/A+xAlS H7q6Qs70oNWtkahb3yJCNJwC0GyY988F4BkMcCk8rGhYPW1nunKQJeH46E6Aw8Im Pz8q2iwtQcOxc9u3KI4Ji7nY/nngt1JGxlp68j+xCuWCNZQsClK41mW71M86w8KF DqdbnG4Uttw0wDb4TIO88SSgKQfspJ9O4wEntC08bJdo7bTDfHsjekNgNEPBTHH9 D6DmMwMpIcsODRbqDDDo2gsPDgzjmP7/zUtMI4cYpNHQNanorqXvTkf2WDiZMb6I IdBwsTyxvOfIWCaJPg6H =EeiR -----END PGP SIGNATURE-----