is truecrypt dead?

Andy Isaacson adi at hexapodia.org
Wed May 28 18:11:08 PDT 2014


On Wed, May 28, 2014 at 07:45:06PM -0400, Griffin Boyce wrote:
>   Even being embarrassed by whatever bugs the second phase audit
> uncovered wouldn't explain the sudden recommendation. And why not
> ecryptfs or ~literally anything else~ ?

ecryptfs is a complete joke.  It intentionally does not encrypt *ANY*
metadata execpt the filename, leaking modification times, filesizes
(rounded to the block), write patterns, file ownership, permissions,
etc.  Because it's design is such a joke, it hasn't gotten any serious
crypto review, so I'd be surprised if it doesn't have critical
implementation bugs in the parts that aren't broken by design.

Please don't use ecryptfs.  It's not even better than nothing.

-andy



More information about the cypherpunks mailing list