is truecrypt dead?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu May 29 03:24:57 PDT 2014


Griffin Boyce <griffin at cryptolab.net> writes:

>Why is it that these things that thousands of people rely on are not audited
>in any real way?

It's open-source, so there's the presumption of audit, "I couldn't be bothered
looking at it, but since it's open source someone else must have".  The odd
thing is that it's some of the commercial vendors, who are doing it for money
and can pay to have the code checked, for which you have at least some
presumption of audit, but since they're closed-source you're not allowed to
trust them.

Peter.



More information about the cypherpunks mailing list