Truecrypt tinfoil hat testing
NullDev
nulldev at hush.com
Thu May 29 13:23:27 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
With exquisite timing, I bought a new external HDD yesterday
(28.05.14) and set about encrypting it with TrueCrypt. I installed via
the terminal as I'm on Linux, ie:
wget http://www.truecrypt.org/download/truecrypt-7.1a-linux-x64.tar.gz
I extracted it, and encrypted my drive. The TrueCrypt website was
looking it's normal self at that point: I referred to it a few times
during the encryption.
However, no sooner had it finished at about 4pm UK time yesterday, I
received the first email from someone on the list about Truecrypt
pulling the plug. Their site had been changed to the one we see today,
recommending we switch to an alternative like, ahem, something as
fabulously secure as Bitlocker.
Ironic timing, huh? So, I have what was possibly the last download of
a version 7.1a tarball before everything went titsup, and if you read
what The Register said about Truecrypt's V.7.2 being
corrupted/infected/backdoored here:
http://www.theregister.co.uk/2014/05/28/truecrypt_hack/
Then theoretically I have something to wonder about. However, it would
appear that the date, checksum and verification are ok on what I
downloaded. It *seems* clean.
It would be interesting to see if it's in anyone's scope to compare
the source code with other versions of 7.1a for Linux: it's beyond
mine, apologies. If anyone wants me to send them the tarball I'll be
happy to oblige.
Let me know if I can be of assistance.
Best, NullDev
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTh5c/AAoJELavgB137JPDHEsIAI2Dt4qVnWZb4FUxUOZBN4cs
WfXXofFRodZ0e1yK/IxmrwShp/d9eNJdBx/aGuERoAQ1jlLjRNsyfmzpF7zJMYsb
PD/uS2ZiXXP8UjbWNAEBOhrBV1dPGSj86twpsVXMFuBrzbKZHMmWKHxp9cNpwMLQ
WbPIqVaDGVb4V5d/yyFPk9/uELReIQKobML6hzGgxlWRc5XH/9403YcSc0iMe0bp
oSpOd69hRddvLssX76TUxbyS1k+hc2+zXxsaxqd8lS3J7F6YRzZHTRD/BEqTva8Y
OseOVwYGBX+kEUeXEh13yzsHao9RR6DFEhZL7yVAJb88GQvMgT6f+4IO6TJcJ8A=
=P4+W
-----END PGP SIGNATURE-----
More information about the cypherpunks
mailing list