is truecrypt dead?

Griffin Boyce griffin at
Wed May 28 19:07:40 PDT 2014

Andy Isaacson wrote:
> I'd be surprised if [ecryptfs] doesn't have critical
> implementation bugs in the parts that aren't broken by design.
> Please don't use ecryptfs.  It's not even better than nothing.

   BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I 
remember correctly, ecryptfs was the default home directory encryption 
option for Ubuntu until recently.

   Why is it that these things that thousands of people rely on are not 
audited in any real way? I've used truecrypt with reservations and never 
in a serious situation. But lots of people are relying on this to keep 
their data safe while crossing borders, documenting human rights abuses, 
etc.  A company like Canonical should insist on audits before making 
*anything* the default encryption scheme.

   These things tend to start as small projects and come to be ubiquitous 
without most users caring about audits (or being open-source).  We need 
to have higher standards.


* It's a joke because I use Debian... now......

More information about the cypherpunks mailing list