is truecrypt dead?

rysiek rysiek at
Thu May 29 00:10:25 PDT 2014

Dnia środa, 28 maja 2014 22:07:40 Griffin Boyce pisze:
> Andy Isaacson wrote:
> > I'd be surprised if [ecryptfs] doesn't have critical
> > implementation bugs in the parts that aren't broken by design.
> > 
> > Please don't use ecryptfs.  It's not even better than nothing.
>    BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I
> remember correctly, ecryptfs was the default home directory encryption
> option for Ubuntu until recently.
>    Why is it that these things that thousands of people rely on are not
> audited in any real way?

The right question is:
Why do creators of things that are being used by thousands of people use 
solutions that are not audited in any real way?

> I've used truecrypt with reservations and never
> in a serious situation. But lots of people are relying on this to keep
> their data safe while crossing borders, documenting human rights abuses,
> etc.  A company like Canonical should insist on audits before making
> *anything* the default encryption scheme.
>    These things tend to start as small projects and come to be ubiquitous
> without most users caring about audits (or being open-source).  We need
> to have higher standards.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the cypherpunks mailing list