True Crypt is Not Secure
Markus Ottela
oottela at cs.helsinki.fi
Fri Jul 24 08:17:31 PDT 2015
What the warning by developers means is, in the event a vulnerability
would be found in Truecrypt, no one would be there to fix it.
Except for the entire open source community who would publish dozens of
articles
"here's how to fix the vulnerability in source code before recompiling
it" accompanied with
warnings "doing this breaks the truecrypt licence". This is true, and
you might be in trouble
in case the anonymous developers want to stop being anonymous and
prosecute you across
different jurisdictions. So, unlikely. Also read these:
http://istruecryptauditedyet.com/
http://blog.cryptographyengineering.com/2015/04/truecrypt-report.html
https://www.grc.com/misc/truecrypt/truecrypt.htm
I heard TC uses insufficiently low iteration count for PBKDF2? -- this
doesn't change the fact
a high entropy passphrase (>128bits) remains unbreakable in feasible time.
On 24.07.2015 17:46, Yush Bhardwaj wrote:
> BitLocker is better or I should try something else ?
>
> WARNING: Using TrueCrypt is not secure
>
>
> http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/
>
> http://truecrypt.sourceforge.net/
> /*
> */
> /*
> */
> /*
> */
> /*
> */
> /*
> */
> /*
> */
> /*Yush Bhardwaj*/
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3430 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20150724/23877d59/attachment-0002.txt>
More information about the cypherpunks
mailing list