Windows TrueCrypt Fatally Flawed
Brenda Fernández
me at brendafernandez.com
Tue Sep 29 19:29:17 PDT 2015
Windows TrueCrypt Fatally Flawed
Posted on September 30, 2015
<http://qntra.net/2015/09/windows-truecrypt-fatally-flawed/> by Bingo Boingo
<http://qntra.net/author/bingoboingo/>
Continued research after the first TrueCrypt audit yielded inconclusive
results has discovered fatal privilege escalation vulnerabilities allowing
for complete takeover
<http://www.itworld.com/article/2987438/newly-found-truecrypt-flaw-allows-full-system-compromise.html>
(archived <https://archive.is/tJSlv>). So far this is known to affect
TrueCrypt on Windows boxes
<http://qntra.net/2015/08/windows-10-banned-from-numerous-torrent-trackers/>,
but there is still potential for other flaws to be discovered in TrueCrypt
on other platforms. Details of the vulnerabilities are not yet disclosed,
but this supports the possibility that it may not be possible at all to
develop software offering any level of security on the Windows platform.
This entry was posted in News <http://qntra.net/category/news/>, Software
<http://qntra.net/category/software/>. Bookmark the permalink
<http://qntra.net/2015/09/windows-truecrypt-fatally-flawed/>.
One thought on “Windows TrueCrypt Fatally Flawed”
1. Bingo Boingo says:
September 30, 2015 at 12:44 am
<http://qntra.net/2015/09/windows-truecrypt-fatally-flawed/#comment-62417>
Further: The VeraCrypt derivative forked from TrueCrypt though this
particular issue was reportedly patched, likely continues to posses
undiscovered security issues.
--
Brenda Fernández
me at brendafernandez.com
GPG: CE5BEE6C81FCA4D4
<http://pgp.mit.edu/pks/lookup?op=get&search=0xCE5BEE6C81FCA4D4>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2791 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150929/6db19210/attachment-0002.txt>
More information about the cypherpunks
mailing list