On Fri, Feb 20, 2015 at 7:00 AM, Doug Barton <dougb@dougbarton.email> wrote: > On 2/19/15 12:16 AM, Pete Stephenson wrote: > >> Considering the way it was abandoned by its developers, TrueCrypt is >> probably not the best choice going forward. > > We don't know the whole story about what happened there, so I would be > hesitant to attribute malice. For some of us who need to have the same data > accessible on multiple platforms there is not a better option.
No malice implied. My apologies if I was unclear. I just feel that using publicly-abandoned security software, particularly when it hadn't been updated in the two years leading up to its abandonment and used old, crufty build dependencies[1] that hadn't been updated in decades, is probably unwise if one desires a high degree of security. Don't get me wrong: I really like TrueCrypt and think it was a great cross-platform disk encryption program that was remarkably easy to use, but using it as a part of new projects probably isn't a good idea. Cheers! -Pete [1] https://madiba.encs.concordia.ca/~x_decarn/truecrypt-binaries-analysis/ -- Pete Stephenson _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
