I don't think anybody knows anything factual at this point, so I'm going to respectfully ask people refrain from speculation (sure, that might work.) ;-) But just in case you didn't see this, you should.
Truecrypt was mysteriously yanked from the internet yesterday or the day before. Replaced by a site that seems ridiculous, so you might first suspect that it's just a prank, but at the bottom, there is a download link to truecrypt 7.2, which is apparently modified to open truecrypt files read-only so you can migrate data away from truecrypt, and is signed by the TrueCrypt Foundation. Signed May 27. So as arstechnica points out, if some sneaky hacker got access to truecrypt dns and also the private key, this is a really obtuse and improbable hoax. Because with the truecrypt dns and private key, you could do much bigger badder things. http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ So there are lots of possibilities here, including hoax, or nsa coercion resulting in a lavabit-esque results, or a few other speculative possibilities... But whatever is going on, I say, WTF.
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
