Yes, the fact the latest release was signed with their GPG key is worrying. The problem with TrueCrypt as a development team is that they've well...never really existed or communicated with the public much. So, it's hard to know what is really going on. The fact they suggest using MS Bitlocker makes it appear much like a prank but then again, who knows?
*This message, and any attachments to it, may contain information that is privileged, confidential, copyrighted and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return email and delete the message and any attachments. * On 29 May 2014 13:35, Edward Ned Harvey (lopser) <lop...@nedharvey.com>wrote: > I don't think anybody knows anything factual at this point, so I'm going > to respectfully ask people refrain from speculation (sure, that might > work.) ;-) But just in case you didn't see this, you should. > > > > Truecrypt was mysteriously yanked from the internet yesterday or the day > before. Replaced by a site that seems ridiculous, so you might first > suspect that it's just a prank, but at the bottom, there is a download link > to truecrypt 7.2, which is apparently modified to open truecrypt files > read-only so you can migrate data away from truecrypt, and is signed by the > TrueCrypt Foundation. Signed May 27. > > > > So as arstechnica points out, if some sneaky hacker got access to > truecrypt dns and also the private key, this is a really obtuse and > improbable hoax. Because with the truecrypt dns and private key, you could > do much bigger badder things. > > > > > http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ > > > > So there are lots of possibilities here, including hoax, or nsa coercion > resulting in a lavabit-esque results, or a few other speculative > possibilities... But whatever is going on, I say, WTF. > > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > >
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
