> From: band...@gmail.com [mailto:band...@gmail.com] On Behalf Of > Matt Simmons > > Even more worrying, The Reg has confirmed that a binary TrueCrypt 7.2 > installer for Windows, downloaded from the TrueCrypt SourceForge site, > contained the same text found on the rewritten homepage – confirming the > download has also been fiddled with amid today's website switcheroo.
I checked the signature on the exe that is downloadable today, and compared with 7.1a installer I had laying around from 2012. It just so happens that the signing cert in 2012 expired in 2012, so it's *not* the same cert. But all the properties look the same - the subject name and issuer remain unchanged. Signed by GlobalSign, which I haven't heard of having any kind of breaches. The old cert is 2048 bits and the new cert is 4096. Both of which are strong enough to reasonably be expected to withstand any brute force efforts. So it seems highly likely, that their private key has been compromised, or that one of their people actually authorized to use the private key did this. And if their private key was compromised, this is a really weird way for "bad guys" to choose to use it. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
