> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] > On Behalf Of Stefan > > http://truecrypt.ch/
Thanks for that. Since you posted it, I checked... I have a binary that I downloaded and archived in early 2012. It's signed with a cert that expires in late 2012. So I assumed there must be a later version of the binary... Until now. The crippled version 7.2 is signed with a cert that appears to be legit, from late 2012. At a company where I work, I also downloaded and archived the windows binary in Dec 2013. And guess what? It's the same exact file that I downloaded in early 2012. And both of these are the same exact file that's currently distributed on the aforementioned truecrypt.ch. So it appears, that they continued distributing the installer, for years after their code signing cert expired, despite the fact that they had obtained an updated cert. This lends credibility to the theory that they just didn't want to maintain anymore. I also downloaded the source on 3/6/2012. It's just been sitting there - I didn't realize until the beginning of this email, that there had been no code changes in the last couple of years, and I assumed until this minute, that my archived source code was probably extremely stale. But now I realize, it's probably the latest greatest version. I don't expect anything will happen to me, but just in case, I encourage you all to grab a copy: https://dl.dropboxusercontent.com/u/543241/TrueCrypt%207.1a%20Source.zip MD5 (TrueCrypt 7.1a Source.zip) = 3ca3617ab193af91e25685015dc5e560 SHA1 (TrueCrypt 7.1a Source.zip ) = 4baa4660bf9369d6eeaeb63426768b74f77afdf2 I have been searching for people on the net that have the source, and so far, haven't been satisfied. There is a project called fauxfaux, but when I diff their code against my archived zip, it has some differences. They may be fine, I haven't really dug into it much, but the existence of differences was enough for me to say, I'm not yet satisfied. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
