![]() CALEA is for communications tools, TrueCrypt is used for storage at rest. NSLs compel the production of business records, but don’t seem to allow them to force a backdooring. Assuming the adversary in question is the US Government, this seems awfully heavy-handed, and I’m not sure under which legal authority they would attempt to compel this participation. This seems to be the most popular theory, and given the Snowden revelations, it’s easy to see why. The author was forced to backdoor TC and chose this instead.Sourceforge doesn’t think the account was compromised as posted here.This implies whoever did the update is in possession of the key used for signing previous releases. The new version is signed with the same key as previous versions.The directions for alternatives generally point to proprietary options (BitLocker, File Vault, or, to paraphrase, “whatever you can find on Linux.”) The website was updated with terrible instructions.The code was massively changed, stripping out all volume creation options. TrueCrypt 7.2 dropped support for creating volumes.I’m going to drop my thoughts here, but these are all just speculation, so take them for what they’re worth (which is not much). If you’re anywhere near the security community, you’ve probably already heard about the (supposed) end of TrueCrypt that inspired a massive hunt for an explanation on Reddit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |