Posted on Monday, June 02 2014 @ 14:04 CEST by Thomas De Maesschalck
The developers of TrueCrypt updated
the homepage of the open-source encryption project to warn users to no longer use their software due to a series of security vulnerabilities.
A detailed explanation about the cancellation of TrueCrypt isn't provided but the developers recommend switching to Bitlocker.
The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms. You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.
The part that links TrueCrypt's end to the end of Windows XP is a bit confusing but
Legit Reviews believes the real reason for pulling the plug on TrueCrypt may be the crowdfunded security audit that was launched late last year over fears that TrueCrypt may contain NSA backdoors:
The unique effort to crowdsource a security audit of the TrueCrypt open source encryption was launched by two U.S. based researchers in response to concerns that the National Security Agency may have tampered TrueCrypt. According to the anonymous group that developed the software, there have around 30 million downloads of TrueCrypt. If TrueCrypt has a backdoor, it would impact many people around the world. Phase I of the audit was completed last month (read the full report here) and 11 vulnerabilities were found in Truecrypt’s bootloader, all rated Low to Medium severity. Phase II of the audit is currently taking place and is a formal cryptanalysis, as well as examine the OSX and Linux ports.
