Truecrypt development halted

Computer Help and Discussions Windows Security
1

http://truecrypt.sourceforge.net/

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

This page exists only to help migrate existing data encrypted by TrueCrypt.

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.

2

Dang you beat me to it, I was just about to post

http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/

3

May not be true.

Somethings are pointing to a sophisticated hack.

This story needs updating as things develop and more facts become available.

4

I'll keep my eyes open for updates

5

No idea if it has anything to do with it, this was on the 22nd

http://sourceforge.net/blog/forced-password-change/

6
No idea if it has anything to do with it, this was on the 22nd http://sourceforge.net/blog/forced-password-change/
nope, in my link sf confirmed that the password change was routine infrastructure changeEdit: I'm wrong. a commenter copy pasted from hacker news

Reposting this from Hacker News, not sure if legit:"Providing some details from SourceForge:1. We have had no contact with the TrueCrypt project team (and thus no complaints).2. We see no indicator of account compromise; current usage is consistent with past usage.3. Our recent SourceForge forced password change was triggered by infrastructure improvements not a compromise. FMI see http://sourceforge.net/blog/forced-password-change/Thank you,The SourceForge Team communityteam@sourceforge.net"
7

Some highly speculative comments are saying it is a hidden warning that NSA is involved...

''WARNING: Using TrueCrypt is Not Secure As it may contain unfixed security issues''

Sort of a Lavabit revisted thingy.

All speculation at this point of course.

8

Interesting theory, should be neat to see how this all plays out

9

Krebs on security take on the matter (with comments underneath)

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/

10

That was the same conclusion reached by Matthew Green, a cryptographer and research professor at the Johns Hopkins University Information Security Institute and a longtime skeptic of TrueCrypt — which has been developed for the past 10 years by a team of anonymous coders who appear to have worked diligently to keep their identities hidden.

So I suppose even if it were compromised, they'd have a tough time getting that fact out there since they have no public personas, huh..

11

Things seem to be moving on

https://www.grc.com/misc/truecrypt/truecrypt.htm

12

Thanks winapp. Because of your post I read a lot about Truecrypt.

What Mr. Gibson said might be true, but that abrupt act raises lots of questions.

I sure would like to know what happened.