ExtraTorrent.cc - The Largest Bittorent SystemLogin   |   Register
Latest Articles
Most searched
Hot torrents
First Cams
View Torrent Info: Max Steel 2016 HC HDCAM UnKnOwN
View Torrent Info: Allied 2016 HDCAM x264 AC3 HQMic-CPG
View Torrent Info: Underworld Blood Wars 2016 HDCAM NAKRO
View Torrent Info: Moana 2016 HD-TS XviD AC3-CPG
Hot torrents
XVID DIVX
View Torrent Info: The Fight Within.2016.HDRip.XviD.AC3-EVO
View Torrent Info: Spectral.2016.HDRip.XviD.AC3-EVO
View Torrent Info: The.Disappointments.Room.2016.DVDRip.XviD.AC3-EVO
View Torrent Info: All.We.Had.2016.HDRip.XviD.AC3-EVO
Hot torrents
H264 X264
View Torrent Info: Air.America.1990.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Southside.With.You.2016.1080p.BluRay.x264.AAC-ETRG
View Torrent Info: Spectral.2016.720p.WEBRip.x264.AAC-ETRG
View Torrent Info: Finding.Dory.2016.BluRay.720p.DTS.AC3.x264-ETRG
Hot torrents
Television
View Torrent Info: The.Exorcist.S01E09.WEB-DL.x264-FUM[ettv]
View Torrent Info: Van.Helsing.S01E13.WEB-DL.x264-FUM[ettv]
View Torrent Info: The.Vampire.Diaries.S08E07.HDTV.x264-LOL[ettv]
View Torrent Info: Gold.Rush.S07E09.Record.Gold.PROPER.HDTV.x264-W4F[ettv]
View Torrent Info: Pink (2016) HQ 1080p Blu-Ray x264 DTSHD-MA 5.1 ESub -DDR
View Torrent Info: BEFIKRE (2016) ~2CD Desi PDvD Rip x264 AAC 2.0 (De-Flickered) -DDR
View Torrent Info: Bidyesh - The Envy (2016) x264 DvDRip AC3 5.1 ESub -DDR
View Torrent Info: Housefull 3 (2016) HQ 1080p Blu-Ray x264 DTSHD-MA 7.1 MSubs -DDR
30s
Chat
To add new messages please Login or Register for FREE
Warning! Stop Government from Tracking Your Torrenting!
Your IP Address is 54.159.239.251.   Location is United States
Your Internet Provider and Government can track your internet activity! Hide your IP and LOCATION with a VPN
ExtraTorrent strongly recommends using Trust.Zone VPN to anonymize your torrenting. It's FREE!

ExtraTorrent.cc > Articles > TrueCrypt shutdown: Little warning, explanation given by developers

TrueCrypt shutdown: Little warning, explanation given by developers

TrueCrypt shutdown: Little warning, explanation given by developers

Added: Monday, June 2nd, 2014
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2013, www.extratorrent.cc
Plenty of unanswered questions remain following the unexpected closure of TrueCrypt, leaving the security community to wonder why the venerable open source full-disk encryption software project shut down with little warning or explanation.

A message appeared on the front page of TrueCrypt's website Wednesday providing a terse explanation of the shutdown, though the message itself offered contradictory reasons, referencing both inherent security problems as well as issues related to the recent Windows XP end-of-life:

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms.

The message goes on to explain how TrueCrypt users can transition away from the open source utility to Microsoft's proprietary encryption offering BitLocker, an encryption tool built into recent Windows releases.

Rumors immediately circulated on Twitter and other online forums that the TrueCrypt site had been hacked and the message was a hoax. However, none of the developers behind the TrueCrypt project have yet to disavow the message nearly two days after it first appeared, leaving little question as to whether the shutdown is legitimate.

No details were provided as to why TrueCrypt's encryption software is no longer secure, leaving some to speculate that the open source project suffered a similar fate as email encryption service Lavabit. That service closed down last year reportedly to avoid providing the U.S. government access to its clients' data, the most prominent of which was former NSA contractor turned whistle-blower Edward Snowden.

The TrueCrypt shutdown comes as Matthew Green, a noted cryptography researcher and professor at John Hopkins University, had successfully crowdfunded a professional security audit of TrueCrypt's code. The first leg of the audit -- a code review of TrueCrypt's bootloader -- was completed earlier this year by iSEC Partners.

In an October 2013 blog post, Green said the audit was necessary as it's impossible for encryption software users to know whether they can trust code after Snowden's leaks showed the NSA was actively tampering with encryption standards.

Green's suspicions of TrueCrypt's code were also heightened by the fact that TrueCrypt's developers have remained anonymous, and that the code does what he termed "damned funny things that should make any [correctly] paranoid person think twice.

"The biggest one is that nobody knows who wrote it. This skeeves me out. As Dan Kaminsky puts it, 'Authorship is a better predictor of quality than openness.' I would feel better if I knew who the TrueCrypt authors were," Green said. "Now please don't take this the wrong way: Anonymity is not a crime. It's possible the Truecrypt developers are magical security elves who are simply trying to protect their vital essence. More prosaically, perhaps they live in a country where privacy advocates aren't as revered as they are in the U.S. (I kid.)"

Speaking with veteran security journalist Brian Krebs this week, Green said he believes the TrueCrypt shutdown is real, and he hopes volunteer programmers will continue the encryption project's development.

Regardless of whether that happens, Green indicated he plans to complete the TrueCrypt audit as promised, though he said the decision by the developers to shutter the project with no advanced warning will again raise concerns about whether the code can be trusted.

There are a lot of things they could have done to make it easier for people to take over this code, including fixing the licensing situation. But maybe what they did today makes that impossible," said Green in an interview with Krebs. "They set the whole thing on fire, and now maybe nobody is going to trust it because they'll think there's some big evil vulnerability in the code.

"Today's events notwithstanding, I was starting to have warm and fuzzy feelings about the code, thinking [the developers] were just nice guys who didn't want their names out there," Green continued. "But now this decision makes me feel like they're kind of unreliable. Also, I'm a little worried that the fact that we were doing an audit of the crypto might have made them decide to call it quits."

While enterprises requiring encryption software typically implement products other than TrueCrypt that offer a broader set of features and management capabilities, TrueCrypt is a popular tool in pockets of the information security, business and intelligence communities. Initially released in 2004, the tool gained notoriety recently when it was reported that reporter Glenn Greenwald had used TrueCrypt to safeguard data reportedly provided to him by Snowden.

Brendan Rizzo, technical director for Cupertino, California-based security vendor Voltage Security, said TrueCrypt has long been seen as a good open source option for encrypting data, but its abrupt shutdown highlights how using an open source tool on an enterprise-wide basis comes with some risk.

"While some startup companies may choose a more risky approach in order to try and save money, larger companies know that attempting this approach at scale is a fool's errand," Rizzo said, "especially when it comes to something as critical to a business' success as encrypting its most sensitive information."

thanks to Carjacker for article link

Posted by:  SuperAdmin
Date:  Monday, June 2nd, 2014



Comments (5) (please add your comment »)

1
posted by Turtle (2014-06-02 13:38:21)
No avatarBought out, paid off or threatened by Microsoft. Or sneakily developed by the NSA for their own evil purposes.

2
posted by Turtle (2014-06-03 00:17:33)
No avatarI'm sure the devs were helpful little NSA 'elves' that made sure there were back doors. It is suspicious that after ten years they call it quits after a security audit is started and act as though Microsoft's closed source NSA-back-doored encryption in the latest version of their NSA-hacked OS is better than continuing development on this.

3
posted by (2014-06-03 03:05:44)
No avatartruecrypt is still safe
check out the
gibson research corp.
I tried to add their website her but it wont let me.
hxxps://www.grc.com/misc/truecrypt/truecrypt.htm

4
posted by menTurtle (2014-06-03 04:46:13)
ShadowTek avatarI think they simply shut down rather then give the NSA the keys.

5
posted by (2014-06-05 00:15:09)
Solcis avatarThe government tried to force the developers to secretly hand over their signing keys. That way they could backdoor any future releases. They failed and the message on the TC site right now is a "canary". A warning that they've been compromised. Some people call that paranoia, but several people who've worked as developers in the past said that the message conforms to their canary procedure if they were ever compromised. Post-Snowden I don't know how you could ever doubt them. That's the bad news. The good news is that much better whole disk encryption apps are coming out, based on the audited TC source.



Articles Search
Most Popular Stories
Articles Categories
Articles Tags


Home - Browse Torrents - Upload Torrent - Stat - Forum - FAQ - Login
ExtraTorrent.cc is in compliance with copyrights
BitCoin: 12DiyqsWhENahDzdhdYsRrCw8FPQVcCkcm
Can't load ExtraTorrent? Try our official mirrors: etmirror.com - etproxy.com - extratorrentonline.com - extratorrentlive.com
2006-2016 ExtraTorrent.cc3