Domain: istruecryptauditedyet.com
Stories and comments across the archive that link to istruecryptauditedyet.com.
Comments · 4
-
Re:Why replace it?
We know that the developers were pretty sure that the last [real] version [i.e., 7.1a] of TrueCrypt was still secure.
-
Re:Read between the lines
If he suspects the code has a vulnerabitlity, he doesn't want it copied.
It's funny how open source is always bragged as being the antidote against vulnerabilities and backdoors (as "anyone can verify it"), but here we still are worrying about TrueCrypt code possibly containing something vulnerable.
The difference is that if it is open source you can actually do something about it. If you are using a closed-source solution there is no way to verify if it backdoored or not. With open source there are the same possibilities for backdoors (especially on a product like Truecrypt which has very few core developers) but you have a much better chance of finding the backdoor if you suspect it exists.
-
Re:I'll ask...
It's only a diff of the new fishy 7.2 changes. You can grab the source on the archlinux FTP though.
Presumably the guys in charge of the public crowd-funded audit could also provide a version of the source that would be deemed "trusted" by most people (and those that have already downloaded the source previously can offer confirmation). -
Re:Still working as intended
I wouldn't be claiming this until the audit is completed.
http://istruecryptauditedyet.com/