TrueCrypt Audit: No NSA Backdoors
Mark Wilson writes: A security audit of TrueCrypt has determined that the disk encryption software does not contain any backdoors that could be used by the NSA or other surveillance agencies. A report prepared by the NCC Group (PDF) for the Open Crypto Audit Project found that the encryption tool is not vulnerable to being compromised. However, the software was found to contain a few other security vulnerabilities, including one relating to the use of the Windows API to generate random numbers for master encryption key material. Despite this, TrueCrypt was given a relatively clean bill of health with none of the detected vulnerabilities considered severe enough to lead "to a complete bypass of confidentiality in common usage scenarios."
Where's the fun in there not being any nefarious evil backdoors??!?!?
How am I supposed to feed my narcissistic persecution complex that the NSA is focusing billions and billions of dollars of resources just to spy on me and me alone when they can't even put a backdoor in TrueCrypt??!?!?
AntiFA: An abbreviation for Anti First Amendment.
Now we just need an audit of the auditors to make sure they weren't compromised and we can safely use TrueCrypt again.
Is this a deliberate choice of quote,or just randomly apropos?
You can fool all the people all of the time if the advertising is right and the budget is big enough. -- Joseph E. Levine
I am Slashdot. Are you Slashdot as well?