This page permanently redirects to gemini://gemini.techrights.org/2013/10/18/truecrypt/.
Posted in Free/Libre Software, Security at 8:37 am by Dr. Roy Schestowitz
Summary: Why nobody should trust Truecrypt (or any other piece of proprietary software for that matter), even if it claims to have been “audited”
THE other day we alluded to Truecrypt in this post, not quite mentioning the holes in the argument that Truecrypt can be “audited” [1-3]. Unless everyone can view the code and compile it independently (or rely on others to do so independently), we must assume that Truecrypt is not secure and that it might contain back doors (either unidentified or deliberately planted). This whole Internet ‘debate’ about Truecrypt “audit” should remind us that Free software is vital for dodging surveillance.
=> this post
The NSA has used corporations to facilitate snooping and it may not be alone [4]. This is happening at many levels [5-7] based on new leaks and revelations, so rather than look for evidence of insecurity (e.g. back door) we should pursue real assurance of security. You know what the spies like to tell us: if you have nothing to fear, you have nothing to hide, right? So come on, Truecrypt, share your source code. What have you got to hide? █
Related/contextual items from the news:
Should Truecrypt be audited?Truecrypt is a cross-platform, free disk encryption software for Windows and Unix-like operating systems. It is generally considered a good disk encryption software, and not too long ago, I wrote a tutorial that showed how to encrypt the Windows installation of a Windows-Linux dual-boot setup (see Dual-boot Fedora 18 and Windows 7, with full disk encryption configured on both OSs). New effort to fully audit TrueCrypt raises $16,000+ in a few short weeksCan you trust ‘NSA-proof’ TrueCrypt? Cough up some dough and find outThe source code for the Windows, Linux and Mac OS X utility is publicly available for people to inspect and verify, but this has not been enough to convince every cryptography guru that it’s entirely secure.After Snowden’s leaks, China’s Huawei calls for more transparency in the tech industryWith all of the recent revelations about the US National Security Agency’s surveillance programs, it must be hard for the Chinese telecom equipment manufacturer Huawei not to gloat a little bit.After all, the leaks from former contractor Edward Snowden showed that the NSA enlisted US technology companies to enable its snooping on global telecommunications networks—which is exactly what US intelligence officials have accused Huawei of doing on behalf of the Chinese government. Europe Moves to Shield Citizens’ DataLawmakers here have introduced a measure in the European Parliament that could require American companies like Google and Yahoo to seek clearance from European officials before complying with United States warrants seeking private data. Dutch Telcos Used Customer Metadata, Retained To Fight Terrorism, For Everyday Marketing PurposesOne of the ironies of European outrage over the global surveillance conducted by the NSA and GCHQ is that in the EU, communications metadata must be kept by law anyway, although not many people there realize it. NSA Harvesting Contact ListsA new Snowden document shows that the NSA is harvesting contact lists — e-mail address books, IM buddy lists, etc. — from Google, Yahoo, Microsoft, Facebook, and others.
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
Permalink Send this to a friend
=> Permalink | ↺ Send this to a friend
=> Techrights
➮ Sharing is caring. Content is available under CC-BY-SA.
text/gemini;lang=en-GBThis content has been proxied by September (ba2dc).