Full Disclosure mailing list archives
Re: TrueCrypt?
From: Dave Warren <davew () hireahit com>
Date: Wed, 04 Jun 2014 15:05:17 -0700
On 2014-06-03 04:09, Dave Howe wrote:
The issue we have with the current TC builds is that they are not reproducible. The source code is available online, and is in the process of being audited, but there is no guarantee the installer almost all the users have installed TC with contained code actually built from that source.
https://madiba.encs.concordia.ca/~x_decarn/truecrypt-binaries-analysis/ claims to have managed to build a reasonably identical build (such that the remaining differences can be identified and explained as build date/time stamps). The site includes instructions to reproduce the work.
I haven't tried it personally, but it might be an interesting exercise to see if anyone else can independently reproduce the binaries.
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: TrueCrypt? Dave Howe (Jun 03)
- Re: TrueCrypt? Dave Warren (Jun 04)
- Re: TrueCrypt? surivaton surivaton (Jun 08)
- Re: TrueCrypt? Dave Warren (Jun 08)
- Re: TrueCrypt? surivaton surivaton (Jun 08)
- Re: TrueCrypt? Dave Warren (Jun 04)