Full Disclosure mailing list archives

Re: TrueCrypt?

From: "Dennis E. Hamilton" <dennis.hamilton () acm org>
Date: Thu, 29 May 2014 16:29:33 -0700

In the various accounts and discussions all around the Internet, I had been baffled by the mention of Windows XP 
support end-of-life.

On reflection, I can see why there might be concern for the vulnerability of TrueCrypt, and user keys, on a platform 
for which there is no longer any security support.

The observation that there are existing solutions on the major currently-supported platforms makes sense in that 
context.  Concerning the mention of Bitlocker, I note that Bitlocker is available on Windows 8.1 Pro and works just 
fine given the hardware that Windows 8 and 8.1 require anyhow.  (I am not in a position to know whether "works just 
fine" means Bitlocker is highly secure or not.  At least it is not password based and one should remove and squirrel 
away the USB key after powering up and certainly not leave it inserted in a powered-down system.)

I have no idea what the actual trigger of the TrueCrypt shutdown is.  


 -- Dennis E. Hamilton
    dennis.hamilton () acm org    +1-206-779-9430
    https://keybase.io/orcmid  PGP F96E 89FF D456 628A


-----Original Message-----
From: Fulldisclosure [mailto:fulldisclosure-bounces () seclists org] On Behalf Of Barkley, Peter
Sent: Thursday, May 29, 2014 13:47
To: fulldisclosure () seclists org
Subject: Re: [FD] TrueCrypt?

+

http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/ 

-----Original Message-----
From: Fulldisclosure [mailto:fulldisclosure-bounces () seclists org] On Behalf Of Anthony Fontanez
Sent: 2014, May, 28 10:21 PM
To: fulldisclosure () seclists org
Subject: [FD] TrueCrypt?

I'm surprised I haven't seen any discussion about the recent issues with TrueCrypt.  Links to current discussions 
follow.

/r/sysadmin: http://www.reddit.com/r/sysadmin/comments/26pxol/truecrypt_is_dead/
/r/netsec: http://www.reddit.com/r/netsec/comments/26pz9b/truecrypt_development_has_ended_052814/

[ ... ]


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

TrueCrypt? Anthony Fontanez (May 29)
- Re: TrueCrypt? Barkley, Peter (May 29)
  - Re: TrueCrypt? Dennis E. Hamilton (May 29)
- Re: TrueCrypt? uname -a (May 29)
  - Re: TrueCrypt? secuip (May 29)
    - Re: TrueCrypt? Justin Bull (May 29)
    - Re: TrueCrypt? CIURANA EUGENE (pr3d4t0r - Full Disclosure) (May 29)
    - Re: TrueCrypt? JK (May 29)
    - Re: TrueCrypt? Philip Cheong (May 29)
    - Re: TrueCrypt? Sergio Conde Gómez (May 29)
    - Message not available
    - Re: TrueCrypt? Justin Bull (May 29)
    - Re: TrueCrypt? Mike Cramer (May 29)
    - Message not available
    - Re: TrueCrypt? Michael Cramer (May 30)

(Thread continues...)