* [dm-crypt] TrueCrypt support ended -- "Not secure"
@ 2014-05-28 22:49 Robert Nichols
2014-05-29 1:07 ` Chris Drake
2014-05-29 14:35 ` Arno Wagner
0 siblings, 2 replies; 5+ messages in thread
From: Robert Nichols @ 2014-05-28 22:49 UTC (permalink / raw)
To: dm-crypt
Sourceforge page warns against continued use, and the latest release does not
permit creation of new volumes.
http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
http://truecrypt.sourceforge.net/
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [dm-crypt] TrueCrypt support ended -- "Not secure" 2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols @ 2014-05-29 1:07 ` Chris Drake 2014-05-29 2:46 ` Robert Nichols 2014-05-29 14:35 ` Arno Wagner 1 sibling, 1 reply; 5+ messages in thread From: Chris Drake @ 2014-05-29 1:07 UTC (permalink / raw) To: dm-crypt Hi Robert, That's a hoax - their domain got hijacked. Kind Regards, Chris Drake Thursday, May 29, 2014, 8:49:01 AM, you wrote: RN> Sourceforge page warns against continued use, and the latest release does not RN> permit creation of new volumes. RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ RN> http://truecrypt.sourceforge.net/ ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure" 2014-05-29 1:07 ` Chris Drake @ 2014-05-29 2:46 ` Robert Nichols 2014-05-29 3:38 ` Chris Drake 0 siblings, 1 reply; 5+ messages in thread From: Robert Nichols @ 2014-05-29 2:46 UTC (permalink / raw) To: dm-crypt On 05/28/2014 08:07 PM, Chris Drake wrote: > Hi Robert, > > That's a hoax - their domain got hijacked. > > Kind Regards, > Chris Drake > > > Thursday, May 29, 2014, 8:49:01 AM, you wrote: > > RN> Sourceforge page warns against continued use, and the latest release does not > RN> permit creation of new volumes. > > RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ > > RN> http://truecrypt.sourceforge.net/ > > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt > It has been reported that the "hacked" release was certified with the official TruCrypt signing key, and compromise of that key would be even more damning. Would someone who had gained access to that key squander that power on a prank? -- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure" 2014-05-29 2:46 ` Robert Nichols @ 2014-05-29 3:38 ` Chris Drake 0 siblings, 0 replies; 5+ messages in thread From: Chris Drake @ 2014-05-29 3:38 UTC (permalink / raw) To: dm-crypt Hi Robert, It's not the *original* key apparently, but the new one for the current release. Current rumors are that they're committing suicide for the same reasons as Lavabit - which would explain why they're pushing people over to products with NSA key escrow built in. Kind Regards, Chris Drake Thursday, May 29, 2014, 12:46:19 PM, you wrote: RN> On 05/28/2014 08:07 PM, Chris Drake wrote: >> Hi Robert, >> >> That's a hoax - their domain got hijacked. >> >> Kind Regards, >> Chris Drake >> >> >> Thursday, May 29, 2014, 8:49:01 AM, you wrote: >> >> RN> Sourceforge page warns against continued use, and the latest release does not >> RN> permit creation of new volumes. >> >> RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ >> >> RN> http://truecrypt.sourceforge.net/ >> >> >> >> >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@saout.de >> http://www.saout.de/mailman/listinfo/dm-crypt >> RN> It has been reported that the "hacked" release was certified with the RN> official TruCrypt signing key, and compromise of that key would be RN> even more damning. Would someone who had gained access to that key RN> squander that power on a prank? ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure" 2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols 2014-05-29 1:07 ` Chris Drake @ 2014-05-29 14:35 ` Arno Wagner 1 sibling, 0 replies; 5+ messages in thread From: Arno Wagner @ 2014-05-29 14:35 UTC (permalink / raw) To: dm-crypt Give it at least a few days before jumping to conclusions. There is a number of possibilities for what happened and what is said on the page actually being true is just one of them. Also note that the claims about valid signatures on the current, crippled binaries are shaky as the keys were apparently changed recently. Arno On Thu, May 29, 2014 at 00:49:01 CEST, Robert Nichols wrote: > Sourceforge page warns against continued use, and the latest release > does not permit creation of new volumes. > > http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/ > > http://truecrypt.sourceforge.net/ > > -- > Bob Nichols "NOSPAM" is really part of my email address. > Do NOT delete it. > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. - Plato ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-05-29 14:35 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols 2014-05-29 1:07 ` Chris Drake 2014-05-29 2:46 ` Robert Nichols 2014-05-29 3:38 ` Chris Drake 2014-05-29 14:35 ` Arno Wagner
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.