* [dm-crypt] TrueCrypt support ended -- "Not secure"
@ 2014-05-28 22:49 Robert Nichols
2014-05-29 1:07 ` Chris Drake
2014-05-29 14:35 ` Arno Wagner
0 siblings, 2 replies; 5+ messages in thread
From: Robert Nichols @ 2014-05-28 22:49 UTC (permalink / raw)
To: dm-crypt
Sourceforge page warns against continued use, and the latest release does not
permit creation of new volumes.
http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
http://truecrypt.sourceforge.net/
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure"
2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols
@ 2014-05-29 1:07 ` Chris Drake
2014-05-29 2:46 ` Robert Nichols
2014-05-29 14:35 ` Arno Wagner
1 sibling, 1 reply; 5+ messages in thread
From: Chris Drake @ 2014-05-29 1:07 UTC (permalink / raw)
To: dm-crypt
Hi Robert,
That's a hoax - their domain got hijacked.
Kind Regards,
Chris Drake
Thursday, May 29, 2014, 8:49:01 AM, you wrote:
RN> Sourceforge page warns against continued use, and the latest release does not
RN> permit creation of new volumes.
RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
RN> http://truecrypt.sourceforge.net/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure"
2014-05-29 1:07 ` Chris Drake
@ 2014-05-29 2:46 ` Robert Nichols
2014-05-29 3:38 ` Chris Drake
0 siblings, 1 reply; 5+ messages in thread
From: Robert Nichols @ 2014-05-29 2:46 UTC (permalink / raw)
To: dm-crypt
On 05/28/2014 08:07 PM, Chris Drake wrote:
> Hi Robert,
>
> That's a hoax - their domain got hijacked.
>
> Kind Regards,
> Chris Drake
>
>
> Thursday, May 29, 2014, 8:49:01 AM, you wrote:
>
> RN> Sourceforge page warns against continued use, and the latest release does not
> RN> permit creation of new volumes.
>
> RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
>
> RN> http://truecrypt.sourceforge.net/
>
>
>
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
It has been reported that the "hacked" release was certified with the
official TruCrypt signing key, and compromise of that key would be
even more damning. Would someone who had gained access to that key
squander that power on a prank?
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure"
2014-05-29 2:46 ` Robert Nichols
@ 2014-05-29 3:38 ` Chris Drake
0 siblings, 0 replies; 5+ messages in thread
From: Chris Drake @ 2014-05-29 3:38 UTC (permalink / raw)
To: dm-crypt
Hi Robert,
It's not the *original* key apparently, but the new one for the
current release. Current rumors are that they're committing suicide
for the same reasons as Lavabit - which would explain why they're
pushing people over to products with NSA key escrow built in.
Kind Regards,
Chris Drake
Thursday, May 29, 2014, 12:46:19 PM, you wrote:
RN> On 05/28/2014 08:07 PM, Chris Drake wrote:
>> Hi Robert,
>>
>> That's a hoax - their domain got hijacked.
>>
>> Kind Regards,
>> Chris Drake
>>
>>
>> Thursday, May 29, 2014, 8:49:01 AM, you wrote:
>>
>> RN> Sourceforge page warns against continued use, and the latest release does not
>> RN> permit creation of new volumes.
>>
>> RN> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
>>
>> RN> http://truecrypt.sourceforge.net/
>>
>>
>>
>>
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt@saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
>>
RN> It has been reported that the "hacked" release was certified with the
RN> official TruCrypt signing key, and compromise of that key would be
RN> even more damning. Would someone who had gained access to that key
RN> squander that power on a prank?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dm-crypt] TrueCrypt support ended -- "Not secure"
2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols
2014-05-29 1:07 ` Chris Drake
@ 2014-05-29 14:35 ` Arno Wagner
1 sibling, 0 replies; 5+ messages in thread
From: Arno Wagner @ 2014-05-29 14:35 UTC (permalink / raw)
To: dm-crypt
Give it at least a few days before jumping to conclusions.
There is a number of possibilities for what happened and
what is said on the page actually being true is just one
of them.
Also note that the claims about valid signatures on the
current, crippled binaries are shaky as the keys were
apparently changed recently.
Arno
On Thu, May 29, 2014 at 00:49:01 CEST, Robert Nichols wrote:
> Sourceforge page warns against continued use, and the latest release
> does not permit creation of new volumes.
>
> http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
>
> http://truecrypt.sourceforge.net/
>
> --
> Bob Nichols "NOSPAM" is really part of my email address.
> Do NOT delete it.
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. - Plato
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-05-29 14:35 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-28 22:49 [dm-crypt] TrueCrypt support ended -- "Not secure" Robert Nichols
2014-05-29 1:07 ` Chris Drake
2014-05-29 2:46 ` Robert Nichols
2014-05-29 3:38 ` Chris Drake
2014-05-29 14:35 ` Arno Wagner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.