[Nottingham] Alternative to TrueCrypt?

Joshua G Lock incandescant at gmail.com
Thu May 29 10:50:37 UTC 2014


On 29 May 2014, at 11:29, Paul <reclusivegeek at yahoo.co.uk> wrote:
> Personally I am not going to migrate away from Truecrypt right now for
> the following reasons :-
> 
> 1) I use the 7.1a binaries which have been audited and passed as secure
> and more importantly have no back doors.

Truecrypt is in the process of being audited, no backdoors have been found yet and initial signs are good. Let’s not get ahead of ourselves declaring it secure and backdoor free, indeed the initial security assessment identified several issues (none of which are deemed severe).

https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

> 2) The moment you use commercial encryption you open yourself up to god
> knows who reading your data without your knowledge. I certainly would
> not trust Microsoft, Google, Yahoo or any other company controlled by
> the US or UK governments. The law requires the companies to have a
> master key.

The Truecrypt authors are anonymous, this has lead many to question their trustworthiness.

Cheers,

Joshua





More information about the Nottingham mailing list