[Nottingham] Alternative to TrueCrypt?
Paul
reclusivegeek at yahoo.co.uk
Thu May 29 11:08:24 UTC 2014
On Thu, 2014-05-29 at 11:49 +0100, Joshua G Lock wrote:
> On 29 May 2014, at 11:29, Paul <reclusivegeek at yahoo.co.uk> wrote:
> > Personally I am not going to migrate away from Truecrypt right now for
> > the following reasons :-
> >
> > 1) I use the 7.1a binaries which have been audited and passed as secure
> > and more importantly have no back doors.
>
> Truecrypt is in the process of being audited, no backdoors have been found yet and initial signs are good. Let’s not get ahead of ourselves declaring it secure and backdoor free, indeed the initial security assessment identified several issues (none of which are deemed severe).
>
> https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf
>
> > 2) The moment you use commercial encryption you open yourself up to god
> > knows who reading your data without your knowledge. I certainly would
> > not trust Microsoft, Google, Yahoo or any other company controlled by
> > the US or UK governments. The law requires the companies to have a
> > master key.
>
> The Truecrypt authors are anonymous, this has lead many to question their trustworthiness.
Or because they are anonymous it could lead to them being more
trustworthy as they cannot have pressure applied to weaken the
encryption unlike RSA or for that matter have court orders served on
then to disclose information.
Personally if I was worried about security the last operating system I
would choose would be anything Microsoft. I last used that back in 2000
so obviously I am talking from a Linux perspective.
>
> Cheers,
>
> Joshua
>
>
>
> _______________________________________________
> Nottingham mailing list
> Nottingham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/nottingham
More information about the Nottingham
mailing list