He Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65,024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. Here I will quote from the Ubuntu Privacy Group’s review of Truecrypt 7.0: For one thing, the software does some damned funny things that should make any (correctly) paranoid person think twice. And who knows, maybe I’ll even convince you we can do more.īut anonymity isn’t the only thing that concerns me about Truecrypt. In case you don’t see the reason for a Truecrypt audit, I’m going to devote the remainder of this post to convincing you how important it is. If you’re an information security professional/expert/hobbyist please consider giving us some of your time to help identify bugs in the software.
Go to the site and donate! It doesn’t have to be money, although that would be best. If you already know why this is important, by all means stop reading this post now. It is my great pleasure to publicize (and belatedly kick off) an open project to audit the Truecrypt disk encryption tool. Well, I’m still distracted by other things, but people like Kenn White have been getting organized.
Then I went off and got distracted by other things. A few weeks ago, after learning about the NSA’s efforts to undermine encryption software, I wrote a long post urging developers to re-examine our open source encryption software.
0 kommentar(er)
