The security world has been left baffled by the apparent closure of the free disk encryption facility TrueCrypt, which issued an online message saying it was no longer secure this week.
A message on the TrueCrypt Sourceforge site said the offering might not be secure “as it may contain unfixed security issues”.
“The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images,” the message read.
“You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.”
The message recommended using BitLocker, the disk encryption program included in every Windows OS since Vista, and provided a decryption service for TrueCrypt users on Windows, Mac OS X and Linux to move over to a different option.
Some suggested the closure may have been a hoax, the result of a hack. Yet no one from TrueCrypt’s development team, which has remained anonymous since the product’s release, has come forward to confirm or deny it.
Others wondered whether TrueCrypt faced a legal threat and was forced to close, in a similar way that email service Lavabit was shut down.
The service had recently undergone an audit to determine if there were any security issues with the tool, but nothing serious was uncovered.
Either way, it looks as though TrueCrypt is no more, said Sophos’ head of technology Paul Ducklin, in a blog post.
“It certainly looks as though TrueCrypt is finished. If the new web page is true, the project has ended explicitly. If it isn’t true, then it’s going to be tough to re-establish trust in the code, and the project has ended implicitly.”
What do you know about Internet security? Find out with our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
View Comments
Yes, this is sudden and also sad because it's a cross-platorm solutions that makes it easy to encrypt external drives and use them on OSX, Linux or Windless.
The abrupt cutoff indicates that the Lavabit scenario is highly likely.