Reports are coming in that development on the open source TrueCrypt software has been halted, and in fact there are security issues which the developers (whoever they are) feel are severe enough that they say you should migrate away from using TrueCrypt as soon as possible. Some people think (pray?) that this is a potential hoax, but evidence is mounting that it may be legitimate. The official page only says that development ended in May of 2014 coincident with the discontinuation of official WinXP support, and that the current version posted on that page is no longer capable of creating new protected containers, it can only strip the protection from existing ones.
Before Microsoft's BitLocker and Apple's FileVault came on the scene (and even during), TrueCrypt was the most popular method chosen to encrypt sensitive hard drive data, mainly because it was open source, meaning that all of its source code was out there for all to inspect, ensuring that an unscrupulous somebody could not embed a backdoor without it being obvious to anyone looking for such a thing. An audit was already ongoing, sparked by the whole NSA/Snowden thing, but so far it had not discovered anything out of the ordinary.
Anyway, if you were using it, they say you should stop. If you were considering it, you should look for a different tool. Personally, I know of no open source alternative, though I suppose this may be incentive for some to pop up.
--Patrick
Before Microsoft's BitLocker and Apple's FileVault came on the scene (and even during), TrueCrypt was the most popular method chosen to encrypt sensitive hard drive data, mainly because it was open source, meaning that all of its source code was out there for all to inspect, ensuring that an unscrupulous somebody could not embed a backdoor without it being obvious to anyone looking for such a thing. An audit was already ongoing, sparked by the whole NSA/Snowden thing, but so far it had not discovered anything out of the ordinary.
Anyway, if you were using it, they say you should stop. If you were considering it, you should look for a different tool. Personally, I know of no open source alternative, though I suppose this may be incentive for some to pop up.
--Patrick
