[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] TrueCrypt?

To: Anthony Fontanez <ajfrcc@xxxxxxx>
Subject: Re: [FD] TrueCrypt?
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Thu, 29 May 2014 16:55:01 -0400

On Wed, May 28, 2014 at 10:21 PM, Anthony Fontanez <ajfrcc@xxxxxxx> wrote:
> I'm surprised I haven't seen any discussion about the recent issues with 
> TrueCrypt.  Links to current discussions follow.
>
> /r/sysadmin: 
> http://www.reddit.com/r/sysadmin/comments/26pxol/truecrypt_is_dead/
> /r/netsec: 
> http://www.reddit.com/r/netsec/comments/26pz9b/truecrypt_development_has_ended_052814/
The Crypto mailing list offered a few additional factoids (in addition
to the three offered in the first link):

    1) Microsoft ended support for XP.
    2) Elcomsoft claims the ability to retrieve master & secondary (XTS mode)
        keys for TrueCrypt volumes/partitions from hibernation files.
    3) Passware same as above.
    4) 
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf-
        header key derivation uses low iteration count

And as one other person noted in the crypto mailing list thread, the
same kind of thing happened to Lavabit.

See http://lists.randombit.net/pipermail/cryptography/2014-May/thread.html
and http://lists.randombit.net/pipermail/cryptography/2014-May/006561.html.

Jeff

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] TrueCrypt?
  - From: Anthony Fontanez

Prev by Date: Re: [FD] TrueCrypt?
Next by Date: Re: [FD] What do you think of Trollc?
Previous by thread: Re: [FD] TrueCrypt?
Next by thread: [FD] TrueCrypt
Index(es):
- Date
- Thread