Saturday, October 04, 2014

TrueCrypt linkage blog has been running a nice series of posts regarding TrueCrypt.

I’ve been using TrueCrypt for some time now (just shy of a year) on my Windows 7 system as at the time it seemed to be the best balance of security and compatibility/recoverability for my needs.

Again, I’m using TrueCrypt whole-disk encryption to protect the data on my laptop in case it is lost by theft or careless user misplacement. Other solutions are out there and they have their own pros/cons.

In the aftermath of the TrueCrypt “collapse” back in May 2014, many have fled TrueCrypt and no longer trust it.

I noted the other day a new TrueCrypt fork called CipherShed via this InfoSec Handlers Diary blog post.

It’s worth being familiar with, but in light of the recent round of postings, I wanted to seek out the opinion of the GSD-respected tinyapps blogger regarding this fork.

I did receive sage wisdom and was kindly pointed to this discussion:

Just a point to consider for now while the Phase II audit process continues…

More resources on TrueCrypt itself

Update April 14, 2014: Phase I of the audit is complete, and report is available. Phase II begins on the formal cryptanalysis.

I’m not a programmer so I’m just watching and listening to the discussions and audits by those professionals who are. I’ll continue to post bits as both projects move forward.


Claus Valca

No comments: