Many experts are downplaying the possibility that this is a defacement. Architecture and code reviews were performed, said Kenneth White, senior security engineer at Social & Scientific Systems, one of the OCAP architects.Ī second phase, which has not yet begun, will focus on whether encryption suites, random number generators and critical algorithms have been properly implemented.
The first phase focused on the TrueCrypt bootloader and Windows kernel driver. The results of the first phase of the audit were released on April 14 by iSEC Partners on behalf of the Open Crypto Audit Project and no backdoors were found. It’s unclear whether the site has been defaced or whether the developers are aware of a critical vulnerability or backdoor that would jeopardize the integrity of the software, which has been downloaded more than 28 million times.Īn audit of TrueCrypt was commissioned last year in order to determine if the software had been tampered with in the wake of the Edward Snowden leaks and the depths of surveillance by the National Security Agency. The page also demonstrates step-by-step instructions explaining how to migrate from TrueCrypt to BitLocker, Microsoft’s file and disk encryption software. The text warns that the open source encryption software is not secure and informs users that development has been terminated. Is it a hoax, or the end of the line for TrueCrypt?Īt the moment, there is little more than speculation as to the appearance today of an ominous note greeting visitors to the TrueCrypt page at SourceForge.
0 kommentar(er)
