Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TrueCrypt?

From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 29 May 2014 16:55:01 -0400
On Wed, May 28, 2014 at 10:21 PM, Anthony Fontanez <ajfrcc () rit edu> wrote:

I'm surprised I haven't seen any discussion about the recent issues with TrueCrypt.  Links to current discussions 
follow.

/r/sysadmin: http://www.reddit.com/r/sysadmin/comments/26pxol/truecrypt_is_dead/
/r/netsec: http://www.reddit.com/r/netsec/comments/26pz9b/truecrypt_development_has_ended_052814/

The Crypto mailing list offered a few additional factoids (in addition
to the three offered in the first link):

    1) Microsoft ended support for XP.
    2) Elcomsoft claims the ability to retrieve master & secondary (XTS mode)
        keys for TrueCrypt volumes/partitions from hibernation files.
    3) Passware same as above.
    4) https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf-
        header key derivation uses low iteration count

And as one other person noted in the crypto mailing list thread, the
same kind of thing happened to Lavabit.

See http://lists.randombit.net/pipermail/cryptography/2014-May/thread.html
and http://lists.randombit.net/pipermail/cryptography/2014-May/006561.html.

Jeff

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: