Truecrypt not secure?

[photon]

Big warning on their site now plus instructions on how to migrate content to Bitlocker.

http://truecrypt.sourceforge.net/

So bizarre, why would they recommend going from an open source product to a closed source one, even if they did find a huge vulnerability in Truecrypt?? Microsoft can totally be trusted to not work with the NSA right?

The preliminary results of the audit being done didn't find anything truly bad:

http://istruecryptauditedyet.com/

Great, now what? Hope that someone forks Truecrypt?

EDIT: More info:

http://arstechnica.com/security/2014...bruptly-warns/

So weird.

[FanIn80]

WTF

[Rathji]

Ouch, guess the audit didn't go so well

[photon]

Quote:

Originally Posted by Rathji

Ouch, guess the audit didn't go so well

The first part did ok, one of the moderate vulnerabilities sounds more than moderate to me but I'll trust the auditor's evaluation vs. my own, and the 2nd part hasn't even started yet.

My bet's still waffling between developers abandoning project and developers nuking project rather than being compelled to do something they don't want to (i.e. Lavabit (http://lavabit.com/ a very interesting read)).

Also learned a new concept: https://en.wikipedia.org/wiki/Warrant_canary

[Rathji]

Never even considered the National Security letter aspect. That makes much more sense if the second part of the audit hasn't started yet.

[photon]

Yeah I read somewhere that it would be related to something Snowden would reveal on tonight's interview with Brian Williams, but that seems more like wild speculation than anything.

[TheyCallMeBruce]

Don't know if this has been posted, but take the first letter of every word in this sentence:
"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"

Run it through google translate and...

https://translate.google.com/#la/en/...20im%20cu%20si

So there's that...