What really happened to TrueCrypt back in 2014? Did anyone ever find out?
It was a widely used encryption tool, that was suddenly dropped with the message " not safe, use something else".
What really happened to TrueCrypt back in 2014? Did anyone ever find out?
It was a widely used encryption tool, that was suddenly dropped with the message " not safe, use something else".
My assumption has been that the author was pressured to add a backdoor or abandon the project since it was an issue for law enforcement. After TrueCrypt stopped releasing new versions, it was audited and there was no sign of any backdoor or flaw in the encryption. Now on device encryption is more common but so are cloud backups, and law enforcement has found that going after cloud backups is much easier to subpoena. Plus there is a more mature industry for law enforcement to provide tools tools to bypass encryption without the developer complying.
This was always my assumption as well. When they quit the project, didn’t they leave some message recommending Microsoft BitLocker as an alternative? Everyone at the time interpreted this as the clearest “they’re already in the room with me” warning sign, given that that kind of project would NEVER reasonably make such a closed source, corporate centered recommendation …
Also if you sign into the Microsoft cloud, your bit locker keys are backed up there.
“For your convenience”