See on TrueCrypt Shuts Down
Support for decade-old crypto program pulled, touching off Internet firestorm.
“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues,” text in red at the top of TrueCrypt page on SourceForge states. The page continues: “This page exists only to help migrate existing data encrypted by TrueCrypt. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.”
Ryan Seifert‘s insight:
One of the most popular and trusted file encryption systems was closed today; there is a huge amount of controversy over the event. What is even stranger is the suggestion to migrate to Bitlocker, Microsoft’s integrated encryption offering.
TrueCrypt was the common answer for easy and provable secure encryption; due to its open source nature and multi-platform support. Being open source allowed everyone (including security auditors) to review the code and point out any potential weaknesses or problems. The multi-platform support allowed the same encrypted partition to be accessed from Windows, Mac, or Linux.
The controversy is stemming around the the reason given for shutting down TrueCrypt (the sunset of Windows XP) and the suggestion to migrate to BitLocker. TrueCrypt supported up to Windows 8.1 (Current version) and everything between down to XP; it also supported many versions of Mac’s OSX as well as various flavors of Linux. The amount of development work required to support so many different platforms securely is immense; this disputes the shutdown reason stated pretty directly. Many proponents of TrueCrypt are very outspoken on closed source implementations of security applications (such as BitLocker).
Overall it is a strong blow to computer security and privacy in general to see such a strong and loved open source encryption system be closed.