TrueCrypt is not secure.

This is real interesting. Only time will tell if this is real or a hoax as a result of a compromise.

Like many, I use Truecrypt for personal document security and this would be a real blow to others who use it for more higher level security.

From Arstechnica.com
One of the official webpages for the widely used TrueCrypt encryption program says that development has abruptly ended and warns users of the decade-old tool that it isn't safe to use.

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues," text in red at the top of the TrueCrypt page on SourceForge states. The page continues: "This page exists only to help migrate existing data encrypted by TrueCrypt. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform."

More info at this link.

It's going to be very interesting to see how this one plays out.

No kidding. Holy cow!

If this is legit, the decrypt tool for every TrueCrypt volume has been posted. If it's legit. Or maybe it's a hack-and-scam designed to stampede people into revealing personal data or otherwise opening themselves up to criminal activities.

Watching this one closely. I use TrueCrypt here and there.

I use TrueCrypt. I don't know what this means. I do know I don't have time for this.

Doug, in order to decrypt it still requires the original passphrase before you can mount the encrypted drive or container then convert them to BitLocker.

The latest I have is from http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/.

Here's the TL;DR version: It's time to migrate off of TrueCrypt, as it is no longer supported and the anonymous authors state that it is vulnerable. The version of TrueCrypt currently available for download will only decrypt for migration, and that only with the appropriate passphrase.

I've been using the portable installation of TrueCrypt as a way to secure files on USB flash drives. Any thoughts on alternatives to move to?

Edited to add:

What I liked about TrueCrypt was that I could have an encrypted container for sensitive information, but still use/save/read files stored on the drive outside of the container.

I have a pretty low opinion of BitLocker. It's better than it used to be but it was never great.

PGP Whole Disk was a very good product years ago, and I've heard that it is still pretty good. But it's expensive.

I really do not know what to recommend. Last week I would have told you to use TrueCrypt. I'm thinking I'm going to wait to see what Bruce Schneier says about this. There are some good comments on his blog: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html.

I will be doing the same. This whole thing feels very "off". The references to Windows XP support(Truecrypt is not controlled by Microsoft, it is owned by TrueCrypt Foundation) and the "may contain unfixed security issues" verbage are what I would expect from a social engineering attack.

I take this with a grain of salt. Even if the Truecrypt developers gave it up, and even if there is some security flaw in the existing Truecrypt, I probably won't write it off immediately.

For one, who am I trying to protect my encrypted stuff from? It's not the NSA. And even if I were using Truecrypt and expecting it to stand up against the NSA, that would be quite naive of me to believe that. The average hacker? Chances are they wouldn't be able to exploit any security flaws in Truecrypt, unless a wide-open hole gets so widespread that there is a pre-packaged script for all the "script kiddie" hackers to use. That leaves the common laptop thief. And they probably couldn't decrypt some as simple as ROT-13.

So, while it is not good if Truecrypt development is halted, and it is not good if there exists some unpatched flaw in it, I'm not going to be running around like Chicken Little doing "The Sky Is Falling!" bit. Chances are, if you use some OS built-in Microsoft encryption, that WILL have an NSA backdoor in it and be no more secure than Truecrypt as it currently stands.

Everyone should probably step back and take a deep breath until their panic subsides. There may be better alternatives to Truecrypt going forward, but don't get all bent out of shape immediately over this new announcement and do something rash, like switch to some other encryption without thoroughly researching its pros and cons. Chances are you'd be no better, and might be worse, than just sitting on your Truecrypt as it is until things shake out.

The 'may be flaws' can just be a caution saying that since they are not coding anymore they won't find any if there are some. Hopefully the community will pick it back up and re-start or start a new project.

It just let me see that I have a single point of failure in my preps. If LibreOffice were to stop development today I can use Apache OpenOffice or KDEOffice. If Firefox or Thunderbird stops today I can use Chromium or Konqueror and Kmail. If Slackware stops today I can use Unbuntu or Deadrat or whatever. But if Truecrypt dies I realized I haven't installed or tested any other programs. I suppose I could still decrypt on my tablet and have them unencrypted but I could just do that today with TrueCrypt, it doesn't future proof me.

I'm not sure that there's any way to future-proof yourself short of printing information on archival-quality paper and then securing the paper somehow.

My concerns with TrueCrypt are twofold. It hasn't been meaningfully updated since February 2012. If any vulnerabilities have been discovered since then, they haven't been patched.

Secondly, there is speculation that the withdrawal of the product may have been due to pressure to introduce vulnerabilities deliberately. That's speculation, rather than based on hard fact, but it is very troubling. Historically, whenever vulnerabilities are deliberately introduced they are discovered by the people that you don't want to have them.

Many "oldies" that are no longer supported are still good. Think about Tiny/Kerio, Proxomitron, SuperJPG, Skyglobe, etc. If I still ran Windows I would not rule these out, even though they are ancient and no longer developed/supported. I've still got copies of all of them (not they they are useful to me on Linux now).

This is not really the case with security software, unfortunately.

If the NSA want's your stuff, the NSA will get your stuff. I harbor no illusions about keeping anything from them that isn't handwritten on a piece of paper.

What I am trying to protect my stuff against is a semipro civilian hacker. Think about the breaches at Target, Ebay, Citigroup, GE Money, Countywide Mortgages, etc. These were not amateurs.

Also consider data mining viruses like 'Flame'.

And lastly, what happens if your computer is stolen? The tweaker who stole it may not be able to remember his own SS#, but he knows a hacker who will buy it. The hacker can then sell your identity for a nice chunk of change, clear out anything tracable from the computer, and sell it for another couple of hundred. You're out the cost of a new computer and $$$ to fix the damage done when your identity went on the market.

Future proofing is not too hard, as I mentioned if LirbeOffice dies then I use (Apache) OpenOffice, as long as I have more than one app that can read my files then I'm good.
This is nearly a single point of failure for me so I need to find an alternate.

They aren't magic. Strong encryption can't be broken without magic. That's one of the things confirmed by Snowdon's revelations. What the NSA can try to do is acquire your passwords somehow: by covertly installing keyloggers or legal coercion or whatever. They are surprisingly good at doing that.

Some people think this is happening because the NSA couldn't crack TrueCrypt. The NSA figured out who the TrueCrypt developers were and pressured them to install a backdoor. If they're Americans, the developers couldn't legally refuse, so they did the moral thing, shut down the project, and made the best public announcement they could (given they were surely under draconian gag orders). Similar things have happened before, to Lavabit, an encrypted email service that shutdown suddenly under gag orders.

TrueCrypt has a "plausible deniability" feature, where-by an archive has a decoy password in addition to the real password. I could believe that feature was a real concern to law enforcement, and could be enough to single TrueCrypt out for special attention (as opposed to, say, 7zip, which offers strong encryption without plausible deniability).

As it happens, TrueCrypt is in the middle of an independent security audit. That is paid for and will continue. The preliminary check found no significant issues, but further analysis is on-going. It's possible that it has found an issue, one which can't be fixed, and so the announcement is to give people time to move off TrueCrypt before they go public with the weakness. Alternatively, it may complete with no real weaknesses found, which would strength the NSA meddling hypothesis above.

(I don't use TrueCrypt myself. I've installed it a couple of times and each time concluded it wasn't what I needed. I use 7zip instead. If I was using it, I'd probably continue using it but make sure the version I was using predated any likely shenanigans. I don't consider myself a big target so I could accept a level of risk while all this shakes out.)

I haven't tried encryption in 7zip, what does it use and can its archives be opened on a mobile device (Android) like Truecrypt?

I'd also like to know about 7zip. Can you explain the differences and why Truecrypt was not the best for you? For all I know, Truecrypt may not be the best for me either.

7zip is open source, but effectively Windows only. Other apps claim to read the same file format on other platforms, but I've not tried them.

Mostly I didn't feel there was anything wrong with TrueCrypt, I just didn't need its extra features. 7zip felt lighter weight. It doesn't need a device driver or need to mount a disk. It also does compression and makes files as big as they need to be, and TrueCrypt seems geared towards fixed-sized volumes which, without compression, tend to be very large. I tried using the Windows O/S compression within a TrueCrypt volume, but it wasn't enough. I could have used 7zip for compression and TrueCrypt for encryption, but that would be more complex.

One benefit of TrueCrypt is the plausible deniability. I don't need that. Another is that it encrypts a whole volume, including things like temp files, which is good for security but again not something I need because my files are in clear on the disk anyway. I am just encrypting backups so I can store them in DropBox.

Depends if you have a BBC micro computer with an LCD monitor (generate your plain text securely) and a hardware encryption/decryption controller with your own encryption/decryption encoder/decoder algorithm on a PICchip micro controller box with an RS432 interface (talks to the BBC micro) to a removable USB flash memory (encrypted files stored on a flash memory card such as an SD card).
You can then send your encrypted files via VPN tunnel or email attachment or upload to FTP server, digital radio modem, direct PSTN modem, infra-red port on a Ericsson SH888 GSM cellular phone etc.
You can even use a DOS program to embed into the noise floor the encryption data of a lossless music file or picture file such as a BMP for hiding in plain sight.
That should keep the NSA on its toes.

Looks like this new group named CipherShed has taken on maintaining and developing a fork of Truecrypt. They seem a bit more organized then the team at TCnext who are already appearing to be suffering from some infighting.

Hopefully CipherShed takes the lead on this. I am not a computer geek by any means but the world of cryptography is one area I enjoy reading and learning about so I will be following this development close.

TrueCrypt helped a lot of people solve a serious security problem. I'm happy to see that there are community-based development efforts to not let it die. I will also be following this closely.

FWIW, I've found several other methods to use TrueCrypt containers as its popularity sort of made it become an unofficial standard.

I'm not too concerned about the "may be insecure" message as that is standard text in the IT risk world. Words like may, shall, must are key in risk policy and standards and the reality is that any software may be insecure.

From a cryptoanalysis point of view, there are two means to attack the enemies cryptosystems.

1. break the system through a weakness

2. convince the enemy that you already have broken the system when you can't find a weakness in hopes that they switch to a weaker system you can break.

As far as I am aware, we have absolutely NO information which one of the two applies.