[dm-crypt] truecrypt - what's the real story behind it?

U.Mutlu for-gmane at mutluit.com
Sun Feb 8 12:53:34 CET 2015


Milan Broz wrote, On 02/08/2015 11:03 AM:
> On 02/08/2015 10:45 AM, U.Mutlu wrote:
>> Hi,
>> the cryptsetup tool supports besides plain and luks, also loopaes and truecrypt.
>> I now compiled truecrypt-7.1a, and it looks not bad.
>
> Please see the https://ciphershed.org project which tries to continue with development.
>
>> I wonder why some people say truecrypt is no more secure.
>> Which part or method of truecrypt is allegedly broken? Can't be fixed?
>
> There is no publicly known serious problem there. But there are license and other
> non-technical problems. You will get more info on devel list of project above.

Then I wonder if the NSA/CIA/DHS etc. was involved in the decision of the 
authors to abondon truecrypt developement, or was there maybe a mole among the 
devs?... conspiracy mode off  :-)

The License.txt of truecrypt-7.1a says:
"You may modify This Product (thus forming Your Product), derive new works
from This Product or portions thereof (thus forming Your Product),
include This Product or portions thereof in another product (thus forming
Your Product, unless defined otherwise in Chapter I), and You may use
(for non-commercial and/or commercial purposes), copy, and/or distribute
Your Product."

>> And: is full truecrypt functionality integrated in cryptsetup tool? I mean the
>> create-options below.
>
> There is full support for mapping existing containers (with some exceptions,
> see man page).
>
> There is intentionally no new container creation support in cryptsetup and
> I am not planning to add it.
> We will better invest time to improving LUKS.

The advantage of truecrypt, as I see it, is that it is a multiplatform 
solution; works even under the Windows cr*p (btw. what's the status of 
"Microsoft Linux"? :-), they really shouldn't have dropped their Xenix;
I had the pleasure to work on it for about 2 years at the end of the 
1980ies... As time goes by...

> You can use tcplay or older version of truecrypt for that (or ciphershed when
> released).

Thx, as said truecrypt-7.1a works fine here, but a maintained package
is of course better, so I think I'll check the ciphershed release.
And thx for the link to their project site; I didn't know of them.
There I found also this link with some info about truecrypt's future:
https://forum.truecrypt.ch/

>
> Milan

-- 
cu
Uenal




More information about the dm-crypt mailing list