For many computer users, TrueCrypt is the tool to encrypt files, partitions and disks. But suddenly the developers are pulling their hands off the open source tool. What happened? And what now?
By encrypting your files and drives with TrueCrypt, you keep your data safe from anyone who wants to see it, from malicious parties to companies and even security services. Crucial for company data and personal data. But a thorn in the side of security services such as the NSA and the judiciary, which can do nothing with the encrypted data without a password.
Ended out of nowhere
On the download page of TrueCrypt, a message suddenly appeared on May 29 that the program is unsafe for use, followed by a guide to encryption under Windows 8 using BitLocker. BitLocker is part of Windows and is built into Windows 8. Windows 7 and Vista users can only use BitLocker if they have the Enterprise or Ultimate edition of Windows.
The TrueCrypt website tries to get you to use BitLocker.
According to the site, TrueCrypt is no longer being developed and would only be functional as a tool to decrypt volumes and files that were previously encrypted with TrueCrypt. The most recent version of TrueCrypt (7.2) was released at the same time as the notification and is therefore only capable of decryption. TrueCrypt 7.1a is the last version that can be used as you are used to from the program.
First reactions
The message on the TrueCrypt download page was met with much skepticism. Has the site been hacked? Have the developers encountered any unsolvable vulnerabilities in the code? Or is there more going on behind the scenes that should not be made public? The latter is not entirely inconceivable, as secret services often use methods to gain access to data, whereby those involved are muzzled through courts.
An attempt is being made to revive TrueCrypt. The site TrueCrypt.ch is rigged. From this site, developers want to breathe new life into the program by continuing with the source code of TrueCrypt 7.1a. The existing source code must also be thoroughly searched to find out the vulnerabilities or backdoors. Of course, this requires the help of developers. But help is also requested for legal matters. In order to give American security services a heel, the site is hosted in Switzerland.
But it seems that it will be a while before we can use a secure version of TrueCrypt again. In fact, it is questionable whether that will ever be possible.