As some of you might have heard the 10 year old on-the-fly encryption (OTFE) software TrueCrypt was discontinued on May 28, 2014 by its anonymous developers. On May 28th of 2014 TrueCrypt’s website started forwarding visitors to sourceforge.net, which is a source code repository for free and open source software. Apparently the TrueCrypt developers discontinued this software project because of Microsoft ending support for Windows XP, and because the new OS’s already have built in encryption options. The TrueCrypt developers are recommending that you migrate your data that is encrypted by TrueCrypt to “virtual disk images supported on your platform”. I have included a link to view their page on SourceForge’s site along with their message to the public.
The Developer’s Message on SourceForge
WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues
This page exists only to help migrate existing data encrypted by TrueCrypt.
Check out the rest of their message here.
Why TrueCrypt Is Important
TrueCrypt is unlike any other OTFE software out there. It offers support for Microsoft Windows, OS X, Linux, DragonFly BSD and it can even be used on Android if you use third-party software. The cross platform diversity and support for several different cryptographic algorithms makes TrueCrypt the best OTFE software out there in my opinion.
What Happened To the Developers & Legal Issues with TrueCrypt
There are a lot of different theories about why the anonymous developers ended the software project. Some people say it was because some government(s) were forcing them to, while others say they just got tired of keeping up with all of the new OS’s and they did not want to continue support to newer OS’s. I don’t know what the truth is but from what we have learned about governments and their thirst for power and control I would not put it past any government to try to put an end to TrueCrypt especially after some of the legal issues that people have encountered when their drives were encrypted using TrueCrypt. I have included several examples below of people who have been in legal issues when they were using TrueCrypt.
The latest person who used TrueCrypt and has had legal problems was James DeSilva in February of 2014. James was arrested on charges of sexual exploitation of a minor. His computer’s main hard drive was encrypted using TrueCrypt and he refused to reveal the password to authorities. Forensics detectives from the Maricopa County Sheriff’s Office were unable to gain access to his hard drive.
Another example is David Miranda in August of 2013. David was a partner of journalist Glenn Greenwald; he was detained at London’s Heathrow Airport by Metropolitan Police. When he was detained he was carrying an external hard drive (encrypted by TrueCrypt) which might have had sensitive documents about the 2013 global surveillance disclosures leaked by Edward Snowden. The drive contained about 60 GB of data, of which only 20 GB were accessed. Later Greenwald said that the 20 GB that had been accessed was probably stored on the unencrypted partition of the drive and only related to his school work and personal use.
The Future of TrueCrypt
Does TrueCrypt have a future? I think that it does, but I think it is going to be difficult for someone or a group of people to continue to develop it mainly because of the way their software license is laid out. TrueCrypt was released under the “TrueCrypt License” which is unique to the TrueCrypt software and is not a free software license according to the Free Software Foundation (FSF) because it contains distribution and copyright-liability restrictions. As of today there are no known signs of any security issues within TrueCrypt 7.1a. There are several different sites that allow you to download the TrueCrypt software “as is”. The best site that I have come across is TCnext, which seems like a good site. I would encourage anyone with knowledge in C, C++, and/or cryptography to help to form a new future for TrueCrypt. We all need OTFE software that is supported by all of the latest OS’s, supports strong cryptographic algorithms, that is free (as in freedom), and open source.
Thank you all for taking the time to read this post and as always God bless!