ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

TrueCrypt alternative

<< < (13/14) > >>

...And yes, an audit is necessary for a project like TrueCrypt, since the "many eyes" argument of open source has failed again and again.
-f0dder (April 04, 2015, 01:24 PM)
--- End quote ---

I think this is a different nuance of minor note along the way.

To me the "many eyes" of "regular" open source software is at the first level to hopefully catch nasty errors that just do "low to medium" level damage. Anything from irritants to data loss, to even at the mid level making sure there's no security hole.

But the software itself "is tame" - maybe server code, maybe some application, whatever. It "just does stuff that isn't quite exciting when it's behaving".

But software *designed to encrypt material against knowing target enemies using best-of-breed and even (govt/super-corps) "better than best of breed" attempts to break it - go beyond just needing "eyes" - you need "attestation services" which is what an audit is.

Ignoring for ex server code just for a moment, so long as an application doesn't destroy my data, I  "grudgingly don't care what it does after grumping about it" - varying levels of annoying from irritating to Enhanced Experiences, but in the end it's "just bad software". But if someone either cracks open TrueCrypt&cousins or someone put backdoors in it, "data traveling" can ruin ... lives!


FWIW, VeraCrypt has been able to mount/convert TrueCrypt partitions (non-system) and containers since v1.0f (30-12-2014).

And can mount, but not convert, a TC system partition since v1.0f-2 (05-04-2014).

The above is WRT to Windows OS.

Midnight Rambler:
Kryptel Standard Edition 7.1 is free via this link.  What's nice is there's a USB version.

Lolipop Jones:
Personally I am still using TC 7.1a.   

If the NSA or someone with similar skills and resources decides they want to see what's on my computer, I already have much bigger problems than a few torrented movies and stream recordings off of Spotify that may be sitting there.

My biggest concern would be anyone getting my logins and financial info.  This is protected within a KeePass file which has both a strong password and a keyfile (the latter hidden inside the windows\system folder) all of which is inside a TrueCrypt file which also has a strong password and a keyfile (the latter is stored on a USB stick I keep in my wallet, and a backup in my safe deposit box).

So far I haven't seen any signs of a TrueCrypt vulnerability that would enable J. Malicious Hacker to get to the valuable stuff, given the way I have it set up.

@Lolipop Jones: Reading this reminds me that I should consider using TC 7.1a as the "alternative" to TrueCrypt.
Sounds like your data backup is certainly secure  - exactly the way, for example, that Tresorit isn't.


[0] Message Index

[#] Next page

[*] Previous page

Go to full version