EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.18.13

Truecrypt Cannot be Audited Because It’s Proprietary Software

Posted in Free/Libre Software, Security at 8:37 am by Dr. Roy Schestowitz

Truecrypt

Summary: Why nobody should trust Truecrypt (or any other piece of proprietary software for that matter), even if it claims to have been “audited”

THE other day we alluded to Truecrypt in this post, not quite mentioning the holes in the argument that Truecrypt can be “audited” [1-3]. Unless everyone can view the code and compile it independently (or rely on others to do so independently), we must assume that Truecrypt is not secure and that it might contain back doors (either unidentified or deliberately planted). This whole Internet ‘debate’ about Truecrypt “audit” should remind us that Free software is vital for dodging surveillance.

The NSA has used corporations to facilitate snooping and it may not be alone [4]. This is happening at many levels [5-7] based on new leaks and revelations, so rather than look for evidence of insecurity (e.g. back door) we should pursue real assurance of security. You know what the spies like to tell us: if you have nothing to fear, you have nothing to hide, right? So come on, Truecrypt, share your source code. What have you got to hide?

Related/contextual items from the news:

  1. Should Truecrypt be audited?

    Truecrypt is a cross-platform, free disk encryption software for Windows and Unix-like operating systems. It is generally considered a good disk encryption software, and not too long ago, I wrote a tutorial that showed how to encrypt the Windows installation of a Windows-Linux dual-boot setup (see Dual-boot Fedora 18 and Windows 7, with full disk encryption configured on both OSs).

  2. New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks
  3. Can you trust ‘NSA-proof’ TrueCrypt? Cough up some dough and find out

    The source code for the Windows, Linux and Mac OS X utility is publicly available for people to inspect and verify, but this has not been enough to convince every cryptography guru that it’s entirely secure.

  4. After Snowden’s leaks, China’s Huawei calls for more transparency in the tech industry

    With all of the recent revelations about the US National Security Agency’s surveillance programs, it must be hard for the Chinese telecom equipment manufacturer Huawei not to gloat a little bit.

    After all, the leaks from former contractor Edward Snowden showed that the NSA enlisted US technology companies to enable its snooping on global telecommunications networks—which is exactly what US intelligence officials have accused Huawei of doing on behalf of the Chinese government.

  5. Europe Moves to Shield Citizens’ Data

    Lawmakers here have introduced a measure in the European Parliament that could require American companies like Google and Yahoo to seek clearance from European officials before complying with United States warrants seeking private data.

  6. Dutch Telcos Used Customer Metadata, Retained To Fight Terrorism, For Everyday Marketing Purposes

    One of the ironies of European outrage over the global surveillance conducted by the NSA and GCHQ is that in the EU, communications metadata must be kept by law anyway, although not many people there realize it.

  7. NSA Harvesting Contact Lists

    A new Snowden document shows that the NSA is harvesting contact lists — e-mail address books, IM buddy lists, etc. — from Google, Yahoo, Microsoft, Facebook, and others.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 30/1/2015: CERN Adopts 64-bit GNU/Linux, Inkscape 0.91 Released

    Links for the day



  2. Apple- and Microsoft-Friendly Media Continues Attacking Android/Linux

    Some of the latest examples where corporate media (funded and run by large corporation) distorts facts, selectively covers facts, and generally serves to protect the Apple-Microsoft duopolist world view



  3. Qualys Admits That Its Scare Campaign (So-called 'GHOST') Somewhat Baseless

    Even the company that bombarded the media with its "GHOST" nonsense admits that this bug, which was fixed two years ago, does not pose much of a threat



  4. European Unitary Patent and Court System in Trouble

    New resistance to the Unitary Patent amid allegations of misconduct in the European patent authorities



  5. Text of Ruling/Decision Against Željko Topić (Regarding Audi as a Bribe)

    The legal loss of Željko Topić laid bear for the public to see even outside Croatia



  6. Media Coverage of Demonstration Against Jesper Kongstad of the Administrative Council (EPO)

    Last week's EPO demonstration has been covered by Danish media, raising awareness of the "banana republic" state of the EPO



  7. Links 29/1/2015: Android Shipments in 2014 Exceed 1,000,000,000, LibreOffice 4.4 is Out

    Links for the day



  8. Corporate Media, Led Astray by Patent Lawyers, Continues to Distort the Reality of Software Patents Post-Alice

    The press of the rich and the powerful continues its attempt to preserve software patents, despite the US Supreme Court's decision to abolish a lot of them on the basis of abstraction



  9. An Estimated 1,000 EPO Employees-Strong Legion Engulfs Danish Consulate to Protest Jesper Kongstad's (of Administrative Council) Protection of Benoît Battistelli

    A large protest waged by staff of the EPO targets one of the key facilitators of Battistelli's terrifying tyranny



  10. Links 28/1/2015: Ubuntu Touch Windowed Mode, NVIDIA Linux Legacy Drivers Updated

    Links for the day



  11. Breaking: EPO Vice-President Željko Topić Loses Defamation Case in Croatia

    The EPO's notorious Vice-President, whose appointment at the EPO is still raising some alarming questions, has just lost his case in Croatia (one of many cases), motivating us to accelerate coverage about the persona known as Željko Topić



  12. Qualys Starts Self-Promotional FUD Campaign, Naming a Bug That Was Already Fixed 2 Years Ago and Distros Have Covered With Patches

    Responding to the media blitz which paints GNU/Linux as insecure despite the fact that bugs were evidently found and fixed



  13. The Openwashing of Microsoft is Now Threatening to Eliminate the Identity of Free Software

    More openwashing of Microsoft, including in the corporate media, shows just to what great an extent and how quickly the old "Microsoft Open Source" Big Lie grows feet



  14. Links 27/1/2015: Plasma 5.2, Dell Precision With GNU/Linux

    Links for the day



  15. Microsoft's Media Attack on Free Software and GNU/Linux

    Brainwash war is still being waged by Microsoft and its friends to convince people that Windows is universally dominant and that Microsoft is now part of the Free software world



  16. Microsoft Accounting Practices After Fire Again, After Previous Abuses and Book-Cooking

    After the infamous IRS brawl comes another confrontation between Microsoft and the SEC, which is unhappy with Microsoft for seemingly cooking the books again



  17. Links 26/1/2015: Debian 8.0 “Jessie” RC1, Linux Kernel 3.19 RC6

    Links for the day



  18. Links 25/1/2015: Android Wear 5.0, Tizen in Bangladesh

    Links for the day



  19. IRC Proceedings: January 11th, 2015 – January 24th, 2015

    Many IRC logs



  20. Links 24/1/2015: Zenwalk Linux Reviewed, Netrunner 14.1 Released

    Links for the day



  21. The Latest 'Microsoft is Open Source' Propaganda a Parade of Lies

    Microsoft myth makers continue their assault on what is objectively true and try to tell the public that Microsoft is a friend of "Open Source"



  22. Apple -- Like Microsoft -- Not Interested in the Security of Its Operating Systems

    Apple neglected to patch known security flaws in Mac OS X for no less than three months and only did something about that vector of intrusion when the public found out about it



  23. As Battistelli Breaks the Rules and Topić Silences Staff, New European Parliament Petition for Tackling the EPO's Abuses is Needed

    The neglected (by EPO) Article 4a of the European Patent Convention (EPC) and the European Parliament petition/complaint against the EPO's crooked management



  24. Links 23/1/2015: Red Hat on IBM Power, Meizu Leaks With Ubuntu

    Links for the day



  25. Links 23/1/2015: Plasma 5.2, Manjaro 0.9-pre1

    Links for the day



  26. Microsoft is Dying Due to Free Software, Tries to Infect GNU/Linux With .NET and to Infect Moodle in Schools With Microsoft Office and OOXML Lock-in

    'Free' drugs (a proprietary software analogy) the new strategy of Microsoft in its latest battle against Free software, especially in schools where choice is a rarity (if not an impossibility), with the premeditated intention of forming dependency/addiction among young people



  27. Microsoft Symptoms of a Dying Company: More Boosters Depart, Back Doors Revealed, Microsoft's Outlook Cracked

    Bad news for Microsoft shortly before the marketing extravaganza served to cover much of it up



  28. The Collapse of European Patent Office Management Culminates With Resignations

    No blood is spilled, but even the management of the EPO is falling apart as the Director of Internal Communication is said to have just resigned



  29. New LCA Talk: Open Invention Network's Deb Nicholson on Software Patents and Patent Trolls

    Deb Nicholson's LCA talk is now publicly accessible



  30. Links 22/1/2015: GNU/Linux Sysadmin Opportunities, TraceFS Introduced

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts