EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.18.13

Truecrypt Cannot be Audited Because It’s Proprietary Software

Posted in Free/Libre Software, Security at 8:37 am by Dr. Roy Schestowitz

Truecrypt

Summary: Why nobody should trust Truecrypt (or any other piece of proprietary software for that matter), even if it claims to have been “audited”

THE other day we alluded to Truecrypt in this post, not quite mentioning the holes in the argument that Truecrypt can be “audited” [1-3]. Unless everyone can view the code and compile it independently (or rely on others to do so independently), we must assume that Truecrypt is not secure and that it might contain back doors (either unidentified or deliberately planted). This whole Internet ‘debate’ about Truecrypt “audit” should remind us that Free software is vital for dodging surveillance.

The NSA has used corporations to facilitate snooping and it may not be alone [4]. This is happening at many levels [5-7] based on new leaks and revelations, so rather than look for evidence of insecurity (e.g. back door) we should pursue real assurance of security. You know what the spies like to tell us: if you have nothing to fear, you have nothing to hide, right? So come on, Truecrypt, share your source code. What have you got to hide?

Related/contextual items from the news:

  1. Should Truecrypt be audited?

    Truecrypt is a cross-platform, free disk encryption software for Windows and Unix-like operating systems. It is generally considered a good disk encryption software, and not too long ago, I wrote a tutorial that showed how to encrypt the Windows installation of a Windows-Linux dual-boot setup (see Dual-boot Fedora 18 and Windows 7, with full disk encryption configured on both OSs).

  2. New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks
  3. Can you trust ‘NSA-proof’ TrueCrypt? Cough up some dough and find out

    The source code for the Windows, Linux and Mac OS X utility is publicly available for people to inspect and verify, but this has not been enough to convince every cryptography guru that it’s entirely secure.

  4. After Snowden’s leaks, China’s Huawei calls for more transparency in the tech industry

    With all of the recent revelations about the US National Security Agency’s surveillance programs, it must be hard for the Chinese telecom equipment manufacturer Huawei not to gloat a little bit.

    After all, the leaks from former contractor Edward Snowden showed that the NSA enlisted US technology companies to enable its snooping on global telecommunications networks—which is exactly what US intelligence officials have accused Huawei of doing on behalf of the Chinese government.

  5. Europe Moves to Shield Citizens’ Data

    Lawmakers here have introduced a measure in the European Parliament that could require American companies like Google and Yahoo to seek clearance from European officials before complying with United States warrants seeking private data.

  6. Dutch Telcos Used Customer Metadata, Retained To Fight Terrorism, For Everyday Marketing Purposes

    One of the ironies of European outrage over the global surveillance conducted by the NSA and GCHQ is that in the EU, communications metadata must be kept by law anyway, although not many people there realize it.

  7. NSA Harvesting Contact Lists

    A new Snowden document shows that the NSA is harvesting contact lists — e-mail address books, IM buddy lists, etc. — from Google, Yahoo, Microsoft, Facebook, and others.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The EPO's Dutch Scandal Leaves Battistelli and His Cronies on the Run

    EPO management is making concessions and issues statements which admit defeat, allowing the staff union to continue its activities



  2. Microsoft Won't Let People Wipe (Off) Windows But Happily Wipes Android, Wipes Android Apps Through Cyanogen and Blackmailed 'Partners'

    Microsoft's obscene double-standards leave Android and Linux between a rock and a hard place



  3. Links 26/3/2015: GNOME 3.16 Officially Released

    Links for the day



  4. Links 25/3/2015: India Moving to Free Software

    Links for the day



  5. Another Reason to Boycott UEFI: Back Doors or Crackers

    UEFI makes computers more prone to infections, according to some security experts



  6. The EPO's Administrative Council is Under Increased Pressure to Rein in and to Finally Stop Benoît Battistelli

    The EPO's Administrative Council (AC) is about to have a meeting, so the Member States' delegations are urged to call for action



  7. IRC Proceedings: February 22nd - March 21st, 2015

    Many IRC logs



  8. The Latest Microsoft Attacks on GNU/Linux and Free/Libre Software

    Microsoft is still hiding behind the façade of 'love' whilst actively attacking GNU/Linux and Free software from many directions



  9. Attempts to Disrupt Android by Pushing Microsoft Software Into It (Using Patent Blackmail and Cyanogen)

    Microsoft's Android coup d'état is succeeding owing to public apathy and poor comprehension of what Microsoft really is up to, partly due to media misdirection



  10. Links 24/3/2015: WebKitGTK+ 2.8.0, Black Lab Linux 6.5

    Links for the day



  11. Concerns Over Željko Topić's Alleged Powerful Links in Croatian Diplomacy

    Rikard Frgačić explains the powerful connections acquired though Ivan Šimonović, who is himself connected to EPO Vice-President Željko Topić



  12. Benoît Battistelli's EPO Comes Under Fire From Prominent Figures Who Are Key EPO Stakeholders, Expect Battistelli to Resign 'in the Longer Term'

    The ‘reign of terror’ which is primarily attributed to Battistelli and his cronies may be about to end; the Luxembourg parliament approves the Unified Patent Court



  13. Benoît Battistelli's EPO is Under Attack From French Politicians Yet Again

    More EPO interventions -- this time from France -- target Benoît Battistelli over his abuses and take it up to Eurocrats for political actions



  14. Bribes and Extortion Help Turn Android (Linux-powered) Into 'Microsoft Android'

    A strategy involving harassment and bribes drives large Android players into Microsoft's arms (PRISM and lock-in), much to Google's (and users') detriment and beyond regulators' range of visibility



  15. Microsoft-connected Black Duck Software Created by Microsoft Marketing Man as an Anti-GPL Operation, Admits the Management

    Black Duck "was founded [on] the idea ... to keep GPL-licensed code out of corporate codebases entirely," according to a new report



  16. Links 23/3/2015: Linux 4.0 RC5, Kubuntu Celebrates Ten Years

    Links for the day



  17. Microsoft Admits Lying (or Deceiving) About the Cost of Vista 10

    After much hype in the press about Windows being 'free' it turns out that Microsoft just lied yet again, leaving that lingering perception that Windows is as inexpensive as GNU/Linux



  18. Politics of Blackmail at the EPO

    Comments serve to highlight the role of bribes (or contrariwise blackmail), as allegedly exercised by the current management of the European Patent Office



  19. Benoît Battistelli's EPO Comes Under Attack From the British

    A British MEP criticises Battistelli and the management of the European Patent Office (EPO) while Baroness Lucy Neville-Rolfe, UK Minister for Intellectual Property, gets closer to Battistelli in a tactless effort to improve relations



  20. The Royal Norwegian Department of Labour on the Right of European Patent Office (EPO) Workers to Strike

    The role of bureaucrats from Norway in defending (or not) the rights of EPO workers -- rights that the EPO's management is actively trying to deny and punish for



  21. Michael Silver Back to Acting as Gartner's Microsoft Agent, Promoting Vista 10 Based on False Promises

    Vista 10 in the headlines as its marketing propaganda zones in on false perceptions around cost, aided in part by longtime foes of GNU/Linux such as Gartner, especially its Microsoft-embedded elements (Michael Silver and co-workers)



  22. Despite Media Propaganda About Security, Microsoft Windows Remains the Least Secure Operating System, by Design

    Amid highly misleading security-centric reports that rely on Microsoft's bogus number of vulnerabilities (Microsoft already admitted hiding many of them) Techrights presents recent news about Windows 'security'



  23. Canonical Goes to Bed With Company That Sues Linux Using Software Patents and Copyrights (Through SCO)

    Despite Microsoft's continued assault on GNU/Linux, Canonical is foolish enough to give Microsoft control over many Ubuntu instances



  24. Links 22/3/2015: GNOME 3.16 Shaping Up, LibrePlanet 2015

    Links for the day



  25. Microsoft Hates Linux - Part VI - Propaganda Wars Against Free Software Facilitated While Media Control is Secured and Abused

    How Microsoft systematically lies to the public, including decision-makers and officials who can be tricked into choosing proprietary software, thinking it is in fact "open"



  26. Microsoft Hates Linux - Part V - Dumping and Surveillance to Counter GNU/Linux Insurgence

    Microsoft makes false claims about future versions of Windows (with more surveillance) becoming 'free' in order to stop migrations to GNU/Linux



  27. Microsoft Hates Linux - Part IV - Deleting, Attacking Android/Linux From Within

    Microsoft 'loves' Linux so much that it is trying to get on top of Linux and then delete Linux



  28. Microsoft Hates Linux - Part III - Abducting the Competition (Android)

    How Microsoft tried to destroy Android using a coup d'état approach, just shortly before getting caught, then retreating and rewriting the public record



  29. Microsoft Hates Linux - Part II - Patent Lawsuits Against Android/Linux Still Going On, New Ones Filed

    Microsoft and Intellectual Ventures are suing Android companies using software patents while some Android vendors settle by becoming slaves of Microsoft



  30. Microsoft Hates Linux - Part I - The UEFI Attack on GNU/Linux

    Microsoft's highly abusive tactics against GNU/Linux live on in UEFI form, dispelling any myths that someone may still cling onto regarding a 'reformed' Microsoft


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts