Bonum Certa Men Certa

Truecrypt Cannot be Audited Because It's Proprietary Software

Truecrypt



Summary: Why nobody should trust Truecrypt (or any other piece of proprietary software for that matter), even if it claims to have been "audited"

THE other day we alluded to Truecrypt in this post, not quite mentioning the holes in the argument that Truecrypt can be "audited" [1-3]. Unless everyone can view the code and compile it independently (or rely on others to do so independently), we must assume that Truecrypt is not secure and that it might contain back doors (either unidentified or deliberately planted). This whole Internet 'debate' about Truecrypt "audit" should remind us that Free software is vital for dodging surveillance.

The NSA has used corporations to facilitate snooping and it may not be alone [4]. This is happening at many levels [5-7] based on new leaks and revelations, so rather than look for evidence of insecurity (e.g. back door) we should pursue real assurance of security. You know what the spies like to tell us: if you have nothing to fear, you have nothing to hide, right? So come on, Truecrypt, share your source code. What have you got to hide?



Related/contextual items from the news:



  1. Should Truecrypt be audited?
    Truecrypt is a cross-platform, free disk encryption software for Windows and Unix-like operating systems. It is generally considered a good disk encryption software, and not too long ago, I wrote a tutorial that showed how to encrypt the Windows installation of a Windows-Linux dual-boot setup (see Dual-boot Fedora 18 and Windows 7, with full disk encryption configured on both OSs).


  2. New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks


  3. Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out
    The source code for the Windows, Linux and Mac OS X utility is publicly available for people to inspect and verify, but this has not been enough to convince every cryptography guru that it's entirely secure.


  4. After Snowden’s leaks, China’s Huawei calls for more transparency in the tech industry
    With all of the recent revelations about the US National Security Agency’s surveillance programs, it must be hard for the Chinese telecom equipment manufacturer Huawei not to gloat a little bit.

    After all, the leaks from former contractor Edward Snowden showed that the NSA enlisted US technology companies to enable its snooping on global telecommunications networks—which is exactly what US intelligence officials have accused Huawei of doing on behalf of the Chinese government.


  5. Europe Moves to Shield Citizens’ Data
    Lawmakers here have introduced a measure in the European Parliament that could require American companies like Google and Yahoo to seek clearance from European officials before complying with United States warrants seeking private data.


  6. Dutch Telcos Used Customer Metadata, Retained To Fight Terrorism, For Everyday Marketing Purposes


    One of the ironies of European outrage over the global surveillance conducted by the NSA and GCHQ is that in the EU, communications metadata must be kept by law anyway, although not many people there realize it.


  7. NSA Harvesting Contact Lists
    A new Snowden document shows that the NSA is harvesting contact lists -- e-mail address books, IM buddy lists, etc. -- from Google, Yahoo, Microsoft, Facebook, and others.


Recent Techrights' Posts

Hate Mail From Anonymous Cowards
if this persists, we'll need to escalate
Informal Open Letter to the Lawyer of the Microsofters (on Who's Funding the SLAPPs Against Techrights)
Whenever I ask about the funding they try to change the subject and act all aggressive
Microsoft Lunduke is Just Provoking People for Provocation's Sake
Be forewarned and remember where this guy came from: Microsoft
 
Gemini Links 09/08/2025: Rethinking Aliases and Posting on Gopher vs. the Web
Links for the day
Links 09/08/2025: Apollo 13 Astronaut Jim Lovell Dies, Slop Future Bleak
Links for the day
After Shutting Down Studios, Divisions, Applications (e.g. Skype) Microsoft is Also Shutting Down 'Apps'
Cuts all around as layoffs persist this month, Microsoft tries to get many people to resign, and debt skyrockets
Most of Geminispace Can Probably Fit on a CD-ROM or a DVD (the Textual Part)
If one excludes very large capsules and ones that contain non-textual contenty
Eventually UEFI 'Secure Boot' Will be Dropped (Users Will Demand Its Removal and Boycott Its Pushers)
we expect OEMs will just listen to users
The Register MS: We Know Slop is a Bubble and Mindless Hype, But We Get Paid to Participate
Call out the culprits
There Are Probably Over a Million Pages in Geminispace
there are two many limitations which merit a mention when it comes to assessing magnitude
Besieged by Plagiarists Who Play With LLMs and Image Fusions
We really need to exercise or use our collective voice to oppose Serial Sloppers
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, August 08, 2025
IRC logs for Friday, August 08, 2025
Gemini Links 09/08/2025: Water Painting and Political Violence
Links for the day
Slopwatch: LLM Sloppers in Google News, LinuxSecurity, and More
they also perpetuate some falsehoods as the LLMs lack any comprehension
Links 08/08/2025: China King of Plastics and US Dictator Plans to Meet Russian Dictator
Links for the day
Gemini Links 08/08/2025: Cracking a Family Member's Password and Overdose of Slop
Links for the day
Red Hat's Latest Talent Hunt, Day Ahead of Mass Layoffs, is Yet Another Microsoft Executive
Red Hat will apparently commence mass layoffs early this coming Monday
Links 08/08/2025: "Quit Facebook" and High Cost of Microsoft/Windows Shown Again ("BlackSuit")
Links for the day
Good Morning, Readers of The Register MS
Things The Register MS could (but does not) cover this morning
Why Gemini Protocol Has a Bright Future
Maybe Gemini Protocol's promise becomes more appealing as the Web turns to slop and bloat
It's a Lot Easier to Participate in the Unethical System Than to Oppose Injustices in It
Going after powerful and high-budget interests is never easy
Microsofters Filed Two SLAPPs Against Us, Now They Cannot Keep Up With Judges' Orders
For over 4 months already their facilitator in London has been under investigation by British authorities because of what's being done to my wife and I
Censorship Regarding Red Hat Layoffs
Talk about this? They'd rather not.
Struggling to Cut Costs, Microsoft Continues Shutting Down and Cancelling Stuff This Month
There are August layoffs at Microsoft
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, August 07, 2025
IRC logs for Thursday, August 07, 2025
Fake 'Linux' Articles, Written by Bots to Take Traffic Away From Real Articles
LLM slop helps replace information with junk or misinformation
When Google's Googlebombing of "Gemini" Was Not Enough; They Now Also Googlebomb "Gemini Space"?
We know GAFAM not only worries about Gemini Protocol but also attempts to 'infiltrate' Geminispace
The Register MS Promotes Microsoft Slop, Assumes All Readers Use Microsoft Windows
Microsoft really dominates the site
Gemini Links 08/08/2025: KDE/Qt Development and What's Missing From "Retro"
Links for the day
Links 07/08/2025: US Punishes India Instead of Russia, Attacks Law Firms to Prevent Scrutiny
Links for the day
Read Us in Geminispace as Well
it's definitely a lot simpler than using a Web browser
Once a Site About BSD and GNU/Linux, and After Months of Silence, LinuxBSDos.com Comes Back Only as a Slopfarm
very frustrating
Links 07/08/2025: Hardware Wars, Mass Recall of Colgate Total Clean Mint, More Microsoft Holes Found
Links for the day
Gemini Links 07/08/2025: "Right To Manage" and LoRa Analysis
Links for the day
For the First Time in a Month OSI's "OpenSource.org" Blogs and It's Basically a Microsoft Blog Post (Microsoft Controls OSI)
For the first time in a month OSI writes something and it is Microsoft propaganda composed by a Microsoft-salaried operative
Microsoft, Already Borrowing 3 Billion Dollars a Month, is Trying to Cause Many People to Resign
MSN (i.e. Microsoft) and others openly admit it
GAFAM 'Says' is Front Page "News"
The point of journalism is to check and assess facts, not parrot what people and companies merely claim
Links 07/08/2025: Apple Makes False Promises, More Trouble for Microsoft
Links for the day
OSS Didn't Always Mean Open Source Software
"oligarchs all the way down"
The Register MS Does More Microsoft Sez or GitHub Sez (Says) Pieces
60 minutes ago
They Want Activists to Just Barely Walk and Eat, Not Do Activism Anymore
It's sort of like the ending of '1984'
Quit Perpetuating the Narrative of Gemini Protocol 'Dying' (It's False)
The "whisper campaign" against Gemini Protocol
Criticising Social Control Media in Social Control Media
Many people are quitting Social Control Media (fewer of them announce this in public)
Non-Free JavaScript Programs in Banks Aren't Even the Biggest Problem
Technology was supposed to make life easier; in practice, however, for most of us the opposite effect can be observed
Slopfarms Are Typically Fake News
Slopfarms typically relay falsehoods
Gemini Links 06/08/2025: Replacing a Pocket Watch and Buying in Bulk
Links for the day
IBM is Obliterating Fedora
"Fedora releases were shipping with an increasing number of bugs on launch day even while I was using it for a several year stretch."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 06, 2025
IRC logs for Wednesday, August 06, 2025