[Discuss] TrueCrypt EOL, what's next?

[gaf at blu.org (Jerry Feldman)]

OpenOffice was given to Apache 2 years ago.

On 05/29/2014 08:02 PM, Richard Pieri wrote:
> Tom Metro wrote:
>> But seriously, the warning on the site/code was good practice, however,
>> they should have announced the discontinuation in advance, and offered
>> to transition the project to a new team, if they no longer wanted to
>> continue development.
> No, I disagree, and not just for the sake of being disagreeable. I point
> at Oracle's assumption of ownership of MySQL and OpenOffice as most
> egregious examples of what can go wrong when a project is handed over to
> a new team or new owners. At the very least there is a distinct lack of
> trust towards Oracle over its stewardship of these two projects. Such a
> lack of trust is a kiss of death for a security-related project like
> TrueCrypt. No, this is a clear and absolute announcement that the
> developers are burying TrueCrypt and moving on. This is the best case.
>
> The worst case? There's a flaw in the on-disk structures, a fundamental
> weakness that can't be fixed with a software patch. Something like this
> can ONLY be remedied by decrypting the entire volume and re-encrypting
> it with something else.
>
>
> As for what to replace it with? I don't know. TrueCrypt is unique. It's
> the only free-ish, source-visible disk encryption tool that is portable
> across Macintosh, Windows and Linux. Disk Cryptor is GPL but is
> Windows-only. FreeOTFE is open source, Windows and sort-of Linux but is
> no longer maintained and no Macintosh.
>
> There are a number of cross-platform commercial tools. They're all
> expensive. Few support dual- and multi-boot systems. Most require Active
> Directory infrastructure.
>

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90