The popular encryption software TrueCrypt public audit has concluded that there is no government backdoors or unfixable vulnerabilities that could kill the project flat.TrueCrypt called it quits last year unexpectedly, saying that it "may contain unfixed security issues" and that the software "is not secure." Its developers directed users to more readily available alternatives like Microsoft's BitLocker (which was later found to have been cracked by the CIA).
The audit, Green added, “found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.”
TrueCrypt is used for what’s known as full disk encryption, an additional layer of security on top of the common method of encrypting files separately.
The report, conducted by a team of security researchers, did note several security flaws in the software. But it said those weaknesses would only cause TrueCrypt to crack in limited circumstances.
The software had glowing recommendations from security experts, as well as whistleblower Edward Snowden. But the mystery surrounding the project's death remains much of a mystery.
The loss of Truecrypt's developers is keenly felt by a number of people who rely on full disk encryption to protect their data,” he said. “With luck, the code will be carried on by others.”
