What a misleading news article! "Using Truecrypt is not secure". It was the leading secure encryption technology for YEARS. How could the discontinuation of Windows XP in any way affect this? The clue is right there in the announcement. WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues". Note the keyword "MAY". It did not before the demise of XP. Then they recommend BitLocker, which Microsoft has already admitted to giving a backdoor to the NSA. Ask yourself, what has changed?
One thing missing in a lot of these news articles is the discussion about how this may be the response of the developers, after being ordered by the NSA to provide a backdoor. Microsoft has already done so for their encryption protocols. Bit Locker should in no way be considered 'safe' encryption. The NSA has a backdoor to bitlocker encryption, furnished to them by Microsoft.
Lavabit, the secure, encrypted email service also chose to close their operation rather than give big brother (the NSA) the keys to the kingdom. They also served them with a court-ordered gag order, to prevent them from discussing the fact that the NSA had brought the legal system to the fight. Their only options were to A. Quit, or B. Turn over software access to the encryption protocols, giving the NSA carte blanche to read 'secured' emails.
The ongoing, third party assessment of Truecrypt has found no evidence of critical security flaws. The existing versions of Truecrypt may be the only really secure encryption available. I have saved the last 5 iterations of the software, and plan on continuing to use it. No other encryption can be trusted after the 'Patriot Act'. This abomination of the courts has compromised the freedoms Americans have enjoyed more than anything else in our history.
The anonymous developers responsible for building and maintaining the free whole-disk encryption suite TrueCrypt apparently threw in the towel this week, shuttering the TrueCrypt site and warning users that the product is no longer secure now that Microsoft has ended support for Windows XP.
Sometime in the last 24 hours, truecrypt.org began forwarding visitors to the program's home page on sourceforge.net, a Web-based source code repository. That page includes instructions for helping Windows users transition drives protected by TrueCrypt over to BitLocker, the proprietary disk encryption program that ships with every Windows version (Ultimate/Enterprise or Pro) since Vista. The page also includes this ominous warning:
"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"
"This page exists only to help migrate existing data encrypted by TrueCrypt."
"The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform."
Doubters soon questioned whether the redirect was a hoax or the result of the TrueCrypt site being hacked. But a cursory review of the site's historic hosting, WHOIS and DNS records shows no substantive changes recently.
Continued : http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/
Related:
"TrueCrypt is not secure," official SourceForge page abruptly warns
Ominous Warning or Hoax? TrueCrypt Warns Software 'Not Secure,' Development Shut Down
Bombshell TrueCrypt advisory: Backdoor? Hack? Hoax? None of the above?
Of TrueCrypt and Warrant Canaries
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic