|
|
|
|
|
|
by ColanR
2057 days ago
|
|
|
The (real) reasons for it shutting down were never given. However, at the time it was theorized that in the event the maintainers had found a fundamental flaw, disclosing that flaw by issuing a patch would immediately jeopardize all preexisting truecrypt containers by revealing a method for breaking them. That would be untenable, and so the only alternative would be to shut down the entire project and recommend no further use of the software - as was done. A subsequent audit did not identify any such security flaw, so the prevailing theory is now that the maintainers were forced to stop work by a governmental agency. It's considered safe and now known as veracrypt. However, the question I have is whether a single crowdsourced security audit would be capable of finding a flaw that it took the developers themselves years (decades?) to identify. |
|
|