Just one year back, TrueCrypt was the most preferred hard drive encryption tool, upon which millions of users used to put their trust. It was certainly one of the best programs that could offer proper encryption security to the hard disk data. However, in May 2014 this tool got… abandoned by its original developers, and since then it is not receiving any security updates.
At the official website, the developers clearly published a note stating that the software might have some unfixed security issues, and thus users must avoid using it and switch to an alternative to TrueCrypt. While many users have stopped using the tool, many are probably still using it as they are not clear about the security loopholes of the software. Although the original developers of the program didn’t mention clearly the security loopholes, but they had some reasons for which they discontinued the software. It is important to bring the facts related to this open source encryption tool to your attention. On that note, this article explains the currents updates about the software, its cause of closure and what the users must do now.
Why the Software Got Closed?
The developers, who were building and maintaining this open source encryption tool, posted the warning message to reveal the possibility of unfixed security issues in the tool. Since then, the TrueCrypt.org redirects to the home page of sourceforge.net. The homepage covers the instruction to help Windows users in switching their encrypted volume from TrueCrypt to BitLocker. BitLocker is the inbuilt whole disk encryption tool of Windows OS.
Experts say that TrueCrypt’s developers decided to abandon this software program because Microsoft ended its support for XP. All Windows operating system, above XP version, come with inbuilt hard disk encryption software. Thus users of these Windows versions will not require any extra hard drive encryption tool. However, Windows XP doesn’t have any inbuilt encryption tool and thus users need third party tool for the encryption security of the hard drive. But since Microsoft has ended support for Windows XP and most likely users will stop using this OS, so probably the TrueCrypt’s developers thought that no one would be interested in using their software.
However, it is difficult to believe that this popular tool was pulled down for this reason only. The logic of not believing it gets strong because it is a multiplatform tool that is compatible with Mac OS X and Linux also. Moreover, even Windows users might have preferred using this tool for its effectiveness.
The Current Highlights
Matthew Green, one of the directors of the Open Crypto Audit Project (OCAP) on TrueCrypt said that he is disappointed with the abrupt method the developers choose to bring down the shutter for this program. According to Green, the developers could have abandoned the software in a way through which some other volunteer group could get the license to use the code for the program. But the developers’ way of abandoning the tool has set the whole thing on the fire. Now, according to Green, no one will trust the code thinking that there is some big evil vulnerability in the code.
However, the developers were enquired about the permission to use the TrueCypt’s existing source code to start an independent version. Then one of the team members replied that the code can be used as a reference for a complete code rewriting.
Since, the license situation related to this hard drive encryption software is complicated, so volunteer group can only use the code as a reference to rewrite a completely new code from the very start. Several projects have shown interest in creating TrueCrypt’s fork. Currently, VeraCrypt and CipherShed are two such projects that are based on TrueCrypt’s code.
Users should stop using this hard drive encryption software as the tool is no more getting security updates. Using such a tool is no more secure. Thus, they should start using alternative to TrueCrypt. They can use BitLocker, the inbuilt Windows whole disk encryption tool. Otherwise, they can also use TrueCrypt’s fork VeraCrypt and CipherShed. These two are also open source encryption tools for hard drives.