Nobody seems sure what’s going on, not even the spectacularly well-informed Bruce Schneier. But TrueCrypt, the whole-disc encryption program many have relied on for a decade, has either been mysteriously compromised or somebody’s pulled off a hoax. Brian Krebs thinks it’s the real deal and that the secretive TrueCrypt team is sending us all a warning.
As some have pointed out, the cryptic “official” announcement that “TrueCrypt is not secure as it may contain unfixed security issues …” could be read as “Not Secure As …”
Let’s hope for a hoax. TrueCrypt being subverted would be a major heartbreaker. And always … be careful out there.
(Tip o’ hat to S.)