So what's the opinion on truecyrpt here? All I know is a while ago the dev stopped support and told everyone to stop using it. Is there anything to actually be concerned about?
7.1a is still robust.
But really if you want really reliable encryption, don't use windows.
>>51754212
I wouldn't trust it.
dm-crypt/LUKS or geom_eli only.
It has a shady background but that's all you have to be concerned about.
I'd say it's a bad idea to jump into using dead software though.
>>51754212
Use Veracrypt already
>>51754622
>>51754294
Truecrypt Audits: 1
dm-crypt audits: 0
Veracrypt audits: 0
>>51754659
Retard the audit is old and its already been shown that TC is no longer trusted.
I use it to nig-proof sensitive information on my USB sticks incase I lose them. Wouldn't recommend it for anything more than that.
Isn't it released under an Open Source license though? Why hasn't anybody made a fork?
>>51755800
Veracrypt retard
>>51755800
The audit found no particularly significant cryptographic problems. The audit actually missed a subtle locally-exploitable privilege-escalation bug in the driver, however - c'est la vie!
I'm surprised I haven't seen anyone compile VeraCrypt (a TrueCrypt fork) with deterministic compilation. That would have been a good idea. I can't recommend it without that for now. I don't trust the people who've taken it over, not one bit, it's even shadier than when David Tesarik had it before. I'd say compile it yourself, but I know that compiling TrueCrypt is an exercise in frustration.
The TC licence is complicated, since it's itself a long-ago fork of Encryption For The Masses (e4m), and although you can see and distribute the source and object code, it is not actually an approved Open Source licence, no.
dm-crypt LUKS is better. Bitlocker is at least supported on its operating system (not on Home versions of Windows, only Pro, and you'll need to set group policy to allow it if you don't have a TPM), but uses a weaker CBC mode (they removed the Elephant diffuser, because... I don't know why - but they haven't replaced it with XTS mode) and can sometimes use hardware encryption on Self-Encrypting Drives when TCG Opal 2.0 is available (which is IMHO a bad idea because it's almost always implemented poorly). However, it's not absolute shit, does zeroise keys on suspend, supports UEFI, etc. Bitlocker doesn't upload the keys (or recovery keys) anywhere unless you allow it to: the System Encryption on the Home versions of Windows 10 does, however, to stop normies easily locking themselves out.
Remember, none of them are safe against threats which can write to your disk. Don't use them with any online services. You need authenticated encryption for that, which has extra overhead, and no in-place full-disk-encryption solution uses that (because it would mean different logical sector sizes to physical sectors, which tends to crash things in unexpected places).
>>51754212
By the way - always use a strong password. By which I mean one with actual entropy north of the 100-bit range. 8, 9, 10 words of Diceware passphrase - something like that.
If you use a weak passphrase, it's game over. That's true of basically every FDE product and is not a weakness in the product, but in the user. PBKDF2, regardless of the number of iterations, isn't a significant obstacle. (Argon2 would help a little more, these days. Someone should probably add that to LUKS...)
>>51755582
>TC has been shown to be unreliable
Yeah, against attackers with either login or physical access to the system, retard.
>protip: no encryption can protect against retarded users
>>51757076
Still being this retarded and trusting no longer supported software.