TrueCrypt may have found new life courtesy of developers trying to resurrect the project.
Last week, the original developers of TrueCrypt unexpectedly announced they were no longing working on the tool. In a message, they stated that the open source, on-the-fly encryption software was not secure and recommended users migrate any data protected by TrueCrypt to encrypted disks or virtual disk images supported on their platform.
In response to the situation, developers Thomas Bruderer and Joseph Doekbrijder are organizing a team to either pick up where the original developers left off or build on its code as the basis of a new product.
“This is not a fork (yet), we just coordinate,” according to information on TrueCrypt.ch.
According to the site, the first priority is making the product available again. Next is finding interested and capable people to volunteer to help as well as addressing any legal issues. The third goal is to resolve any security threats and start a support group for continued development.
“TrueCrypt is a respected piece of security software, used by many to encrypt their sensitive files and entire hard drives,” blogged security researcher Graham Cluley. “Earlier this year, independent auditors found “no evidence of backdoors or intentional flaws” when examining its code. Nonetheless, the anonymous coders behind TrueCrypt have shut the door and pulled down the shades. The TrueCrypt.ch team (is) clearly frustrated by the abrupt cessation of the software, and (says) that they will do things differently.”
The Open Crypto Audit Project (OCAP) said on Twitter that it is going forward with a security audit of TrueCrypt’s code and will release it publicly later this year.
The very first version of TrueCrypt was released back in February 2004. Since then, it has been downloaded approximately 30 million times.
Right now, TrueCrypt.ch is offering the latest version of TrueCrypt for download. There are other sources online that have some of the TrueCrypt releases available, such as ‘DrWhax/truecrypt-archive‘ and ‘syglug/truecrypt.‘
“It seems natural that others will step up to the plate to pick up future development,” said Steve Pate, chief architect for HyTrust. “We have seen this before when developers of other open source projects have moved on. There are over 190,000 lines of code in the TrueCrypt source, so getting up to speed for any new developers is going to be an uphill battle.”
