Connect with us

Hi, what are you looking for?


Email Security

TrueCrypt Supporters Try to Keep Project Alive

TrueCrypt may have found new life courtesy of developers trying to resurrect the project.

TrueCrypt may have found new life courtesy of developers trying to resurrect the project.

Last week, the original developers of TrueCrypt unexpectedly announced they were no longing working on the tool. In a message, they stated that the open source, on-the-fly encryption software was not secure and recommended users migrate any data protected by TrueCrypt to encrypted disks or virtual disk images supported on their platform.

In response to the situation, developers Thomas Bruderer and Joseph Doekbrijder are organizing a team to either pick up where the original developers left off or build on its code as the basis of a new product.

“This is not a fork (yet), we just coordinate,” according to information on

According to the site, the first priority is making the product available again. Next is finding interested and capable people to volunteer to help as well as addressing any legal issues. The third goal is to resolve any security threats and start a support group for continued development.

“TrueCrypt is a respected piece of security software, used by many to encrypt their sensitive files and entire hard drives,” blogged security researcher Graham Cluley. “Earlier this year, independent auditors found “no evidence of backdoors or intentional flaws” when examining its code. Nonetheless, the anonymous coders behind TrueCrypt have shut the door and pulled down the shades. The team (is) clearly frustrated by the abrupt cessation of the software, and (says) that they will do things differently.”

The Open Crypto Audit Project (OCAP) said on Twitter that it is going forward with a security audit of TrueCrypt’s code and will release it publicly later this year.

Advertisement. Scroll to continue reading.

The very first version of TrueCrypt was released back in February 2004. Since then, it has been downloaded approximately 30 million times.

Right now, is offering the latest version of TrueCrypt for download. There are other sources online that have some of the TrueCrypt releases available, such as ‘DrWhax/truecrypt-archive‘ and ‘syglug/truecrypt.

“It seems natural that others will step up to the plate to pick up future development,” said Steve Pate, chief architect for HyTrust. “We have seen this before when developers of other open source projects have moved on. There are over 190,000 lines of code in the TrueCrypt source, so getting up to speed for any new developers is going to be an uphill battle.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...