![]() The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances. Matthew Green's blog post on the report provides the key details, which notes a few small issues that should be fixed, but nothing too serious: The TL DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. ![]() This week the full audit was completed and again finds no evidence of any backdoors planted in the code. A year ago, the team released the first phase, finding a few small vulnerabilities, but no backdoors and nothing too serious. Cryptographer Matthew Green decided to lead an effort to audit TrueCrypt. ![]() The popular and widely used full disk encryption system got some attention soon after the initial Snowden leaks when people started realizing that no one really knew who was behind TrueCrypt, and that the software had not been fully audited. Over the past few years we've followed the saga of TrueCrypt.
0 Comments
Leave a Reply. |