Skip to main content

TrueCrypt audit finds "no evidence of backdoors" or malicious code

posted onApril 15, 2014
by l33tdawg

On Monday, after seven months of discussion and planning, the first-phase of a two-part audit of TrueCrypt was released.

The results? iSEC, the company contracted to review the bootloader and Windows kernel driver for any backdoor or related security issue, concluded (PDF) that TrueCrypt has: “no evidence of backdoors or otherwise intentionally malicious code in the assessed areas.”

While the team did find some minor vulnerabilities in the code itself, iSEC labeled them as appearing to be “unintentional, introduced a the result of bugs rather than malice.” Since September 2013, a handful of cryptographers have been discussing new problems and alternatives to the popular security application. By February 2014, the Open Crypto Audit Project—a new organization based in North Carolina that seeks formal 501(c)3 non-profit status—raised around $80,000 towards this goal on various online fundraising sites.

Source

Tags

Security Encryption

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th