The widely used disk-encryption tool TrueCrypt made an announcement Wednesday that the system is insecure and therefore unsafe. This unforeseen statement shocked the crypto world, as TrueCrypt has been considered one of the most secure software.
At the top of the Truecrypt homepage, an note in all red letters: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues,” then warns that the page solely exists now to instruct how to migrate existing data over to Bitlocker, a Microsoft encryption program.
The encryption tool has been well trusted and used for more than ten years. Edward Snowden even taught how to use the program during a Hawaii “Cryptoparty” back in December 2012, during the same time the former NSA contractor reached out to journalist Glenn Greenwald.
It is currently unclear why exactly TrueCrypt abruptly ceased this open source, volunteer project that had been crowdfunded over the years. Wednesday’s event also puts a greater question on how reliable these volunteer projects are when it comes to encryption.
Last month, the Heartbleed bug in OpenSSL baffled major tech companies when a significant vulnerability was discovered in the system that was used to secure sensitive browsing data.