2 comments

[ 3.6 ms ] story [ 12.1 ms ] thread
Anyone have any opinions on the following questions? (where my opinion is in parentheses)

1) Did the TrueCrypt developer introduce the bugs? (extremely doubtful in my opionion)

2) Is this what the TrueCrypt developer meant when he said "Don't use it; it's not secure"? (also very doubtful IMO)

3) Do these bugs compromise the encryption directly? Obviously the bad guys can install a keylogger, etc., as in a zillion other privilege escalation bugs that afflict Windows. But does it allow bad guys to break the encryption in a powered-off TrueCrypt-encrypted laptop that the bad guys seize, find, or steal? (very doubtful I think)

It'll be interesting to know since when the bugs existed for further insight into questions 1 and 2.