Story of Truecrypt

If you remember last decade, you probably remember an enigmatic disk encryption utility Truecrypt. Some strange design choices, an eventual Linux port, a wealth of unheard of features and rather paranoid design features, as well as an unusual license that didn't play nice with Free software norms.

Its developers remained pseudonymous, something not so unusual back then, and didn't interact much except developing Truecrypt.

And then one day the music stopped. A warning noting that the program had flaws, to updated to the latest decrypt only, and migrate data was given that immediately threw off red flags. It was a very obvious sign to do something else with data.

Truecrypt was survived by its volume container format TCRYPT. The program was forked into a few other viable projects including the even more paranoid Veracrypt. Entirely Free software implementations such as tcplay sprung up for operating TCRYPT partitions.

Eventually, after many years, cryptsetup, the mainstream linux encrypted volume support added support for TCRYPT volumes. Truecrypt might be dead and buried, but its container format, with all its features live on.

So why was Truecrypt? As we later came to know, the creator of Truecrypt was unmasked as a mid-level drug trafficker. No better inspiration for writing decent security as if your data is actually at risk. Did the hidden volume actually work? We don't know. But we do know he flipped states witness.

We also know after he flipped, as soon as he was released from prison, he updated Truecrypt telling everyone to abandon the project. He might have given up drug dealers, but he didn't sell out the FOSS community.(also now, cannabis is legal)

Sign in to participate in the conversation
Wandering Shop

The Wandering Shop is a Mastodon instance initially geared for the science fiction and fantasy community but open to anyone. We want our 'local' timeline to have the feel of a coffee shop at a good convention: tables full of friendly conversation on a wide variety of topics. We welcome everyone who wants to participate, so long as you're willing to abide by our code of conduct.