Snowden’s Crypto Software May Be Tainted Forever

http://www.wired.com/2014/05/truecrypt/

Snowden’s Crypto Software May Be Tainted Forever
By Robert McMillan
05.29.14 | 8:19 pm

Edward Snowden saw the power of TrueCrypt. Before he became famous for leaking NSA documents to the press, he spent an afternoon in Hawaii teaching people how they could use the encryption software to securely and privately send information over the internet. And according to Reuters, the domestic partner of journalist Glen Greenwald used TrueCrypt to ferry some of Snowden’s leaked material between Brazil and Berlin.

But TrueCrypt may have lost this power–and may never get it back.

This week, a message appeared on the website that offers TrueCrypt, saying that the software “may contain some unfixed security issues” and should not be used. It was a big shock to the millions of people who now use the software to protect their online communications, but not just because it now seemed that the software was full of holes. The message arrived so suddenly–and without explanation–that many security experts are wondering if the message was posted by hackers who had compromised the website.

It’s all a bit of a mystery, because, like a small number of other open-source projects, TrueCrypt is built by anonymous developers. It’s hard to know if the good guys have screwed up or if the bad guys are in control.