[cryptography] TrueCrypt

Dave Howe davehowe.pentesting at gmail.com
Thu May 29 08:15:04 EDT 2014


On 29/05/2014 09:20, Lukasz Biegaj wrote:
> On 29.05.2014 09:34, David Johnston wrote:
>> Someone needs to fork the code (the version prior to the most recent
>> change), address the issues raised in the recent audit and host it
>> outside the jurisdiction of the US government, using fresh signing keys.
Build environment is a bit of a 'mare though - possibly a new group
could fix that, and fold in reproducable builds too?


> Nitpick: Truecrypt is proprietary (it's source is viewable, but you
> aren't licensed to distribute modifications of it).
Not seeing that from the licence, TBH - it has the usual "you can't call
it truecrypt" stuff, and if you distribute a modified copy you have to
include an ACK to the project (like the BSD licence used to) and if you
make a larger product with bits of tc in it, it carries a gpl-like
requirement that the resulting product be under an OSS licence; not
seeing any restriction on it other than that. Maybe you could enlighten me?


More information about the cryptography mailing list