Anyone using truecrypt or any derivative work

will want to incorporate these patches on the Windows platform:

https://github.com/veracrypt/VeraCrypt/commit/9b24da3398581da1fa66c6b8f682bbcfa7ded4fd

https://github.com/veracrypt/VeraCrypt/commit/b7f9df6e4f09ba342fdbbadc63af5062cc57eaf2

So yeah, apparently you can get full admin rights through the driver. oops.

This entry was posted in crypto by neozeed. Bookmark the permalink.
avatar

About neozeed

What is there to tell? I've loved UNIX like things since I was first exposed to QNX in highschool (we had the Unisys ICONS!), and spent the better time of my teenage years trying to get my own UNIX... I should have bought Coherent in retrospect.. Anyways latched onto Linux in 1992, and then got some old BSD admin books and have been hooked on the VAX BSD & other big/ancient things since...!

3 thoughts on “Anyone using truecrypt or any derivative work

  1. I was thinking of upgrading to VeraCrypt. Do you know of any issues or “additions” to VeraCrypt that might compromise its sercurity? I’ve heard of another alternative, CipherShed, where it’s claimed that it is compromised (mainly those claims come from the coders of VeraCrypt). I’m no security expert so I don’t know what to believe!

    • Trust no one! Believe nothing!

      I think the only advice I could ever give on security that would ever hold water, is to never put all your trust in a single product. It’s a single attack vector.

      But now we live in a hyper virtualized world, how do you know your machine is real?

Leave a Reply

Your email address will not be published.

Notify me of followup comments via e-mail. You can also subscribe without commenting.