The developers of free encryption software called TrueCrypt have recently updated its website to warn users that the program is no longer being maintained and could contain security exploits.
TrueCrypt is a program that allows you to encrypt parts of your drive for saving files securely.
TrueCrypt’s website currently features the message: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”.
Exact details and further reasons for this information being displayed are unknown. The team behind TrueCrypt are a group of developers who remain anonymous and no further information has been provided.
Available information suggests this message is legitimate, and should be taken seriously.
Currently there are no reported vulnerabilities in TrueCrypt, but it is unlikely it will be updated to address future security vulnerabilities if they arise. Users of TrueCrypt are therefore advised to seek alternatives for encrypting their data.
TrueCrypt’s website states that their reason for shutting down is that new operating systems have similar tools built in, so they should be used instead.
The message and shutdown of TrueCrypt does not confirm if there actually is a current problem with TrueCrypt.
More information may emerge about this, but the safest option is to migrate to an alternative encryption solution.
The TrueCrypt website suggests several alternatives, most of which are already available by default in your operating system. They have included instructions for Microsoft Windows, Apple Mac and Linux based operating systems.
There are other alternatives to TrueCrypt listed on various websites, however if you are really concerned about your privacy and security, you should seek expert advice to help you choose a solution suitable to your needs.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.