TrueCrypt Code Audit Complete
-
@tonyshowoff said:
Source code is now available, could easily be forked, so any idea that some state suppressed it seems a tad alarmist. I'd be more surprised if the US didn't actually fund parts of the project in the first place, just like how the US Navy funded/lead to the creation of Tor, a favourite of drug pushers and child pornographers everywhere.
The source code has alway been available. But legally, TrueCrypt is NOT open source. It has always been released under a unique license. Yes, there are forks of it. That does not means they are actually legal. Especially as TrueCrypt itself was never cleared of the original legal scuffle that came about when it was released.
No matter who helped fund it, the shut down was prompted by pressure from a state, you will be hard pressed to dissuade me of that.
-
@JaredBusch said:
No matter who helped fund it, the shut down was prompted by pressure from a state, you will be hard pressed to dissuade me of that.
Well, that's true with acts of faith rather than acts of reason in most cases, unless you have any sort of proof, and that's not a challenge, that's a request, I'd really like to see it; especially as someone who is fairly anti-state, anything such as that only helps me prove points in other arguments.
Additionally it may not be legally open source but that doesn't really matter, unless there's someone that wishes to uphold the licensing it really becomes unimportant.
It does make one wonder though that if a state pressured them, why aren't others being pressured into non-existence? Unless they are in which case again I'd like to know.
-
@tonyshowoff said:
Well, that's true with acts of faith rather than acts of reason in most cases, unless you have any sort of proof, and that's not a challenge, that's a request, I'd really like to see it.
People making a successful product generally do not suddenly close up shop and gut the code as was done here. All but one of the developers went radio silent. The only one talking made pretty much no comments. Reasonable people question acts like this. Reasonable people want proof. When all is hidden, history has shown us that there is generally a power behind it. So I assume (yes it is an assumption) that historical fact is the likely driver here also.
@tonyshowoff said:
Additionally it may not be legally open source but that doesn't really matter, unless there's someone that wishes to uphold the licensing it really becomes unimportant.
TrueCrypt is not available by default in a number of Linux derivatives specifically because of the license. That is far from unimportant.
-
@JaredBusch said:
People making a successful product generally do not suddenly close up shop and gut the code as was done here.
Well, it does happen, but not often. I can't think of any examples off hand but there have been software companies that were in the black, doing well, and they shut down.
All but one of the developers went radio silent. The only one talking made pretty much no comments.
Actually I agree that is very suspect.
Reasonable people question acts like this. Reasonable people want proof. When all is hidden, history has shown us that there is generally a power behind it. So I assume (yes it is an assumption) that historical fact is the likely driver here also.
Well, they do, but you're mixing asking questions with wanting proof, I want proof of the conclusions you've already reached (you're beyond asking questions if you say "nobody can tell me otherwise"), and I think that's reasonable to want proof, but you don't seem to need it at all.
TrueCrypt is not available by default in a number of Linux derivatives specifically because of the license. That is far from unimportant.
Surely someone could take it upon themselves to do it.
-
@tonyshowoff said:
Surely someone could take it upon themselves to do it.
Not with the licensing model that they used. TrueCrypt was never really FOSS. It was in the example that the source code exists and can be seen by the public. But not in the way that it could be forked. This was a big deal a while ago if I remember and resulted in it not being included in a lot of Linux distros.
-
@tonyshowoff said:
Well, they do, but you're mixing asking questions with wanting proof, I want proof of the conclusions you've already reached (you're beyond asking questions if you say "nobody can tell me otherwise"), and I think that's reasonable to want proof, but you don't seem to need it at all.
I did not say "nobody can tell me otherwise". I said it would be hard to dissuade me. That and stating that I made an assumption, and I realize that is was an assumption. But my assumption is based on historical record (to my knowledge, and I certainly do not know everything).
So I can be dissuaded by facts. If any ever come to light, I will most certainly believe them over my assumptions.
-
@coliver said:
@tonyshowoff said:
Surely someone could take it upon themselves to do it.
Not with the licensing model that they used. TrueCrypt was never really FOSS. It was in the example that the source code exists and can be seen by the public. But not in the way that it could be forked. This was a big deal a while ago if I remember and resulted in it not being included in a lot of Linux distros.
And why not? If the TrueCrypt foundation is gone and the project abandoned, who would go out of their way to uphold the licensing? Licensing only exists because we all mutually agree it does and because someone is willing to enforce it.
-
@JaredBusch said:
I did not say "nobody can tell me otherwise". I said it would be hard to dissuade me. That and stating that I made an assumption, and I realize that is was an assumption. But my assumption is based on historical record (to my knowledge, and I certainly do not know everything).
You're absolutely right, you did say that, I apologise for misquoting you, I guess I misread it initially.
So I can be dissuaded by facts. If any ever come to light, I will most certainly believe them over my assumptions.
Let's hope they do
-
@tonyshowoff said:
@JaredBusch said:
Lends more credence to the assumption that the project was scrapped under force by some authority.
Read: the US Government.
Source code is now available, could easily be forked....
It was forked already, actually.
-
@tonyshowoff said:
....the US Navy funded/lead to the creation of Tor, a favourite of drug pushers and child pornographers everywhere.
This could be taken so many ways...
- Do drug pushers and pædophiles like to join the navy?
- Does the navy just get a lot of moral support from these groups?
- Does the navy support those groups?
- Do the two physically interact or do they just like each other?
-
@scottalanmiller said:
@tonyshowoff said:
....the US Navy funded/lead to the creation of Tor, a favourite of drug pushers and child pornographers everywhere.
This could be taken so many ways...
- Do drug pushers and pædophiles like to join the navy?
- Does the navy just get a lot of moral support from these groups?
- Does the navy support those groups?
- Do the two physically interact or do they just like each other?
lol, yeah, that part was a joke... or do I have secret information?