TrueCrypt Last Download for Testing

Donate for the Cryptome archive of files from June 1996 to the present

31 May 2014. Related:

2014-0831.htm  TrueCrypt Forensics  May 31, 2014

30 May 2014. A sends:

An unofficial mirror archive of TrueCrypt, i.e., the sources, binaries & cryptographic signatures of all versions that used to be available on the TrueCrypt website:

https://github.com/DrWhax/truecrypt-archive

Scroll down to see his remarks concerning TrueCrypt 7.2, i.e., the recent developments.

29 May 2014:

Date: Fri, 30 May 2014 02:10:40 +0100 (BST)
From: Tim Herklotz <timherklotz[at]yahoo.co.uk>
Subject: Cryptome. TrueCrypt Last Download for Testing
To: "cryptome[at]earthlink.net" <cryptome[at]earthlink.net>

The version you have is exact match for the one I have dated 7 Feb 2012.

29 May 2014

TrueCrypt Last Download for Testing

Date: Thu, 29 May 2014 21:23:27 +0100
From: NullDev <nulldev[at]hush.com>
To: cypherpunks[at]cpunks.org
Subject: Truecrypt tinfoil hat testing

With exquisite timing, I bought a new external HDD yesterday (28.05.14) and set about encrypting it with TrueCrypt. I installed via the terminal as I'm on Linux, ie:

wget http://www.truecrypt.org/download/truecrypt-7.1a-linux-x64.tar.gz

I extracted it, and encrypted my drive. The TrueCrypt website was looking it's normal self at that point: I referred to it a few times during the encryption.

However, no sooner had it finished at about 4pm UK time yesterday, I received the first email from someone on the list about Truecrypt pulling the plug. Their site had been changed to the one we see today, recommending we switch to an alternative like, ahem, something as fabulously secure as Bitlocker.

Ironic timing, huh? So, I have what was possibly the last download of a version 7.1a tarball before everything went titsup, and if you read what The Register said about Truecrypt's V.7.2 being corrupted/infected/backdoored here:

http://www.theregister.co.uk/2014/05/28/truecrypt_hack/

Then theoretically I have something to wonder about. However, it would appear that the date, checksum and verification are ok on what I downloaded. It *seems* clean.

It would be interesting to see if it's in anyone's scope to compare the source code with other versions of 7.1a for Linux: it's beyond mine, apologies. If anyone wants me to send them the tarball I'll be happy to oblige.

Let me know if I can be of assistance.

[The tarball:]

http://cryptome.org/2014/05/truecrypt-7.1a-linux-x64.tar.gz (2.7MB)