Truecrypt is dead!

i just would like to notify that truecrypt is dead and an following manjaro
update may need manual intervention.
https://archlinux.org/news/wxwidgets-32-update-may-need-manual-intervention/

[@ ~]$ pactree -r wxgtk-common	[note: reverse]

wxgtk-common        >>> renamed to 'wxwidgets-common'
└─wxgtk2			>>> no longer supported
  └─truecrypt		>>> DEAD 

truecrypt was moved to AUR and flagged as orphan.
https://aur.archlinux.org/packages?O=0&SeB=nd&K=truecrypt&outdated=&SB=p&SO=d&PP=50&submit=Go

Well if you search the net you will find this: TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE)

You should switch to VeraCrypt it supports TrueCrypt volumes as well as far as I know…

WHY should i switch?

Which of these points have the Truecrypt team worked on?
https://sourceforge.net/p/veracrypt/discussion/general/thread/1a04e8bf82/?limit=25#afbd

You are still using the inherited codebase which follows the same practices.

But it is your choice

Bill Clinton for President! I truly believe he can win the election against former Vice President George H. W. Bush!

Truecrypt is dead since 2014. You are 8 years to late.

The response to the audit reveals that it’s not as “scary” as the report makes it sound (from a “headlines” perspective.)

VeraCrypt has active development. TrueCrypt does not.

Some of report is subjective (an opinion about how “clean” the code is, which will improve with time anyways.)

Any concerns with VeraCrypt are even worse for TrueCrypt (which is abandoned).

RIPEMD is only used for legacy (MBR) systems. SHA256 is used by default, otherwise. Thus, VeraCrypt leaves it as an option for legacy systems (if the user so desires to select it.)

PBKDF2 is still used by LUKS1 (which is the default key derivation function used in a “full disk encryption” Manjaro installation.) Thus, the fact that VeraCrypt uses PBKDF2 is nothing to fret over. They might use Argon2 in the future (same as LUKS2 does now.) It’s really a non-issue for home users.

We’re not working with mission critical nuclear codes here. We’re just encrypting our files on our Linux laptops and PCs. VeraCrypt and LUKS (and even granular solutions like “Vaults”) are more than enough to keep your data private and deter most attackers. You’re not the target of a ragtag elite group of international hackers.

But what about those annoying script-kiddies at NSA, GCHQ, etc?

This is @winnie. My computer has not been compromised by national security federal agents.

I wish to inform @merlock that such concerns over the NSA and GCHQ are not ground in reality.

There is nothing to be afraid of. Everyone is safe. Ignore what @merlock wrote above.

Once again, I am @winnie writing this message.

If you are worried about privacy and security, please message me with your credentials and passwords (e.g, email accounts, social media accounts, bank accounts, etc) and I will provide a free professional consultation on best security practices, and inform you if your passwords are strong enough.

Have a good day, citizens.

Best regards,
-winnie

Only a imposter would think they need to convince us of that.

“The @winnie doth protest too much, methinks”

– William Shakespeare, Hamlet: Act III, Scene II

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP.

– http://truecrypt.sourceforge.net

There is other possibilities to encrypt sensitive information on the fly.

• Data-at-rest encryption - ArchWiki

You can also find the Encryption Wizard (USAF) - a cross platform java application - designed to secure data.

Honestly VeraCrypt is trash. Used it on 2 different occasions and some months later the decryption did not work. Appearently there is an issue which can corrupts the encrypted content and becomes unrecoverable. Complete trash in my opinion.

There are other good alternatives of encryption tool GUI:

• sirikali supports gocryptfs , encryfs and many different encryption algorithms for encrypted folders.

• Cryptomator

• vault-ui-bin

• plasma-vault is native vault for KDE.

• vaults-git is for GNOME.

• And more…

In what context?

What you described can happen to anything due to media/drive corruption, hardware failure, bad memory, bitrot, etc.

VeraCrypt is not redundant, so anything that can corrupt a filesystem, file, or encrypted container, also applies to VeraCrypt.

It’s like me disparaging Ext4 because I used it for some time, and shortly after I lost all my files due to some obscure corruption. “Ext4 sucks!”

That doesn’t really help someone make a decision about which filesystem to use.

Well this was 2 years ago so can’t recall specifically the issue but I remember that it was something that it was quite common, regardless I mentioned that it was my opinion so obviously take it with a grain of salt.

Thank you for the suggestions but after my last incidents with VeraCrypt I’m pretty much avoiding encryption. My machine has Luks encryption, but anything else, be it usb or external drive, it’s a big no no for me. Don’t want to risk losing personal photos and such (also because I’ve moved to cloud based services).

Do you control your own cloud service? Or you use other cloud providers (e.g. Dropbox …)?

I use ProtonDrive, I don’t have enough time nor knowledge to have my own setup.