The systems we have today are incredibly complex. That’s why we keep finding vulnerabilities all of the time everywhere. Those kinds of vulnerabilities slipped through, which, and again, not to really be too concerned about it, I mean this is really complex software.
It clearly focused more on TrueCrypt’s encryption as compared to its interaction with the system but (which is where the vulnerability was found so that the encryption was fine), but the fact is some things slipped through. There was an actual security audit performed on TrueCrypt. Then with or without this particular vulnerability in TrueCrypt, you know malware could be logging your keystrokes, could be reading your data, doing whatever.īut it has got us thinking a little bit, because as we know, about a year ago now, TrueCrypt was unceremoniously dropped by its developer with some very vague notes that had everybody kind of freaking out at the time. You don’t have to worry about your data being exposed somehow, unless of course, you have malware on your machine. The really good news, of course, is that vulnerability has nothing to do with TrueCrypt’s encryption. TrueCrypt’s encryption remains solid. So, naturally, I mean the good news is that it requires the cooperation or the presence of malware to take advantage of or to exploit that vulnerability in TrueCrypt. It is likely that it’s not a huge deal, but as I understand it, the way it works is that the security flaw in TrueCrypt would allow malware on your machine to gain elevated privileges. In other words, become administrator on your machine, and once malware becomes administrator, they can do all sorts of nasty things. As I understand it, it may only apply to TrueCrypt used in a specific way, meaning whole disk encryption. So, TrueCrypt, you probably heard announced a couple of weeks ago that there had been found a security flaw in TrueCrypt itself.
Boxcryptor bestellung software#
LastPass, we just heard a couple of days ago that they’ve been sold to LogMeIn, and then I ran into something that doesn’t portend well for the future of Boxcryptor Classic.Īll three of these are software that I’ve recommended, so I wanted to quickly take a few minutes and talk about what the issue is with each of them why you shouldn’t necessarily panic, of course, but then also what I’m looking into to move forward for each of them, in case we end up needing to make some changes. TrueCrypt, we heard about its security flaw a couple of weeks ago. In the last couple of weeks, we’ve had pieces of news, and I’ve had at least one experience with each of those three pieces of software I just mentioned. Boxcrypter, TrueCrypt, LastPass … Oh, my!
0 kommentar(er)
