TrueCrypt Critical Flaws Exposed

The Windows encryption software TrueCrypt, which has already been abandoned by its developer due to security issues, has been officially deemed as unsafe by Google researcher James Forshaw, according to Engadget. Forshaw found two "privilege elevation" loopholes that could be exploited by hackers to give them full access to the user's data.

TrueCrypt has been a popular disk encryption program for several years, with many people considering it to the be the most reliable software for its purpose, according to Extreme Tech.

Despite its popularity, the project was shut down and abandoned by its developers 18 months ago, with the reason being stated simply as "unresolved security issues," according to ZDNet.

The bugs leave open the possibility of hackers hijacking computer processes that can lead to full administrator privileges, which opens up the possibility of malware, surveillance and other malicious processes.

Although many users are taking advantage of TrueCrypt because it's free, there are other more secure open source encryption software options available including VeraCrypt and CipherShed.

Forshaw's findings come after an audit that took place earlier this year by a team of iSec security researchers that found the program to be safe and error-free. However, Forshaw acknowledged that audits typically don't catch every single bug.

Tags
Security, Bugs, Exposed, Encryption, Windows, Google, Hacker, Hackers, Hijack, Malware, Audit
Real Time Analytics