Continued research after the first TrueCrypt audit yielded inconclusive results has discovered fatal privilege escalation vulnerabilities allowing for complete takeover (archived). So far this is known to affect TrueCrypt on Windows boxes, but there is still potential for other flaws to be discovered in TrueCrypt on other platforms. Details of the vulnerabilities are not yet disclosed, but this supports the possibility that it may not be possible at all to develop software offering any level of security on the Windows platform.
 |
Qntra - Herald Of The Most Serene Republic |
Further: The VeraCrypt derivative forked from TrueCrypt though this particular issue was reportedly patched, likely continues to posses undiscovered security issues.
Flawed, yes.
Fatally? So, I mean, if a local privilege escalation is fatal, what is a remote code execution vuln? Genocidal?
Methinks ye egaggerates a byte.
gbang0wn3d
Also fatal. In the same way electrocution and a knife to the kidney are both fatal.
The Windows OS itself is fatally flawed. Trying to run secure software on it would be like moving Fort Knox to Zimbabwe.
The security of Fort Knox is worthless when the government of Zimbabwe orders you to let them in to steal everything.
Tell me more about fatally flawed operating systems.