Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Even when faced with this clear evidence, people consider TrueCrypt as being safe.

I don't understand. If your definition of 'safe' requires that no vulnerabilities can ever be discovered in a product, you're going to have to give up and never use a computer again.

Having some high-end crypto experts and some of the best bug hunters audit your product and then fix the discovered vulnerabilities puts you at the higher end of the security spectrum.

> VeryCrypt is under active development, so the situation is much better since the issues can be fixed in the future releases.

Counter-point for consideration: any non-maintenance code changes may introduce new issues that weren't part of this audit.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: