![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
- Joined
- Aug 20, 2006
- Messages
- 13,000
The Fraunhofer Institute for Secure Information Technology has released a large report suggesting that while the encryption tool does have vulnerabilities, it remains dependable so long as the data is kept offline.
I would say that the TrueCrypt code base is probably alright for the most parts. The flaws we found were minor, and similar flaws can occur also in any other implementation of cryptographic functions. In that sense TrueCrypt seems not better or worse than its alternatives. Code quality could be improved, though, as there are some places that call for a refactoring and certainly for better documentation. But generally the software does what it was designed for.
I would say that the TrueCrypt code base is probably alright for the most parts. The flaws we found were minor, and similar flaws can occur also in any other implementation of cryptographic functions. In that sense TrueCrypt seems not better or worse than its alternatives. Code quality could be improved, though, as there are some places that call for a refactoring and certainly for better documentation. But generally the software does what it was designed for.