![]() The audit, which was contracted out by the Germany Federal Office for Security in Information Technology, largely mirrors the conclusions reached in April, where a separate group of auditors provided the same conclusions on TrueCrypt. Fraunhofer researchers in addition to their research, discovered several additional previously unknown TrueCrypt security flaws. One of the serious vulnerabilities reported allowed an application running as a normal user or within a low-integrity security sandbox to elevate privileges to SYSTEM and at times even the kernel. The extremely detailed 77-page analysis (PDF) comes five weeks after Google’s Project Zero security team disclosed two unknown TrueCrypt vulnerabilities, which led thousands into a panic thinking the tool was completely insecure. TrueCrypt, the whole-disk encryption tool used by millions of privacy and security enthusiasts is safer than originally reported, according to a new comprehensive analysis conducted by the Fraunhofer Institute for Secure Information Technology.
0 Comments
Leave a Reply. |