That is really, really scary. Everytime a privacy/security project shuts down spontaneously with the devs giving little to no info it makes the hair in my neck rise. Just like when TrueCrypt suddenly disappeared.
If it helps, my understanding is that the TrueCrypt situation was that the developer just wanted to be done with the project, and did not want anyone to take it over and see their project potentially destroyed by someone else.
Well, veracrypt (https://veracrypt.codeplex.com/) picked it up and enhanced it, totally open sourced also. Even though some forks might steer away from the original concept of the project, others embrace it and run with it.
These "forks" actually bother me quite a bit. They're essentially saying "screw whatever you wanted, I'm taking your code anyway." Its bothersome to say the least.
Don't you think that's the beauty of open source software? Use a piece or the whole code base and make it yours, bend it to your needs as you see fit. Being locked to an [ideology|mission|vision] is what's wrong, innovation is not achieved either in isolation nor in bondage.
That's the point: Truecrypt wasn't open source, at least not in the FOSS sense. I'm not a lawyer, but my understanding is that there is a ton of ambiguity over whether you can make modifications to the Truecrypt source code and still abide by the license. The source code was only open in that no one really trusts any crypto that can't be reviewed, so the source code was released to aid that.
It probably is the most likely explanation, however shutting down mid security audit (that found no significant problems/backdoors) and recommending alternatives that are closed source and where the companys might cooperate with Agencys can't say that it didn't look off. Also lavabit happened not long before that.
Steve Gibson, and at least a few other people in the crypto community (named Matthew Green) say the same thing. Its entirely possible it's a big coverup, but seems quite unlikely.
That is really, really scary. Everytime a privacy/security project shuts down spontaneously with the devs giving little to no info it makes the hair in my neck rise. Just like when TrueCrypt suddenly disappeared.
If it helps, my understanding is that the TrueCrypt situation was that the developer just wanted to be done with the project, and did not want anyone to take it over and see their project potentially destroyed by someone else.
Well, veracrypt (https://veracrypt.codeplex.com/) picked it up and enhanced it, totally open sourced also. Even though some forks might steer away from the original concept of the project, others embrace it and run with it.
These "forks" actually bother me quite a bit. They're essentially saying "screw whatever you wanted, I'm taking your code anyway." Its bothersome to say the least.
Don't you think that's the beauty of open source software? Use a piece or the whole code base and make it yours, bend it to your needs as you see fit. Being locked to an [ideology|mission|vision] is what's wrong, innovation is not achieved either in isolation nor in bondage.
That's the point: Truecrypt wasn't open source, at least not in the FOSS sense. I'm not a lawyer, but my understanding is that there is a ton of ambiguity over whether you can make modifications to the Truecrypt source code and still abide by the license. The source code was only open in that no one really trusts any crypto that can't be reviewed, so the source code was released to aid that.
It probably is the most likely explanation, however shutting down mid security audit (that found no significant problems/backdoors) and recommending alternatives that are closed source and where the companys might cooperate with Agencys can't say that it didn't look off. Also lavabit happened not long before that.
Steve Gibson, and at least a few other people in the crypto community (named Matthew Green) say the same thing. Its entirely possible it's a big coverup, but seems quite unlikely.