Its a great product and was the absolute leader during its "reign". The few blemishes discovered have been corrected in cousin "VeraCrypt", which is also very nice. For offline nothing beats these two.
I felt that the vulnerabilities were no worse than any other escalation of any other program. Once you've opened a TC container, it's available for any program, including malware that's present through ANY route of attack. Anyone heard what the audit position/plan of VeraCrypt is?
It's a good idea to have Veracrypt audited. Meanwhile, I use Bitlocker for OS drive full disk encryption, and Veracrypt for file encryption.
If Verycrypt would support FDE of the OS drive under UEFI secure boot, then sure I'll use Veracrypt over Bitlocker any day. However...
I don't believe anyone with any money has ever started a project to examine VC at this time. Of course its casually discussed. Almost everyone hopes that ANY open source project gets a complete "examination". In the real world there just isn't enough money. The source code (Windows and Linux) is available and I can tell you the linux build is pretty easy and reliably built if you are so inclined. Regretfully I cannot expand/comment on the Windows version of VC because I no longer use Windows encryption for security. Because I literally don't want to take the time to compile VC Windows, I have stayed with my personally compiled TC for my FAMILY windows machines. These are basic privacy needs and not 3 letter agency stuff. For at rest data encryption its VeraCrypt, especially external usb drives 500+ GB ------ > 2 TB. Oliverjia -- I wouldn't hesitate to use Bitlocker for a business need or something OTHER than a 3 letter agency where UEFI is concerned.
VeraCrypt people come across as really sloppy poor programmers for some reason. I won't trust them. I am using TrueCrypt and waiting for Ciphershed clone.
I find the VC linux code to be solid. Its 95% tweaked TC linux code. It builds reliably and performs excellently without fail. Can you help me/them/us by citing where the code looks sloppy? Feel free to PM me if you don't want to put the code flaws here in public. I do not use Windows for any system disk encryption (where security is paramount) so I can no longer responsibly comment on the VC/TC windows code. I answer basic questions on occasion in the encryption forum but I purposefully limit the technical expertise displayed there. Especially when failure to use safety recovery tools (header backups, rescue disk, etc.) have been neglected - followed by screams for help.
