truecrypt practically admits it cannot be trusted

Discussion in 'privacy technology' started by tomcraven, Dec 9, 2012.

Thread Status:
Not open for further replies.
  1. tomcraven

    tomcraven Registered Member

    Dec 9, 2012
    I am not one to engage in conspiracy theories, but I found that Truecrypt is entirely inconsistent in its claims of great security.

    TrueCrypt's faq says, in part:

    that sounds wonderful, until you read the disclaimer:

    I can understand a standard disclaimer, they are typical for legal purposes. What I don't understand is a disclaimer that warns that any claims Truecrypt makes outside the disclaimer could possibly be false or misleading. You will never find that kind of language in any standard disclaimer.

    This is particularly bad since it is worse than a used car warranty. Although a used car is sold "as is", you will not find the disclaimer stating that the salesman could possibly have lied to you.

    What reason could a company have for disclaiming its own truth-claims, except that it doesn't believe its own truth-claims? The fact that it tried to impress the reader with a media story about the FBI being unable to crack it raised an eyebrow...most of us know that media reports are often slanted sufficiently that the truth claim is misleading, or the story is plainly false.

    If Truecrypt wished to impress the non-gullible public that it has a good product, it would not make such disclaimers or engage in efforts to remain essentially anonymous. Trying to support a claim with a ancedotal evidence from a media article only impresses the gullible. Those who are serious about finding out who Truecrypt's developers really are, should have no problems thinking of a legal way to force their public disclosure. If you sue somebody, they are forced to come into the light, even if the suit is totally frivolous, or else they risk being slapped with a default judgment. If you keep the lawsuit simple, they could never claim more than $400 in legal fees after they get it dismissed. No corporate lawyer would need more than a half hour to file a motion to dismiss a complaint that was only one page long.

    For that matter, Truecrypt's unbelievable disclaimer might even be found voidable under standard contract law. I cannot think of a single case where a company successfully defended itself against injuries created by its own product, by citing a provision of a disclaimer that said "it may just as well be that all of our truth-claims are lies, and this is YOUR risk!" (!?)

    The ball is in our court, we just aren't bouncing it.
  2. Cudni

    Cudni Global Moderator

    May 24, 2009
Thread Status:
Not open for further replies.