The news that the developers of TrueCrypt have abandoned the popular software has hit the security community like a ton of bricks, but there is apparently no lack of people who are eager to take on the responsibility.
The Open Crypt Audit Project has already announced that they are looking into the possibility of taking over the development of TrueCrypt or forking the code, depending on the licensing difficulties.
Another group of developers led by Thomas Bruderer and Joseph Doekbrijder has also shown interest in continuing to support TrueCrypt, and have already created a new website for the project at Truecrypt.ch.
As you can tell by the country-code TLD, the project is based in Switzerland, and the developers offered the following explanation: “If there have been legal problems with the US, the independent hosting in Switzerland will guarantee no interruption due to legal threats.”
Another difference between the two projects is that the developers will no longer be anonymous. Bruderer and Doekbrijder hope to get other supporters soon, and have called people interested in participating to contact them via Twitter or email.
The project’s first priority was to make TrueCrypt available again, and they did so by offering versions of TrueCrypt 7.1a for Windows, OS X and Linux for download on their website (with the caveat that the software is currently unmaintained, which might have security implications). They also linked to older versions and to the source code on GitHub.
Their second priority is to find interested and capable persons volunteering to help, identify and solve legal issues, and identify security threats. To the latter end, they will wait for the result of the second part of the Open Crypto Audit.
Finally, they will be forking the project and start solving security threats, and will found a support association (in Switzerland) for continued development.
“Currently the news is still in flux, and we will support any efforts in reviving TrueCrypt. If other Initiatives arise we will try to support them,” they noted. “At the moment we want to make sure everyone who wants can continue to use TrueCrypt.”