14 DAY TRIAL // The sudden termination of the TrueCrypt project created plenty of ripples on the web and apart from the technical implications that extend to various services, some users found an explanation for the author’s decision.
Some users searched for clues in the warning message heading the Sourceforge page of the product and emitted the theory that TrueCrypt was abandoned not because of faulty security but because its methods of encryption can be cracked by the NSA.
They believe the warning is in fact encrypted and, its rough decryption should be something along the lines of “Don't use TrueCrypt because it is under the control of the NSA.”
The curiosity of the users was stirred by the actual phrasing of the message, which reads “Using TrueCrypt is not secure as it may contain unfixed security issues.”
According to Badon, one of the users interpreting the hidden message, the “sentence uses strange English, like the word 'unfixed,' that is clearly contrived to fit a hidden message.”
He believes that the real message is actually in Latin and it is composed of the first letter of each word in the English text, resulting the phrase “uti nsa im cu si,” which, ran through Google’s translation service gives “If I wish to use the NSA.”
Some naysayers argue that “uti nsa im cu si” has no meaning in Latin because “im” and “cu” have no significance, only “uti” and “si” (“if”) do, and that only Google came up with that particular translation.
Even so, we checked Ultralingua for a translation of “uti” and the service revealed that it is the infinitive of “utor,” the English equivalent of “to use,” “to employ.”
Having such as strong verb, to use, in the same sentence with NSA does make one wonder.
If true, this appears to be a classic example of null encryption, which could be considered a very simple form of steganography, where the secret information is concealed within another, perfectly normal message (hiding in plain sight).
As such, the information is actually visible, non-encrypted, if you know where and what to look for. Using a null cipher would make sense, especially when encryption software is involved and the identity of author of the program is still a mystery.
Ceasing the development of the application was announced on May 28, when TrueCrypt’s home website (truecrypt.org) started to redirect all traffic to the Sourceforge page of the product, where instructions for migrating data encrypted with the program to other solutions are still present.
Provided the above examples, the theory that TrueCrypt’s demise is due to the fact that NSA is capable of decrypting the information it scrambles could actually hold water but, on the other hand, this could very well be just a conspiracy theory.