UPDATE AS OF June 3rd, 2014:
It seems the TrueCrypt project will live on under a new management team.  See the new website at:



Second Update:  

There is a great post on grc.com by Steve Gibson.  It is definitively worth reading. 

See it at:  https://www.grc.com/misc/truecrypt/truecrypt.htm

See an extract of the page below:

TrueCrypt v7.1a installation packages: Downloads
•  TrueCrypt Setup 7.1a.exe   (32/64-bit Windows) 6,170
•  TrueCrypt 7.1a Mac OS X.dmg 2,232
•  truecrypt-7.1a-linux-x64.tar.gz 2,246
•  truecrypt-7.1a-linux-x86.tar.gz 1,786
•  truecrypt-7.1a-linux-console-x64.tar.gz 1,710
•  truecrypt-7.1a-linux-console-x86.tar.gz 1,460
The TrueCrypt User's Guide for v7.1a:
•  TrueCrypt User Guide.pdf 4,245
The TrueCrypt v7.1a source code as a gzipped TAR and a ZIP:
•  TrueCrypt 7.1a Source.tar.gz 1,993
•  TrueCrypt 7.1a Source.zip 2,313
Verifying the TrueCrypt v7.1a Files
(Because caution is never foolish.)
      Many sites attempt to assert the authenticity of the files they offer by posting their cryptographic hash values. But if bad guys were able to maliciously alter the downloaded files, they could probably also alter the displayed hashes. Until we have secure DNS (DNSSEC, which will create a secured Internet-wide reference for many things besides IP addresses) the best we can do is
host confirmation hashes somewhere else
      , under the theory that as unlikely as it is that this primary site was hacked, it's significantly less likely that two unrelated sites were both hacked.

So, for those who double-knot their shoelaces,
      Taylor Hornby (aka FireXware) of Defuse Security is kindly hosting a page of hash values of every file listed above. And, being the thorough cryptographic code auditor that he is, Taylor first verified the files GRC is offering here against several independent archives:

Additional online TrueCrypt sites and repositories:

  • An almost-complete archive of the truecrypt.org website. A terrific Canadian web developer, Andrew Y. (who also created the ScriptSafe Chrome browser extension to duplicate the script-disabling of Firefox's NoScript), captured most of the TrueCrypt.org website before it disappeared from the Internet.
  • TrueCrypt.ch: A just launched, Swiss-based, possible new home for TrueCrypt. Follow these folks on Twitter: @TrueCryptNext. Given the deliberate continuing licensing encumbrance of the registered TrueCrypt trademark, it seems more likely that the current TrueCrypt code will be forked and subsequently renamed. In other words . . . for legal reasons it appears that what TrueCrypt becomes will not be called “TrueCrypt.”
  • github.com/DrWhax/truecrypt-archive: This is a frequently cited and trusted archive maintained by Jurre van Bergen (@DrWhax) and Stefan Sundin. It contains a nearly complete, historical repository of previous TrueCrypt versions, tracking its evolution all the way back to when it was previously named “ScramDisk” (which is when we were first using and working with it).
  • github.com/syglug/truecrypt: Another TrueCrypt v7.1 archive, though apparently not the latest. But readily browsable if someone wishes to poke around within the source with their web browser.
  • IsTrueCryptAuditedYet.com: This is the home of the TrueCrypt auditing project. As the audit moves into its next phase, digging past the startup and boot loader and into the core crypto, updates will be posted and maintained here

==== Original Story below =========

The anonymous developers responsible for building and maintaining the free whole-disk encryption suite TrueCrypt apparently threw in the towel this week, shuttering the TrueCrypt site and warning users that the product is no longer secure now that Microsoft has ended support for Windows XP.


Sometime in the last 24 hours, truecrypt.org began forwarding visitors to the program’s home page on sourceforge.net, a Web-based source code repository. That page includes instructions for helping Windows users transition drives protected by TrueCrypt over to BitLocker, the proprietary disk encryption program that ships with every Windows version (Ultimate/Enterprise or Pro) since Vista. The page also includes this ominous warning:

“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”

“This page exists only to help migrate existing data encrypted by TrueCrypt.”

“The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.”