Elevation-of-privilege vulnerabilities found in popular encryption system
Google Project Zero hacker James Forshaw has found a pair of privilege-elevation holes in the once-popular TrueCrypt encryption package. The bugs have been patched in spinoff app Veracrypt, so if you want to stay secure, you may want to shift over to that package. The flaws are not the fabled backdoors feared lurking in the TrueCrypt code, but can be exploited to compromise the machine, install spyware, record password keystrokes, and so on. TrueCrypt development was axed last year after its mys...