Just a few weeks ago, Google’s Project Zero security team announced how they had found two undisclosed TrueCrypt vulnerabilities in this whole-disk encryption tool. The news came as quite a shock, considering how this encryption tool is used by millions of people all over the world. But it turns out things are not as grim as assumed at first.A new report was presented by Fraunhofer Institute for Security Information Technology. While the report itself is 77 pages long – and very detailed to regarding these alleged vulnerabilities – it turns out TrueCrypt is safe under certain conditions. To be more precise, users are advised to use TrueCrypt as a tool for encrypting data at rest, rather than encrypting data stored in computer memory or on a mounted drive.
Furthermore, the two vulnerabilities discovered by Project Zero should be fixed, although there is no indication they are viable exploits. Accessing encrypted data stored on an unmounted drive is still questionable, even when using either of these two exploits. That being said, there are still a few questions regarding whether or not TrueCrypt users are aware of how this tool was intended to be used in the first place.
http://themerkle.com/news/truecrypt-is-relatively-safe-but-better-solutions-are-needed/