TrueCrypt <a href="http://www.truecrypt.org/" target="_blank">is pretty dead</a>. We need some options here, and as far as I can see, there are only <strike>two</strike> three: * <a href="https://ciphershed.org/" target="_blank">CipherShed</a>. Currently a vanilla fork of TrueCrypt. * <a href="https://veracrypt.codeplex.com/" target="_blank">VeraCrypt</a>. A fork of TrueCrypt with some fixes and improvements. * Keep using <a href="https://truecrypt.ch/" target="_blank">TrueCrypt</a>. Neither of the two alternatives has had an official source code audit or anything. They are both open source. I will give a quick summary of the facts on both forks, concluding that I have no clue and will probably <strike>flip a coin</strike> roll a D3. Whether these facts are pro or con is up to your discretion. <div style="width:56%;float:left"> <h3>CipherShed Facts</h3> <ul> <li> They are on <a href="https://github.com/CipherShed/CipherShed/" target="_blank">github</a>. <li> They seem <i>dedicated</i>. Meaning, the information on their homepage sounds like they thought this through. <li> Not much has happened yet, they only forked TrueCrypt. <li> There is only a <a href="https://ciphershed.org/pre-alpha-testing-started/" target="_blank">pre-alpha version available</a>, which I won't touch. <li> They do not have any licensing information at all. <li> Longterm Plans are a bit fuzzy, according to <a href="https://wiki.ciphershed.org/" target="_blank">their wiki</a> they want to <ul> <li> Secure the code through audits, simplification, and a secure architecture. <li> Migrate towards a OSI-approved licensed codebase <li> Work closely with existing efforts such as <a href="https://opencryptoaudit.org/">OpenCryptoAuditProject</a>, <a href="https://code.google.com/p/cryptsetup/">LUKS</a>, <a href="https://en.wikipedia.org/wiki/Geli_(software)">GELI</a>, and <a href="https://github.com/bwalex/tc-play">tc-play</a>. </ul></ul></div> <div style="width:40%;float:left"> <h3>VeraCrypt Facts</h3> <ul> <li> According to the author in <a href="https://forum.truecrypt.ch/t/why-not-veracrypt/133" target="_blank">this thread</a>, VeraCrypt was first published on June 22nd 2013, so it has already aged a bit. <li> In fixing some of the security flaws in TC, they break backwards-compatibility. There is a conversion tool available. <li> They are on <a href="https://www.codeplex.com/" target="_blank">CodePlex</a> and the software is under Microsoft Public License. <li> Binaries are available for download, cross-platform. <li> Most relevant <a href="https://veracrypt.codeplex.com/wikipage?title=Future%20Development" target="_blank">longterm plan</a> is the ability to encrypt Windows system partitions/drives on UEFI-based computers (GPT). </ul></div> <p style="clear:both">So. If you have additional information, let me know in comments or by eMail. I am rattled beyond my usual level of confusion as to what I should do. Currently, I will probably give the VeraCrypt binaries a test ride on some machine.</p>