[nickpsecurity]

It was ridiculous that the author even brought it up. The privacy-aware and technologist audiences will be smart enough to see that he in no way connected Le Roux to Truecrypt in the whole series. The others will mentally connect "mass murdering, drug lord" to "Truecrypt" due to repetition. This image will be the one they hear the likes of Comey say in public media where encryption is the tool of thugs and must be backdoored/squashed. The author is doing a disservice to both Truecrypt and encryption in general by constantly trying to tie it in.

It should've been mentioned in the beginning with his E4M work and then later in the follow-up question. That's it unless the author has more evidence with a solid or highly-probable tie-in to Truecrypt.

[gothenburg]

What do you mean? It was explained on part 2 that the code for TrueCrypt was built on top of E4M.

"I asked him what he meant, and Hafner told me that in the middle of the development work for DriveCrypt, he discovered that Le Roux was still working on E4M and had incorporated some of his work for SecurStar into his personal project. (...) In 2004, a group of anonymous developers did exactly what Hafner had feared: They released a new and powerful, free file-encryption program, called TrueCrypt, built on the code for E4M. “TrueCrypt is based on (and might be considered a sequel to)” E4M, a release announcement stated."

In: https://mastermind.atavist.com/he-always-had-a-dark-side

[nickpsecurity]

It was. It also has almost nothing to do with anything in the whole series. It should've been one fact in isolation about one part of Le Roux's history. Instead, the author keeps dropping lines about Truecrypt as if to tie Le Roux's name to it and imply he's been behind its funding or shutdown. Without evidence. Repeatedly.

He's better off just leaving it off except the E4M-Truecrypt beginning and the question in court. It wasn't relevant to anything else unless I'm overlooking something. THe rest of the article is about pharmacies, call centers, hitmen, and so on. Nothing to do with TrueCrypt.

[gothenburg]

I don't agree with your view. The author briefly mentioned the relation E4M-Truecrypt only 2 times as it found some kind of evidence or relation between those two projects. And it is valid as the involvement of Le Roux in the Somalia wars, for example.

I don't feel the author is milking any of it to make the article more interesting.

[nickpsecurity]

I get why you're saying it and all. It's just that this article really plays on the E4M-Truecrypt connection and jumps between Le Roux and its story. See here:

https://mastermind.atavist.com/he-always-had-a-dark-side

The Hacker News comments and title showed many were already thinking a grand reveal was forthcoming of how Le Roux was financing Truecrypt all this time. It keeps getting mentioned even though it has nothing to do with Le Roux's life or story post E4M. Here's an alternative that's more accurate for the significance of Truecrypt to the story:

The original paragraphs on E4M and Truecrypt spinoff stay. After sentence "...message boards for good," the author stops talking about Truecrypt entirely. He should mention PhoneCrypt offer in isolation as it was significant. Later on, might mention for the trial question the context that some people suspected Le Roux might have funded or worked on Truecrypt all this time. Then show he was asked, said yes for E4M, and no for Truecrypt. Then move on.

I mean, there's not much reason to talk so much about Truecrypt, Snowden's view of it, and so on if there's nothing tying Le Roux to Truecrypt. That someone built on his work and it turned into a solid tool would be enough to say. The only good thing I could think of is that the author is trying to encourage people to use Truecrypt and such strong, OSS encrypt by embedding it into his piece. That would be annoying but justifiable in a greater good sense. Still not relevant to Paul Le Roux, though, past fork of E4M without evidence he was behind Truecrypt.

[Trundle]

I'm not sure there's a need for the author to be trying to encourage the audience to do anything. A central theme of the story is building Le Roux up to seem as big/talented/accomplished as possible. Things like the fact that he has logging and mining concerns are brought up repeatedly despite them not being directly related to him getting busted for meth, but they serve to keep you thinking "this guy is achieving a lot". You can pick it even from the title of the series.

Truecrypt is very well known amongst tech literate people and Snowden at least is well known amongst the rest. By repeatedly driving home the fact that Le Roux was responsible for the foundation of this software, it makes him seem more impressive in the readers mind.

[nickpsecurity]

I could see that. Yet, Truecrypt and its successes were some other group's work. He just made essentially the prototype that had enough functionality to give them a head start. In its original form, it wouldn't have achieved all the stuff described for Truecrypt in the article.

So, saying he made E4M that others' turned into Truecrypt... then dropping Truecrypt... is more honest if we're talking his accomplishments. Not Truecrypt developers' accomplishments.