[paavokoya]

The way in which TrueCrypt "became abandoned" does not inspire confidence as well. Considering they left a cryptic and very strange exit note that many perceived as a notice of law enforcement activity.

[goatsi]

The strongest evidence I have seen is that the developer was arrested by the DEA on unrelated charges.[0]

The full story about him is fascinating and well worth the read.[1]

[0] http://www.newyorker.com/news/news-desk/the-strange-origins-...

[1] https://mastermind.atavist.com/

[acqq]

It's not a developer of TrueCrypt but of E4M. At the time TrueCrypt was developed Le Roux was busy with doing crimes.

https://en.wikipedia.org/wiki/E4M

https://en.wikipedia.org/wiki/Paul_Le_Roux

Although TrueCrypt existed since 2004 he ordered his employees around 2007 to use E4M (which would be improbable if he really developed TrueCrypt). The developer (or developers) of TrueCrypt isn't publicly known.

[Nition]

If anything that cryptic abandonment actually gave me more confidence in TrueCrypt. Was it so hard to crack that the government shut it down?

[paavokoya]

I meant confidence in what came after it. Meaning the likelihood of a backdoored and/or weak software was likely.

[Nition]

Ah I get what you meant now, I agree. If some entity already had their eye on TrueCrypt and had shut it down, you wouldn't expect them to let a copycat pop up unless it was less secure.

[tptacek]

This is the "NSAKEY" of open source crypto conspiracy theories.

[quickben]

As far as I recall, there are 8 bytes set to zero in the TC header at a very curious location.

[tptacek]

That's always how these worst backdoors begin... with curious patterns of zeroes. How better to zero out a key than with actual zeroes. Nobody will ever suspect!