If you toss out the GUI stuff and the boilerplate encryption algorithms, the amount of important code in TrueCrypt is fairly small. It has, naturally enough, been subjected to attempts to break it:
> If you toss out the GUI stuff and the boilerplate encryption algorithms, the amount of important code in TrueCrypt is fairly small.
First of all, even if you use "boilerplate" encryption algorithms, crypto is ridiculously easy to get wrong, especially in a very demanding setting of disk encryption. Second, TrueCrypt's ability to present its volumes as virtual drives/mountable images is no small feat (both in Linux and NT).
OK, can't speak for their forum banning as I'm not familiar with that situation and correct I cannot find any public repositories - but that's not too rare for some open source projects.
The reasons for being partially anonymous are pretty clear, I doubt various governments are a great fan of TrueCrypt especially with its plausible deniability.
While I agree that we should not blindly place trust in security tools and assume we are safe, this link [1] gives me some optimism about TC's security (if it is to be believed... that's the problem with paranoia).
I made a question on Quora [1] for this in case anyone wants to contribute. I've seen alot of conflicting discussion on Hacker News as to the authenticity of TrueCrypt. Hopefully we can continue the dialogue and organize the response over there, as it may go beyond the scope of the discussion here, where it arguably only has a tenuous connection to amazon cloud storage or other web storage services.
http://www.zdnet.co.uk/news/security-management/2008/07/17/s...
Writing a sentence like "Some folks claim it has a backdoor" is painfully dishonest, manipulative, and scummy.