[fsflover]

> How does one know that any secure communications provider is secure? I use tools like Signal and protonmail, but this article has me thinking that those might as well be government ops.

We need independent crowdfunded external audits for that like the one performed for TrueCrypt.

[DSingularity]

TrueCrypt Rest In Peace.

[fsflover]

Actually AFAIK it still works fine except privilege escalations (which do not concern users caring about security and using Qubes OS).

[edm0nd]

VeraCrypt is what most moved to iirc.

I still actually wonder what actually happened to TrueCrypt. Did a dev get threatened with a NSA or FBI NSL? Did they get asked to implant a bug so they shut it down instead? So many questions.

[RcouF1uZ4gsC]

Conspiracy theory me says it was the NSA. From their home page warning.

> WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues.

The phrase “not secure as” is interesting as the first letter spell out NSA.

[jlgaddis]

Also, the first letters of "unfixed security" are "U.S." which could be another hint.

Plus, "Using TrueCrypt" -- "UTC". According to Wikipedia, UTC is "a successor to Greenwich Mean Time" -- Greenwich, London, England. GCHQ is in England! So, obviously, it was a partnership between NSA and GCHQ!

Surely we can come up with even more irrefutable evidence^W^Woutrageous theories if we devote a few minutes to it.