Last fall, we noted that the popular disk encryption software TrueCrypt was undergoing a security audit, inspired by the Snowden revelations. At issue: TrueCrypt is open source and widely used and promoted (hell, Snowden himself apparently taught people how to use it), but no one really knew who was behind it — raising all sorts of questions. A little over a month ago, we noted that the first phase of the audit didn‘t find any backdoors, but did note a few (mostly) minor vulnerabilities.

However, a little while ago, TrueCrypt‘s SourceForge page suddenly announced that “ WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues“ and furthermore: „The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP.“