TrueCrypt is the most popular open source multi-platform encryption software with very wide acceptance and a host of features for many thinkable and unthinkable scenarios. The trouble is, though, it was never thoroughly audited and, hence, it is unknown whether the software incorporates any backdoors or cryptographic flaws.
Ever since Edward Snowden brought us an awareness of the powers that NSA exploited throughout software landscape, the community began to question the trustworthiness of TrueCrypt, especially because it proved even to be difficult enough to compile the software from the supplied source code.
A new initiative, called "IsTrueCryptAuditedYet?"
started recently with the aim to audit the software and prove it trustworthy or otherwise.
For starters, many respectful sources reported that they were never able to produce a valid binary from the source code provided on the projects site. But on October 21st, a student of Concordia Institute for Information Systems Engineering, Xavier de Carné
published a thorough article on his experience of compiling TrueCrypt from the sources. Not only this work has an academic quality, but it also proves that the binaries provided on TrueCrypt's site are indeed authentic and do not contain more code than in the sources. Whether the algorithms themselves are trustworthy cannot be concluded from this study, since that question goes beyond the works scope. This will be the task for "IsTrueCryptAuditedYet?" project.