it strikes me as VERY odd that we don't seem to have a *single* security/encryption product we can use for a home computer today that isn't subject to question/doubt about its effectiveness.
I mean, TrueCrypt appeared to be about the closest thing to it, and then we found out the developer(s) mysteriously dropped all official support for updating it -- and the latest revisions are all suspect as to who updated them and what security compromises might be in them.
Practically all of the other encryption/security products are believed to be back-doored by our government, if not other entities.
I have to think that reality is, if you build a truly secure solution, you'll receive a visit, eventually, from people in "high places" who will make it very clear that you best add a back door for them, or else.....
Truecrypt had a number of question marks though. Nobody could ever generate a binary that matched the binaries on Truecrypt's site, the Windows version wrote random data to the last 65024 bytes of the header whereas the Linux version wrote zeroes (nobody knows what that random data was for), the devs were anonymous, it was never truly open source, and the Truecrypt Foundation was listed as being located in Antarctica for a while.
By themselves, none of these things are a huge deal and could have reasonable explanations. The problem comes when they are all combined. It raised some eyebrows in the security community.