Development on TrueCrypt was stopped and the project was pulled from SourceForge.  "Why" is still not readily known.

There are theories that claim it was “encouraged” to by a US Gov’t entity because they would not install a backdoor. BitLocker has been thought to be vulnerable or crackable by the CIA, FBI or NSA.

Depends what you read and where.

It does appear that TrueCrypt is still a viable product as the audit by the nccgroup ( was finally finished in April 2015.

This site sums it up pretty well:

“…Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.”

There appears that there is a possibility of an issue with the Windows version of the random number generator they used – They use multiple sources to collect the entropy they use for random number generation (mouse pointer movements, system pointers, etc). One of those sources is called the Windows Crypto API. The problem that exists is that if in the very unlikely circumstance that Windows Crypto API fails to initialize, TrueCrypt doesn’t realize it.

“The NCC auditors also noted some concerns about the resilience of Truecrypt's AES code to cache timing attacks.” Timing attacks attempt to use the time taken to encrypt/decrypt data to try to decode  it. The attacker has to be able to run the code on the system to try to crack it.

The vulnerabilities found by the audit either require that “The attacker must have privileged insider access to the system, may need to know extremely complex technical details or must discover other weaknesses in order to exploit this issue”or a scenario involving limited permissions granted to the user that set up the TrueCrypt volume. While there are no perfect cryptography solutions, this one is still a viable option.

TrueCrypt install files are still available here: