Generally speaking, my own thoughts are if someone was Really knowledgeable, e.g. a crypto expert with a high degree of hacking/cracking expertise, they won't tell you what you need to know about encryption software, because their knowledge makes them money &/or because there would be consequences from their gov. Microsoft for example can't tell you much about what has been required of it by the gov. Hacker companies that do stuff like sell exploits to the highest bidder also have arrangements with & sell to governments -- one assumes that's how they are allowed to exist, same as some arms companies & some arms dealers.
So, when some people say Truecrypt or Axcrypt or whatever is best, who knows? Bear in mind that the truly advanced mal-ware & exploits & backdoors & such that are known, that have had info published about them, went undetected for years. Now were they the most advanced, state-of-the-art, or just a few screwups that were eventually detected? The NSA participates during the original design of software & hardware, with or without the knowledge of the company or group doing the work -- is it even possible to see or detect their stuff when you're running *nix or Windows or Mac OS?
It was published that US intelligence agencies were very, Very shocked recently with Russian troop movements re: Ukraine -- they had had no data on it. One gets the impression that that's never happened before. Technologically the Russian gov has always been thought, at least publicly, roughly comparable to the US -- look at the work NASA does with them hand in hand. Yet US intelligence found it shocking they had evaded our best intelligence gathering tech [maybe by going analog?]. It seems the gov really is capable of being everywhere & anywhere when it comes to modern, digital electronics.
SO when someone suggests that Data Protecto should be avoided based on their company's history or published track record, or lack thereof, doesn't mean much to me. Maybe they escaped the NSA's attention, maybe not, or maybe the stuff they used to create Data Protecto has NSA fingerprints buried in it? I have no idea myself. I do think that logically if the NSA was going to pay attention to any software companies &/or developers, something very popular & very widely used, like Truecrypt, would be at the top of their list -- what's more valuable, getting into hundreds of encrypted archives or millions? Some will say the folks behind Truecrypt & similar are anonymous -- I'm not that sure that's possible if you've got any digital presence. The feds got the guy behind Silk Road, & he had millions to spend to protect his identity.
Just FWIW...
IMHO The safest attitude is to assume whatever encryption you might use could be broken, so if it's important enough to you, split your data [files] up, put the different pieces in different places, & that way if one is found & decrypted, it's still no good. File splitters have been around since the floppy discs that made them necessary. Realize of course that if someone is watching what you do, they've got the keys to your kingdom so-to-speak. How far you go making sure your system, network etc. is uncompromised is up to you -- there are people using PCs that have never been on-line, so less likelihood of backdoors in the hardware or software, & if they did exist, there's no way for your data to get out to whomever [unless they're using spy gear to record the signals from your keyboard or monitor, have cameras hidden, that sort of thing].
That said, encryption helps when you have data stored that you feel someone might get access to. For data you upload to on-line storage, i.e. the cloud, & for stuff like e-mail, encryption can make sense. If you think someone might get their hands on a CD/DVD in your safe, then encryption might make sense, or OTOH, once they've broken in and cracked your safe, whatever's on that disc may not be all that important in light of everything else they might take, e.g. it doesn't matter that they can't get your credit card number when they've got the card itself.
Now lots of folks rightly point out that they're small fish, so why would anybody target them. That's one reason I think some people worry about keeping the amount of data on them to a minimum, staying a small target. The EU recently told Google that they have to provide a way for users to request that they be forgotten -- Google's asked for more time since they've been overwhelmed by requests. OTOH the app stores have shown both criminals & app developers that if you make a little off a lot of people you can still get rich quick. For that sort of thing to work you can't be discriminating, can't take more time or resources targeting, but have to take a more spam-like approach.
Staying a smaller target is why government efforts gathering intelligence bothers people over & above any privacy concerns. Governments are made of the same good & bad people you find everywhere else in the world, so it's only logical to think that whatever tools and data governments have, has already been sold to nongovernmental bad guys.
And as governments focus on the increasing number of threats, they've given lots of their tech & access to their records to local PDs [Police Dept.s], while these same local PDs are also buying tech developed for those same federal agencies. Having data on everyone makes local PD's job easier, though it arguably also increases the odds of mistakes & false accusations, puts lots of data in a centralized place where criminals can access it, & can make it easier to act on the occasional local grudge.
Just like speed traps are a notorious revenue stream for smaller towns across the US, more local PDs are also actively looking for crimes they can bust. There are published stories of local PDs, with & without the feds, confiscating personal & biz property based solely on alleged suspicions of illegal activity, either keeping the property for their own use, or the money after selling it. In one incident that was recently widely published in the press, they took a motel based on suspicions that illegal activity took place in one or more rooms. The people & biz effected have to go to court to try & get it back -- there is no trial beforehand. To be fair I want to add that some states have or are trying to legislate against that sort of thing, but as federal law over-rides state & local, it's gonna be up to the federal courts. You can't hide a motel, but you can try to stay a small target not in anyone's sights.
