Re: Does anyone know..
Gazing back through the murky mists of time... I see... shapes... familiar shapes... shapes on a map... I see... Germany and... Eastern Europe.
Not sure how accurate my recollection of that is and the contributors always protected their anonymity. Which is a VERY GOOD thing.* But that's what I recall from the conception of the project.
I certainly got no US connection concerns until a few years after the project began, when up popped something called "TrueCrypt LLC" - a company registered in Nevada. "Zoikes! Why the US, when the US is so hostile to strong cryptography in general and TrueCrypt in particular" was my thought at the time... much as you're expressing now.
Thinking about it then, I concluded that TrueCrypt LLC wasn't that significant. It's probably a sort of front-of-convenience established by a sympathetic party for the convenience of the collective. For the developers to strictly maintain their anonymity (A VERY GOOD THING) various mundane tasks would become rather difficult and I concluded that this was just a presence to ease that situation. Managing the (US based) domain registrations, hosting, etc... collection and distribution of donations... all that sort of stuff which involves transfer of funds and proof of identity. Tricky if you wish to remain anonymous!
Thinking about it again now, more than half a decade later, I'm inclined to think that was all pretty close to the mark... and is the key to all the recent shenanigans.
As time passes, what appeared at first glance to be a simple sarcastic website defacement, is looking ever more wilful and premeditated. The files appear to have been prepared well in advance. The defacement is FAR more involved and considered than necessary - preparing all those screencaptures alone was not an insignificant endeavour. The content appears contrived to achieve maximum alienation... everyone sufficiently sophisticated to be using TrueCrypt will be aware of Bitlocker. Of the plethora of free, open, mature and trustworthy alternatives, why design and publish a giant poster proclaiming "use the NSA crippleware" to that audience? We know about the NSA option! That's why we're HERE! Almost as offensive as, after ACRES of verbose handholding for Windows users, that lone "fuck off" oneliner served to the Linux crowd... that must have hit a raw nerve square on! And so on. This was certainly no casual hoax.
If TrueCrypt LLC was what I think it was, then the entity behind it had injected themselves into a position of GREAT influence within the project. Control of the funds, control of the primary communication medium and as publisher perhaps sole control of the authentication keys. The perfect position from which to achieve exactly what we have just witnessed.
This hasn't been a simple website defacement. It's a carefully planned and executed coup d'état.
*There's been CONCERTED HEAVY PRESSURE from parties within the US against anonymous development of free and open security related projects. It's even bubbled up in these very threads. Always exactly the same doublethink. The Tails developers have been particularly relentlessly battered. This is COINTELPRO. In such matters, interesting security matters, anonymity is A VERY GOOD THING. Think about it. Think HARD.