Please move this if I'm posting in the wrong place. This is a suggestion about the user interface. The activity on the forum seems to have calmed down since July 2014, but this is a "message in a bottle".
If you are doing a rewrite of TrueCrypt, may I say that the the disk mounting menu makes major disk operations a little too accessible
Formatting a disk or changing a mount letter is a seldom-done operation.
In any company or family we have one or two experienced users who set up the data structure and others who can only use it. This needs to be reflected in the user interface.
Could a less fragile menu be prepared in which only the password line appears and the other "one-time" operations are less accessiblen, maybe "greyed out" ?
Any screen form should allow a disk to be mounted by a beginner for whom the file container already exists and a drive letter already attributed. Keeping the drive letter fixed is useful for making reliable desktop shortcuts.
In a small company I worked for, there was the following setup: A full copy of TrueCrypt (7.1a) was stored on each of five external encrypted disks. This allowed TrueCrypt to remember the container filename and the drive letter for that volume. Very useful for avoiding confusion doing data backup from one external volume to another.
If this is of any interest, I have other suggestions too. This is a great project and deserves all the support it can get. Good luck to you all ! and thankyou to professionnels who give your free time for this
-I hope you will avoid any use of the Windows registry base which always looked vulnerable.
-I would like TrueCrypt to be firstly a "portable version", not installed. Any activity logs could be kept inside the encrypted containers. My amateur's opinion is that TrueCrypt programs should traval alongside the data they protect. I know this would cause an issue about user authorization to run the program. I don't have the necessary systems or programming knowledge for this... But could a standard skeleton version of TrueCrypt be installable. This skeleton version would then "chaparon" the TrueCrypt modules travelling with the data containers ?
-I hope you keep a real interoperability that is resolutely cross-platform (Winows+Mac+Linux).
I'm not a programmer, but would it be possible to install TrueCrypt and its modules with user-chosen program file names/ task names / installation names. This would make automated pirate attacks more difficult.
-The worst attack would be phishing the password via a bogus TrueCrypt menu. A personnalized menu "skin" would be a good protection because the user would be alerted by un unfamiliar presentation.
PS2 I'm right off subject here because this remark is about the forum setup, but is there any way to put all the paranoid "NSA" posting in a separate category not visible in the "recent posts" list.