The SourceForge page contained a new version of the program that was certified with the official TrueCrypt private signing key. That suggested the page warning TrueCrypt isn't safe wasn't a hoax posted by hackers who managed to gain unauthorized access. Or it suggests that the cryptographic key that certifies the authenticity of the app has been compromised. In either case, it's a good idea for TrueCrypt users to pay attention and realize that it may soon be necessary to move to a new crypto app. Ars will continue to cover this unfolding development as more information becomes available.