“This gives Axcrypt access to your encrypted files.”
In a word: rubbish. AxCrypt is not a cloud solution, i.e. only a user has access to his files. You use your existing cloud storage or physical storage solution to keep your files on. AxCrypt couldn’t access your files even if they wanted to.
“They now have the power to give your passwords to government agencies with access to our Dropbox/OneDrive accounts, or just sell it to the highest bidder.”
If you’re concerned about government agencies then no amount of encryption will help you. But if you’re paranoid then toggle the “Always Offline” option. Sorted.
“Even if there is no explicit malicious intent, this is very poor security practice, because Axcrypt is vulnerable to having their data stolen by hackers, just like everyone else.”
Nope. AxCrypt don’t store your password so what is there to steal? If you’re paranoid, use the “Always Offline” option.
“If you want to protect your files, use a truly open-source encryption tool supported by non-profits and privacy advocacy groups. It doesn’t take much searching online to find safe and free alternatives to these shenanigans.”
AxCrypt IS truly open-source. If you don’t want to use it, don’t. Your computer = your choice. I’d recommend you read the posts from people on here who know what they’re talking about: if you’re a TAO target then you might as well call it quits – the government have access to your computers, files. Most people recognise that the NSA have multiple vulnerabilities for Windows (i.e. unpatched ones) which they can use to gain access to your system. They’ve broken systematically into every operating system (Linux, OpenBSD) and all web cryptography (including TLS). As a nation state it’s game over if that is your concern.
No “shenanigans” involved.