I'm trying to imagine a parallel circumstance and I cannot. Most governments would not use truecrypt, but rather something they have control of themselves. The people using truecrypt illicitly are ordinary criminals: Gangsters, child pornographers, terrorists (maybe), money-launderers, drug dealers, etc. The information revealed by a crack is not something that can be used in the manner of that by espionage. (ie, it won't tell us that Rommel will be approaching Cairo at such-and-such a date.) Information via espionage can be filtered down as if it were from other intelligence sources, or even guessing. And so the exploit can be concealed as with Ultra.
But to use truecrypt against the people who are actually using it for crime you would almost certainly have to reveal the exploit publicly in a court.
Precisely the circumstances you're trying to imagine is being done by the DEA using information from NSA intercepts:
"(Reuters) - A secretive U.S. Drug Enforcement Administration unit is funnelling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans. Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defence lawyers but also sometimes from prosecutors and judges. The undated documents show that federal agents are trained to recreate the investigative trail to effectively cover up where the information originated."
How does that apply to TrueCrypt? Is the claim that TrueCrypt is secretly siphoning off data and feeding it to the NSA? Or is the claim that the NSA sent a dude to sneak into my house, image my hard drive, and then decrypt it?
If you sync your TrueCrypt volume to Dropbox or other cloud storage (an excellent use case for TrueCrypt, by the way), a backdoor could be exploited by whoever has access to the Internet traffic or the servers.
> you would almost certainly have to reveal the exploit publicly in a court.
That's definitely not true. Often police and prosecutors will go to great lengths to hide a wiretap from the courts, especially if direct evidence didn't come from it. There have also been many cases where wiretaps haven't been disclosed in court because there may be on-going related operations that require the same surveillance. You don't want to tip people off. I don't see why any potential exploit wouldn't be the same.
Here's an example: say you're investigating some organised crime. You learn from a wiretap that the next day one of your informants is going to be killed. You clearly want to prevent the latter without disclosing you've got an active wiretap.
But to use truecrypt against the people who are actually using it for crime you would almost certainly have to reveal the exploit publicly in a court.