I am currently in a state of shock and rage. I am contacting helpful friends, documenting every shred of detail for my own protection, and mirroring evidence to multiple servers in order to prevent it from being erased.
Two bits of advice for what to do after backing up evidence:
1. If you suspect the machine was tampered with, do not use it again. There are a lot of places a backdoor could be hiding, even after you reinstall the OS.
2. If you do not do so already, use smartcards for crypto. Don't store keys on your machine. It is easier to carry a card around than a computer, and smartcards are harder to brute force.
The easiest one to buy in small quantities is probably the GPG smartcard, although I have not had much luck with it in the low-end reader that my laptop has (YMMV but the same folks that sell GPG smartcards also sell card readers that should work). Otherwise, I am only aware of cards that are only sold in bulk i.e. for corporate and government use.
If you have not shut down the machine, I would do a memory acquisition (http://code.google.com/p/lime-forensics/, can be analyzed with Volatility) and a raw disk acquisition (you can use dd) and get to someone for forensic investigation to look for rootkits and other evidence of tampering.
I'm sure you know very well how to record and preserve data, so I won't advise you on that note.
But you should try to script something quickly which will automate these actions for you. And you should also try to make a bot to investigate the "backdoor" more.
Aside from your evidence, is there anything that has happened in the past that would lead you to being a target for the NCIS?
He is of Lebanese ancestry and studied in Lebanon for 2 years thus he likely speaks Arabic and has Arabic speaking friends. This alone could be enough if someone among his acquaintances has terrorist links. In addition he was one of the first to speak out about Bradley Manning's arrest, in his support, which raises the possibility that he has connections with WikiLeaks, lulzsec, etc. That is enough for CSIS to investigate him. He also has traveled to the USA which is where the FBI gets involved and, of course, anything regarding terrorist connections or lulzsec brings in the CIA. Quite frankly he is not a clean person and should not be developing software like this. If you were a business executive with shady dealings, would you want to use software from this guy? Would you trust him not to install a backdoor? And would you take the risk of travelling across an international border with a copy of this software knowing that 3-letter agencies associate it with terrorism?
He is a person. He is being attacked because he has a conscience, actually likes to protect the freedom 3 letter agencies are out to destroy while claiming the opposite, and pays more than lip service to it. Thanks for the bootlicking demonstration.
So since he's Arab and involved in activism we shouldn't use his software, interesting. Even more interesting is you seem to be getting upvotes. Congrats, ass.
Can you tell me what your next steps in proceeding are, or would this violate the protection you're attempting to set up?