Slashdot Mirror
VeraCrypt Security Audit Reveals Many Flaws, Some Already Patched (helpnetsecurity.com)
Orome1 quotes Help Net Security: VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab. The researchers found 8 critical, 3 medium, and 15 low-severity vulnerabilities, and some of them have already been addressed in version 1.19 of the software, which was released on the same day as the audit report [which has mitigations for the still-unpatched vulnerabilities].
Anyone want to share their experiences with VeraCrypt? Two Quarkslab engineers spent more than a month on the audit, which was funded (and requested) by the non-profit Open Source Technology Improvement Fund "to evaluate the security of the features brought by VeraCrypt since the publication of the audit results on TrueCrypt 7.1a conducted by the Open Crypto Audit Project." Their report concludes that VeraCrypt's security "is improving which is a good thing for people who want to use a disk encryption software," adding that its main developer "was very positive along the audit, answering all questions, raising issues, discussing findings constructively..."
Anyone want to share their experiences with VeraCrypt? Two Quarkslab engineers spent more than a month on the audit, which was funded (and requested) by the non-profit Open Source Technology Improvement Fund "to evaluate the security of the features brought by VeraCrypt since the publication of the audit results on TrueCrypt 7.1a conducted by the Open Crypto Audit Project." Their report concludes that VeraCrypt's security "is improving which is a good thing for people who want to use a disk encryption software," adding that its main developer "was very positive along the audit, answering all questions, raising issues, discussing findings constructively..."
VeraCrypt/True were already secure -enough-. Cracking through the holes is usually more effort than local law enforcement, your boss or the local mob will care about. If you're on the radar of worse people, they can toss you in jail or threaten your family. So while I consider better security a good thing when it doesn't increase cost or inconvenience, it's not really an essential move forward.
The bigger problem is common passwords, leaving the volume open, having open drives automatically backed up to "the cloud", emailing documents... things these security code fixes cannot address. We don't hear often that the Feds have used a security hole to extract data from a user's system.
Honest question. Should we be using TrueCrypt 7.1a instead? I, personally, am. We live in scary times, and it is hard to trust any authority. I feel that TrueCrypt 7.1a, the last version prior to the strange shut down of the project, is probably less likely to have backdoors than any of the newer TrueCrypt versions or forks (specifically, VeraCrypt and CipherShed). Can someone convince me otherwise?
I am not a security expert and can't tell you whether Veracrypt is 100% secure, but I've been using it and I'm reasonably convinced that at least nobody short of a 'state actor' is likely to get at my data, and they're not the people I'm securing data from. It's the petty thieves who might steal my backup drives, or somebody who finds a USB stick I accidentally drop on the ground, that I'm protecting myself from.
I've been to the support forums for Veracrypt and my impression is the developer is trying hard to be transparent and responsive and make the product as secure as possible.
RETURN without GOSUB in line 1050
I'm a long time Truecrypt user who recently tried Veracrypt. It's okay, some nice new features, but as this shows the devs don't seem to be security experts or even skilled at writing secure code.
It's also a little less stable than Truecrypt. I've had some system lockups that don't happen in Truecrypt with SSDs.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Veracrypt may provide decent cryptographic functionality, but given that its main audience is Windows and Mac users, the two huge security holes they cannot fix are called "MicroSoft" and "Apple". You can make Veracrypt as secure and error-free as you want, as long as it has to expose the decrypted data to some commercial, closed-source operating system that phones home like crazy to provide its manufacturer with valuable data, there is no actual security. Not to mention the backdoors builtin for certain 3-letter-agencies.
My Apple computers do not phone home. Citation needed or stfu.
Would you like to see my little snitch logs? Mac OS gets chattier with every new release.
VeraCrypt forces long iteration on shorter passphrases (>70 sec on my laptop, i.e. unusable), regardless of how secure that passphrase actually is. There is no way to switch this off. No response on a complaint. This and some other things lead me to not trust this person. I am back to the last TrueCrypt version that does not have this brain-dead and insulting limitation.
I agree with you completely, and it's the reason I'm still using TrueCrypt.
Secure high-entropy passwords aside, what the people responding to you don't get it is that the user should be allowed to have a more convenient, but more less secure encryption solution if he chooses. I have a short, low entropy password. I could write software that would crack it and it would complete the work in a day or two. I **know** that, and I don't care. I'm not protecting state secrets with it. I'm not worried the NSA will get hold of it. I just want the random person who finds my lost USB flash drive to not have immediate access to the data. Most people wouldn't care to crack it, from those that would most wouldn't know how to go about it. In the statistically unlikely case whoever finds it both wants to crack it and is able to, the data they'll find will be disappointing to them and not a big deal to me. Some of the things I encrypt are more for privacy than security.
Basically, any decent criminal can lock-pick my front door. I still lock it, and it protects against the opportunist criminal. That's the level of security I want, and it makes no sense to tell me I can't have it. They could just pop a big red and flashing warning when I first create the volume that says, "based on the password and number of iterations you've chosen the average desktop computer would be able to crack your encrypted volume in 32 hours. Are you sure you don't want to choose a more complex password?" At that point, they've done their due diligence.
Warning: Opinions known to be heavily biased.
TrueCrypt 7.1a
TrueCrypt 7.1a hashes.
TrueCrypt from Switzerland -- Swiss Mirror
Actually, if you're using a 94-element space (26 + 26 + 10 + 32), an 8-character password is on the same magnitude as a 26-element space (all lower-case letters) at 11 characters (7.2 x 10^15 vs 3.7 x 10^15). With a 1,000-element space, 5 characters (words) are on the same magnitude (1.0 x 10^15); although the 1,000-most-common words don't include conjugations and plurals, which takes you to several thousand. You have to breach a 5,700-element space for 4 characters to be on par (1.1 x 10^15).
So all-lower-case can actually be secure as the standard four-classes, eight-character password just by adding three characters. In all of these, we're looking at 50-53 bits (1.1 x 10^15 to 9.0 x 10^15) of entropy.
Seriously, the 8-character password with complexity requirements thing should have never come about. When they went from "8 characters" to "something more secure", it should have been 11 characters.
Support my political activism on Patreon.
It depends on the definition of "short". VeraCrypt thinks "short" is 20 chars or less and that is pretty much a complete fail.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.