TRUECRYPT 7 Released

Discussion in 'privacy technology' started by chiraldude, Jul 19, 2010.

Thread Status:
Not open for further replies.
  1. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Truecrypt 7 released today.
    Unfortunately the changelog hardly justifies a whole number version increment.
    Should have been 6.4x or so....
    New:
    -Hardware AES acceleration
    -Secure hibernation with Windows Vista and W7 under system encryption.
     
  2. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,910
    Location:
    USA
    7.0

    July 19, 2010

    New features:

    Hardware-accelerated AES (for more information, see the chapter Hardware Acceleration).

    Note: If you want to disable hardware acceleration, select Settings > Performance and disable the option 'Accelerate AES encryption/decryption by using the AES instructions of the processor'.

    A volume can now be configured to be automatically mounted whenever its host device gets connected to the computer (provided that the correct password and/or keyfiles are supplied). (Windows)

    Note: For example, if you have a TrueCrypt container on a USB flash drive and you want to configure TrueCrypt to mount it automatically whenever you insert the USB flash drive into the USB port, follow these steps: 1. Mount the volume. 2. Right-click the mounted volume in the drive list in the main TrueCrypt window and select 'Add to Favorites'. 3. The Favorites Organizer window should appear. In it, enable the option 'Mount selected volume when its host device gets connected' and click OK.

    Also note that TrueCrypt will not prompt you for a password if you have enabled caching of the pre-boot authentication password (Settings > 'System Encryption') and the volume uses the same password as the system partition/drive. The same applies to cached non-system volume passwords.

    Partition/device-hosted volumes can now be created on drives that use a sector size of 4096, 2048, or 1024 bytes (Windows, Linux). Note: Previously only file-hosted volumes were supported on such drives.

    Favorite Volumes Organizer (Favorites > 'Organize Favorite Volumes' or 'Organize System Favorite Volumes'), which allows you to set various options for each favorite volume. For example, any of them can be mounted upon logon, as read-only or removable medium, can be assigned a special label (which is shown within the user interface instead of the volume path), excluded from hotkey mount, etc. The order in which favorite volumes are displayed in the Favorites Organizer window can be changed and it is the order in which the volumes are mounted (e.g. when Windows starts or by pressing the 'Mount Favorite Volumes' hotkey). For more information, see the chapters Favorite Volumes and System Favorite Volumes. (Windows)

    The Favorites menu now contains a list of your non-system favorite volumes. When you select a volume from the list, you are asked for its password (and/or keyfiles) (unless it is cached) and if it is correct, the volume is mounted. (Windows)


    Security improvements:

    In response to our public complaint regarding the missing API for encryption of Windows hibernation files, Microsoft began providing a public API for encryption of hibernation files on Windows Vista and later versions of Windows (for more information, see the section TrueCrypt 5.1a in this version history). Starting with this version 7.0, TrueCrypt uses this API to encrypt hibernation and crash dump files in a safe documented way. (Windows 7/Vista/2008/2008R2)

    Note: As Windows XP and Windows 2003 do not provide any API for encryption of hibernation files, TrueCrypt has to modify undocumented components of Windows XP/2003 in order to allow users to encrypt hibernation files. Therefore, TrueCrypt cannot guarantee that Windows XP/2003 hibernation files will always be encrypted. Therefore, if you use Windows XP/2003 and want the hibernation file to be safely encrypted, we strongly recommend that you upgrade to Windows Vista or later and to TrueCrypt 7.0 or later. For more information, see the section Hibernation File.


    Improvements:

    Many minor improvements. (Windows, Mac OS X, and Linux)


    Bug fixes:

    Minor bug fixes. (Windows, Mac OS X, and Linux)


    Removed features:

    TrueCrypt no longer supports device-hosted volumes located on floppy disks. Note: You can still create file-hosted TrueCrypt volumes on floppy disks.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Most CPUs aren't going to support the Hardware AES acceleration. Looks like it needs an i5/i7. My Q9550 and T9550 don't support it. :(
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Doesn't matter. Even without hardware acceleration the encryption/decryption speed is going to be faster than your hard disk can handle (especially if it's a spin drive).
     
  5. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    Intel 975 Extreme Core i7 is not supported.
     
  6. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    AES hardware acceleration speeds the transformation in memory from/to plaintext to/from ciphertext, resulting in performance that is “two to three times faster” (according to WinZip 14.5 which supports the feature).
     
  7. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Yeah, which is pointless if your disk drive can't handle it. Some people running TC7 and a core i7 were getting 2 Gbps throughput in memory. But that's not going to matter in the real world.
     
  8. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
    If you run from a fast SSD or 2 in Raid 0 you have a chance the read spead is faster than you CPU can decrypt, and even if your CPU is faster it still would be working hard to keep up with the SSD, so then hardware decryption is nice to lower CPU usage.
     
  9. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    I think you are missing the actual point ..
    Imagine that you have encrypted storage holding your music-collection AND you are running a VPN using AES ..
    Previously, your apps would have to "compete" with crypto for CPU-cycles.
    Now, the crypto is handles by a built-in "co-processor" ..
     
  10. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Yes, I agree. In addition, consider...

     
  11. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    UK
    Currently using Truecrypt 7 so thought might ask the question in this thread only:)

    Is there any way to resize the volume of the container that is already created or do I have to make a new one?

    Thanks
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Guys, i want to create a volume on an USB after i create it, Can i access it in any computer as long as i have the portable version on hand? :D

    NVM, it was a stupid question xD
     
    Last edited: Jul 29, 2010
  13. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    UK
    Yes you can as long as you have Truecrypt with you:)
     
  14. noblelord

    noblelord Registered Member

    Joined:
    Aug 19, 2009
    Posts:
    162
    Location:
    UK
    I already have my Windows partition encrypted with Truecrypt - how would I go about upgrading to the latest version?
     
  15. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    Just install the new version, it will upgrade the bootloader during the install and it may or may not prompt to create a new rescue CD. If it doesn't create it, I would do it manually though, just to have a rescue cd that is matched to the installed version.
     
  16. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,328
    Location:
    Here, There and Everywhere
    Originally Posted by Noob
    Actually, you can as long as you have admin privileges. See TrueCrypt guide regarding portable use here:
    http://www.truecrypt.org/docs/?s=truecrypt-portable

    By the way, I saw KookyMan posted today. Where you been, Kooky? Glad to see you posting!
     
  17. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    v7.0 seems to have a hibernation bug that is affecting certain systems, so if you use hibernation you might want to hold off until it's fixed.
     
  18. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    Hibernation bug... doesn't surprise me. I'm going to assume it applies to Vista/7, since they changed how they handle hibernation on those systems.

    I never get version .0 of TrueCrypt for this very reason. Hell, I almost stay away from any version that doesn't have a "a" on the version number.. That's almost the in house code word for "bug fix only"... every other update always adds something.

    Oh well, I've shared my views on the TrueCrypt dev's previously, y'all are welcome to look them up. I still use it now for the simplicity that it provides in my intended use, and my still unwavering belief that it is secure, even if it is potentially misplaced.
     
  19. noblelord

    noblelord Registered Member

    Joined:
    Aug 19, 2009
    Posts:
    162
    Location:
    UK
    Hmm, interesting. I would like to use hibernate, but don't at the moment as my system was unencrypted during that time.

    What are the details of the bug?
     
  20. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    Some Windows 7 users have reported that their computer freezes or goes into a BSOD (blue screen of death) instead of entering hibernation. If you are a member of the TrueCrypt forums you can read the thread here: http://forums.truecrypt.org/viewtopic.php?t=20703

    There's also this:
    http://www.truecrypt.org/docs/?s=issues-and-limitations

    However, some users have stated that replacing their drivers as described in the "possible solutions" did not solve their problems.
     
  21. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    917
    I think the day has come to try it, very basic usage, a container with one file probably...

    Before I even install the program, direct me please to sources that give advice on what to avoid at all cost, on how to manage the setup easily yet securely so that I don;t lock my laptop or something, better yet

    give your suggestions, please
     
  22. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    If your going to start with a container and a single file to toy around with, you can't lock your laptop up.

    If you venture into Full system encryption, remember to have backups, in case you do forget your password/something happens you can't fix.

    Do keep in mind, if you use a reasonable password (IE: not "x", "god", "password", but something actually appropriate for the levels of encryption you use, if you lose or forget it, your data will be lost. Despite some saying they can do it, it is 99.999% unlikely that you will be able to brute force your password to recover it. Exceptions may be if you rememeber all but one or two characters of the password, know exactly where they belong, and can test every possibility.

    Thats why backups are important though.
     
  23. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    917
    ^thank for the straightforward input mate!
    I found comparisons to Trucerypt - AxCrypt-1.7.2126.0-x64-en-US
    But on closer look, I think its much less secure, yet much easier to work with.
    Going to try my luck with TC 7 now.
     
  24. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,742
    How do you guys come up with strong passwords? Do you use a program?

    When a partition is encrypted and you d/l a file and want to save it what happens then?
     
  25. ABee

    ABee Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    330
    There are software programs that will create strong passwords for you, yes. But coming up with them on your own is not difficult. It's simply a matter of degree, necessity, personal preference, and that sort of thing. And of course having an understanding of what equates to a "strong" password-- or perhaps more importantly, what does not.

    'BillSmith' (your name) or 'BillSmith1' or '31781' (your birthday) = not strong. '@4312(**&___Xr59873!!++++62900Aq*91Tew-@*14b' = very strong, yet is not one you're overly likely to be able to remember, either.
    When a password is not written down anywhere, that adds to its strength.

    Have some common sense. What are you protecting, and who are you protecting it from?
    If you're protecting highly sensitive information like credit card numbers, bank account info, etc., you're going to want a very strong password.
    If you're just protecting your favorite pr0n files from prying eyes, the need for some super-strong password is nowhere near as great.

    My personal solution for never having passwords written on paper:
    I have one very strong one that's never a problem for me to remember-- as it relates to something in my life, yet no one could ever possibly know what that thing is or how I crafted it to be specifically rememberable to me as a password.
    That password will open a TrueCrypt volume which contains a text file of all of my other passwords.
    So as long as I can remember that one (which I always can), I don't need to remember any of the others.

    I also never create strong passwords for things that, for me, have no need of strong passwords-- logging-in so I can read The New York Times, for example.

    Any encrypted volume, file, folder, or partition must first be unencrypted in order to use it.
    No different than first needing to open the door before you're able to walk into your home.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.