New VeraCrypt Version Released

Discussion in 'privacy technology' started by JRViejo, Oct 17, 2016.

  1. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    34,546
    Location:
    U.S.A.
  2. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,171
    Thanks for mentioning the audit results. FTA:
    https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf (PDF)

    Interesting:
     
    Last edited by a moderator: Oct 17, 2016
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    VeraCrypt 1.19 fixes security vulnerabilities

    -- Tom
     
  4. The Count

    The Count Registered Member

    Joined:
    Jun 13, 2016
    Posts:
    147
    Location:
    France
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    There is a serious bug which affects the rescue disk.
    If the rescue disk (created with VeraCrypt 1.19) is being used to decrypt the system partition, it doesn't decrypt the first 50 MB (this affects only EFI system decryption)
    This is fixed with VeraCrypt 1.20 Beta:
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,154
    Perfectly functioning EFI code is a brutal task for non-paid teams to finish. Its a definite work in progress. I don't use VC for system disks anymore so I can only report on what I read about.
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    [QUOTE"]Perfectly functioning EFI code is a brutal task for non-paid teams to finish. Its a definite work in progress[/QUOTE]
    The EFI-Code was added with v1.18, only some months ago. And support for EFI hidden OS functionality was added recently (latest beta).
    Yes, it's really a work in progress. I think the EFI-Code needs some time to be "mature enough".

    But nevertheless VeraCrypt is a good choice.
    Algorithms are optimized from time to time, it will have less "TrueCrypt vulnerabilities" with each new released version, the password can be entered on a Secure Desktop now (v1.20Beta 2), etc.

    Edit: If the user decrypted the EFI system partition with the Rescue Disk of VeraCrypt v1.19 and now has 50MB not decrypted data, there is a patch available. Instructions and download links are below:
     
    Last edited: Jan 10, 2017
  8. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,154
    Mood,

    I agree with your VC code assessment. Frankly, and like a broken record at times, its not VC code that I have a problem with. Trying to make the Windows OS secure is where I come up with "migraines".
     
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,726
    Location:
    UK
    Very happy to hear they're looking at Secure Desktop, that's worthwhile, and it's been available on KeePass a while.

    I have developed for using Secure Desktop, it's one of the weirdest things you ever did see from a UI point of view, and won't run directly from a WPF application. But well worthwhile to raise the bar on KSL, I also have it set in group policy for any privilege escalation, so you enter it from Ctrl-Alt-Del, and then enter any passwords in the Secure Desktop only.
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    The future of the project is not clear:
    Edit: The main developer is back and the release of VeraCrypt v1.20 is near:
     
    Last edited: Apr 18, 2017
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.20 Released (June 29, 2017)
    The binaries are now supporting ASLR, passwords can be entered using the Secure Desktop and there are a lot more changes (regarding MacOSX: OSX 10.7 or newer is now required to run VeraCrypt)
    Download / Download (CodePlex) / Download (SourceForge)
    Edit: The VeraCrypt Installer for Windows has been removed. Reason:
    Release Notes
    1.20 (June 29th, 2017):

    • All OSes:
      • Use 64-bit optimized assembly implementation of Twofish and Camellia by Jussi Kivilinna.
        • Camellia 2.5 faster when AES-NI supported by CPU. 30% faster without it.
      • Use optimized implementation for SHA-512/SHA256.
        • 33% speedup on 64-bit systems.
      • Deploy local HTML documentation instead of User Guide PDF.
      • Change links in UI from ones on Codeplex to ones hosted at veracrypt.fr
      • Security: build binaries with support for Address Space Layout Randomization (ASLR).
    • Windows:
      • Fix bug in EFI system decryption using EFI Rescue Disk
      • Enable using Secure Desktop for password entry. Add preferences option and command line switch (/secureDesktop) to activate it.
      • Use default mount parameters when mounting multiple favorites with password caching.
      • Enable specifying PRF and TrueCryptMode for favorites.
      • Preliminary driver changes to support EFI hidden OS functionality.
      • Fix Streebog not recognized by /hash command line.
      • Add support for ReFS filesystem on Windows 10 when creating normal volumes
      • Fix high CPU usage when favorite configured to mount with VolumeID on arrival.
      • Use CHM file for User Guide instead of PDF.
      • Fix false warning in case of EFI system encryption about Windows not installed on boot drive.
      • Enhancements to driver handling of various disk IOCTL.
      • Enhancements to EFI bootloader. Add possibility to manually edit EFI configuration file.
      • Driver Security: Use enhanced protection of NX pool under Windows 8 and later.
      • Reduce performance impact of internal check for disconnected network drives.
      • Minor fixes.
    • MacOSX:
      • OSX 10.7 or newer is required to run VeraCrypt.
      • Make VeraCrypt default handler of .hc & .tc files.
      • Add custom VeraCrypt icon to .hc and .tc files in Finder.
      • Check TrueCryptMode in password dialog when opening container file with .tc extension.
    • Linux:
      • Check TrueCryptMode in password dialog when opening container file with .tc extension.
      • Fix executable stack in resulting binary which was caused by crypto assembly files missing the GNU-stack note.
     
    Last edited: Jul 2, 2017
  12. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,228
    Location:
    Outer space
    1.21 released:

    Changes between 1.20 and 1.21 (9 July 2017) :
    - All OSes:
    * Fix 1.20 regression crash when running on CPU not supporting extended features.

    Windows:
    * Fix 1.20 regression that caused PIM value stored in favorites to be ignored during mount.
    * Fix 1.20 regression that causes system favorites not to mount in some cases.
    * Fix some cases of "Parameter Incorrect" error during EFI system encryption wizard.
    * Install PDF documents related to EFI system encryption configuration for advanced users;
    - disk_encryption_v1_2.pdf related to EFI hidden OS and full fisk encryption
    - dcs_tpm_owner_02.pdf related to TPM configuration for EFI system encryption.

    FreeBSD:
    * Add support for building on FreeBSD.
     
  13. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,339
  14. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    34,546
    Location:
    U.S.A.
  15. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.22 Released (March 30, 2018)
    Website
    Download
    Release Notes
    1.22 (March 30th, 2018):
    • All OSs:
      • SIMD speed optimization for Kuznyechik cipher implementation (up to 2x speedup).
      • Add 5 new cascades of cipher algorithms: Camellia-Kuznyechik, Camellia-Serpent, Kuznyechik-AES, Kuznyechik-Serpent-Camellia and Kuznyechik-Twofish.
    • Windows:
      • MBR Bootloader: Fix failure to boot hidden OS on some machines.
      • MBR Bootloader: Reduce CPU usage during password prompt.
      • Security enhancement: Add option to block TRIM command for system encryption on SSD drives.
      • Implement TRIM support for non-system SSD drives and add option to enable it (TRIM is disabled by default for non-system volumes).
      • Better fix for "Parameter Incorrect" issues during EFI system encryption in some machines.
      • Driver: remove unnecessary dependency to wcsstr which can cause issues on some machines.
      • Driver: Fix "Incorrect Parameter" error when mounting volumes on some machines.
      • Fix failure to mount system favorites during boot on some machines.
      • Fix current application losing focus when VeraCrypt is run in command line with /quit /silent switches.
      • Fix some cases of external applications freezing during mount/dismount.
      • Fix rare cases of secure desktop for password dialog not visible which caused UI to block.
      • Update libzip to version 1.5.0 that include fixes for some security issues.
      • Extend Secure Desktop feature to smart card PIN entry dialog.
      • Fix truncated license text in installer wizard.
      • Add portable package that allows extracting binaries without asking for admin privileges.
      • Simplify format of language XML files.
      • Workaround for cases where password dialog doesn't get keyboard focus if Secure Desktop is not enabled.
    • Linux:
      • Fix failure to install GUI version under recent versions of KDE.
      • Fix wxWidgets assertion failed when backing up/restoring volume header.
    • MacOSX:
      • Fix issue preventing some local help files from opening in the browser.
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt 1.22 encryption software update released
    VeraCrypt 1.22 is a new version of the popular cross-platform encryption software that parent company Idrassi established as the primary unofficial successor of the encryption software TrueCrypt.
    April 3, 2018

    https://www.ghacks.net/2018/04/03/veracrypt-1-22-encryption-software-update-released/
     
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 0 Released (April 23, 2018)
    Website
    Download
    Release Notes
    1.23-BETA0 (April 23rd, 2018):
    • Windows:
      • Fix EFI system encryption issues on some machines (e.g. HP, Acer).
      • First implementation of compatibility of system encryption with Windows 10 upgrade using ReflectDrivers mechanism (Working in MBR case, issues in EFI case)
      • Don't start EFI system encryption process if SecureBoot is enabled and VeraCrypt-DCS custom keys are not loaded in the machine's firmware.
      • Add internal verification of binaries embedded signature to protect against some types to tampering attacks.
      • when Secure Desktop is enabled, use it for Mount Options dialog if it is displayed before password dialog.
      • when extracting files in Setup or Portable mode, decompress zip files docs.zip and Languages.zip in order to have ready to use configuration.
    Edit: Now also available for MacOSX and Linux:
     
    Last edited: Apr 29, 2018
  18. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 1 Released (May 2, 2018)
    Website
    Download
    Release Notes
    (Edit: Differences between Beta 0 and Beta 1 are marked in red)
    1.23-BETA1 (May 2, 2018):
    • Windows:
      • Fix EFI system encryption issues on some machines (e.g. HP, Acer).
      • Support EFI system encryption on Windows LTSB.
      • First implementation of compatibility of system encryption with Windows 10 upgrade using ReflectDrivers mechanism (Working in MBR case, issues in EFI case)
      • Don't start EFI system encryption process if SecureBoot is enabled and VeraCrypt-DCS custom keys are not loaded in the machine's firmware.
      • Add internal verification of binaries embedded signature to protect against some types to tampering attacks.
      • when Secure Desktop is enabled, use it for Mount Options dialog if it is displayed before password dialog.
      • when extracting files in Setup or Portable mode, decompress zip files docs.zip and Languages.zip in order to have ready to use configuration.
    • MacOSX:
      • Support pasting values to password fields using keyboard (CMD+V and CMD+A now working properly).
    • Linux:
      • Don't allow waiting dialog to be closed before the associated operation is finished. This fix a crash under Lubuntu 16.04.
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 2 Released (July 5, 2018)
    Website
    Announcement
    Download
     
  20. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
  21. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 3 Released (August 12, 2018)
    Website
    Announcement
    Download
    VeraCrypt 1.23-BETA3 was released on August 12th 2018. Here is that list of changes introduced since 1.23-BETA2:
    • Windows:
      • Fix Secure Desktop not working for favorites set to mount at logon on Windows 10 under some circumstances.
      • Display a balloon tip warning message when text pasted to password field is longer than maximum length and so it will be truncated.
      • Implement language selection mechanism at the start of the installer to make easier for international users.
    • Linux/MaOSX:
      • Add CheckBox in mount option dialog to force the use of embedded backup header during mount..
      • When performing backup of volume header, automatically try to use embedded backup header if using the main header fails.
      • Implement benchmarking UI for Hash and PKCS-5 PRF algorithms.
     
  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 4 Released (August 16, 2018)
    VeraCrypt v1.23 beta 5 Released (August 18, 2018)
    VeraCrypt v1.23 beta 6 Released (August 25, 2018)
    Announcement
    Download
     
    Last edited: Aug 24, 2018
  23. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 beta 8 Released (September 3, 2018)
    Website
    Announcement
    Download
     
  24. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    16,294
    VeraCrypt v1.23 Released (September 12, 2018)
    Website
    Announcement
    Download / Download (SourceForge)
    Release Notes
    1.23 (September 12th, 2018):
    • Windows:
      • VeraCrypt is now compatible with default EFI SecureBoot configuration for system encryption.
      • Fix EFI system encryption issues on some machines (e.g. HP, Acer).
      • Support EFI system encryption on Windows LTSB.
      • Add compatibility of system encryption with Windows 10 upgrade using ReflectDrivers mechanism
      • Make EFI Rescue Disk decrypt partition correctly when Windows Repair overwrites first partition sector.
      • Add Driver option in the UI to explicitly allow Windows 8.1 and Windows 10 defragmenter to see VeraCrypt encrypted disks.
      • Add internal verification of binaries embedded signature to protect against some types to tampering attacks.
      • Fix Secure Desktop not working for favorites set to mount at logon on Windows 10 under some circumstances.
      • when Secure Desktop is enabled, use it for Mount Options dialog if it is displayed before password dialog.
      • when extracting files in Setup or Portable mode, decompress zip files docs.zip and Languages.zip in order to have ready to use configuration.
      • Display a balloon tip warning message when text pasted to password field is longer than maximum length and so it will be truncated.
      • Implement language selection mechanism at the start of the installer to make easier for international users.
      • Add check on size of file container during creation to ensure it's smaller than available free disk space.
      • Fix buttons at the bottom not shown when user sets a large system font under Window 7.
      • Fix compatibility issues with some disk drivers that don't support IOCTL_DISK_GET_DRIVE_GEOMETRY_EX ioctl.
    • Linux:
      • Don't allow waiting dialog to be closed before the associated operation is finished. This fix a crash under Lubuntu 16.04.
      • Add CheckBox in mount option dialog to force the use of embedded backup header during mount.
      • When performing backup of volume header, automatically try to use embedded backup header if using the main header fails.
      • Implement benchmarking UI for Hash and PKCS-5 PRF algorithms.
      • Remove limitation of hidden volume protection on disk with sector size larger than 512 bytes.
    • MacOSX:
      • Support pasting values to password fields using keyboard (CMD+V and CMD+A now working properly).
      • Add CheckBox in mount option dialog to force the use of embedded backup header during mount.
      • When performing backup of volume header, automatically try to use embedded backup header if using the main header fails.
      • Implement benchmarking UI for Hash and PKCS-5 PRF algorithms.
     
    Last edited: Sep 13, 2018
  25. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,339
    I'm using Windows 10 Pro 1804 in an Asus laptop (X510UR) with EFI SecureBoot mounting 2 volumes (one SSD and one HDD) with password/PIM since 1.23BETA8. This software is just amazing!

    Thanks @mood for the update!
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.