Tuesday, October 21, 2014

Making VeraCrypt better

When I started VeraCrypt back in 2013, the project attracted little attention but after the collapse of the TrueCrypt the number of users started to grow.
This prompted me to publish Linux and MacOSX version of VeraCrypt as requested by many, and to add other security enhancements by fixing a long list of vulnerabilities in the original TrueCrypt source, either discovered by the Open Crypto Audit project (https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf), found by running Static Code Analysis tools or found by internal review of the source.

The result was VeraCrypt 1.0e which was published on September 4th 2014. It can be downloaded on CodePlex or Sourceforce.

After the publication of the interview I had with Paul Rubens from "eSecurity Planet", many people started asking about the list of enhancement implemented so far in VeraCrypt. I posted an answer to that in the Codeplex discussion forum : https://veracrypt.codeplex.com/discussions/569777#PostContent_1313325

And what's next? The next target is to deprecate the aging RIPEMD-160 especially in boot encryption and to replace it with SHA-256. This requires a lot of work because of the bootloader constraints but hopefully I'll be able to publish a beta version soon.

Also, in order to give the users the freedom of choosing the security level they need and for those who complain about the slowness of VeraCrypt, a security level choice will be introduced : when creating VeraCrypt encrypted containers or when encryption the system partition, the user can choose between a high security level (equivalent to what VeraCrypt does now), a medium level and a low security level.
Hopefully, this will help accelerate the adoption of VeraCrypt among a wider segment of users.

Monday, May 12, 2014

Fixing Virtualbox mounting shared folders issue

As a VirtualBox user, I started to encounter recently issues related to mounting shared folders into Linux guest VMs. The usual mount command started to fail with "wrong fs type" error after updating the Virtualbox Guest Additions and I couldn't understand why.

After some research, I found that this was due to the fact that the upgrade script of the Guest Additions was confused by the fact that there were many VBoxGuestAdditions-4.XXX under /opt and it failed to pick up the most recent one in order to create the symbolic link under /usr/lib.

So, in order to solve the issue, you have to manually create symbolic link using the command :
sudo ln -s /opt/VBoxGuestAdditions-4.3.10/lib/VBoxGuestAdditions /usr/lib/.

In the above, "4.3.10" is the latest version of the Guest Additions I installed. Replace it with the correct version in your case (list all the directories under /opt and pickup the latest one starting by VBoxGuestAdditions).

Tuesday, January 22, 2013

Compiling ARM desktop applications for Windows 8 RT?

Microsoft has disabled compiling ARM desktop application on Visual Studio 2012 even if it is possible technically and the binaries can run without an issue (provided that they are signed by Microsoft).

In order to re-enable the support for ARM desktop application building in Visual Studio 2012, you have to follow these two steps :
  • Edit the file "C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V110\Platforms\ARM\Microsoft.Cpp.ARM.Common.props" and add the following line to the section PropertyGroup : "< WindowsSDKDesktopARMSupport > true < / WindowsSDKDesktopARMSupport > "
  • Add the following define to your project, Makefile or command line through the /D switch: _ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE.

Wednesday, January 16, 2013

Backup and restore Windows 7 activation status (Offline activation after reinstall)

This post is just a reminder of the necessary steps in order to backup Windows 7 activation status before doing a clean re-install and then restoring it back.
They are taken from post on the following link : http://www.mydigitallife.info/how-to-backup-and-restore-windows-7-and-server-2008-r2-activation-status-activate-offline-on-reinstall/
  1. Copy and save or backup the following activation-related files to external storage medium such as USB flash drive or portable hard disk drive: C:\Windows\ServiceProfiles\NetWorkService\
    AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Tokens.dat
    and,C:\Windows\System32\spp\tokens\pkeyconfig\pkeyconfig.xrm-ms
    Note: For 64-bit (x64) OS, C:\Windows\SysWOW64\spp\tokens\pkeyconfig\pkeyconfig.xrm-ms have to be backed up too.
  2. Retrieve and record the product key used to install and activate the current Windows 7 or Windows Server 2008 R2.
  3. Reinstall Windows 7 or Windows Server 2008 R2. When installation wizard prompts for a product key for activation, leave it blank (do not enter anything).
  4. In the newly installed Windows operating system, stop the Software Protection Service in Services.msc or with the following command (run in elevated command prompt): net stop sppsvc
  5. Navigate to the following folder: C:\Windows\System32\spp\tokens\pkeyconfig\
    Note: In 64-bit (x64) operating system, also perform the action in C:\Windows\SysWOW64\spp\tokens\pkeyconfig\ folder.
  6. Take ownership and give user full control permissions (alternatively add grant full control right click menu item) to pkeyconfig.xrm-ms file.
  7. Delete the original default pkeyconfig.xrm-ms file, and replace with the backup copy.
  8. Navigate to the following folder: C:\Windows\ServiceProfiles\NetWorkService\
    AppData\Roaming\Microsoft\SoftwareProtectionPlatform\

  9. Take ownership and give user full control permissions (alternatively add grant full control right click menu item) to tokens.dat file.
  10. Delete the original default tokens.dat file, and replace with the backup copy.
  11. Restart the Software Protection Service in Services.msc or with the following command (run in elevated command prompt): net start sppsvc
  12. Register the product key for Windows 7 or Windows Server 2008 R2 with the following command (run in elevated command prompt): slmgr.vbs -ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
    Replace xxxxx-xxxxx-xxxxx-xxxxx-xxxxx with the actual product key.
  13. Windows will activated instantly, off-line. To check activation status, uses of of the following commands: 
    • slmgr.vbs -dlv
    • slmgr.vbs -dli
    • slmgr.vbs -ato

Friday, July 29, 2011

Advapi32 patch for 64-bit Windows XP SP2

I have been asked this week by a customer to provide the patch for the advapi32 dll on Windows XP SP2 64-bit, with version number 5.2.3790.4455. For the 32-bit dll that resides in SysWOW64, it is the same as the one I have already published for Windows Server 2003 SP2. So, I had only to come up with the patch for the 64-bit dll. And without waiting, here are the patch bytes :
  • Advapi32 dll version 5.2.3790.4455 in SysWOW64 directory :
    • At offset 0x11E3F : change 75 to 90
    • At offset 0x11E40 : change 08 to 90
    • At offset 0x11E47 : change 74 to EB
  • Advapi32 dll version 5.2.3790.4455 in System32 directory :
    • At offset 0x11B05 : change 0F to 90
    • At offset 0x11B06 : change 84 to E9
    • At offset 0x4D06F : change 0F to 90
    • At offset 0x4D070 : change 85 to 90
    • At offset 0x4D071 : change 96 to 90
    • At offset 0x4D072 : change 4A to 90
    • At offset 0x4D073 : change FC to 90
    • At offset 0x4D074 : change FF to 90