Tuesday, October 21, 2014

Making VeraCrypt better

When I started VeraCrypt back in 2013, the project attracted little attention but after the collapse of the TrueCrypt the number of users started to grow.
This prompted me to publish Linux and MacOSX version of VeraCrypt as requested by many, and to add other security enhancements by fixing a long list of vulnerabilities in the original TrueCrypt source, either discovered by the Open Crypto Audit project (https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf), found by running Static Code Analysis tools or found by internal review of the source.

The result was VeraCrypt 1.0e which was published on September 4th 2014. It can be downloaded on CodePlex or Sourceforce.

After the publication of the interview I had with Paul Rubens from "eSecurity Planet", many people started asking about the list of enhancement implemented so far in VeraCrypt. I posted an answer to that in the Codeplex discussion forum : https://veracrypt.codeplex.com/discussions/569777#PostContent_1313325

And what's next? The next target is to deprecate the aging RIPEMD-160 especially in boot encryption and to replace it with SHA-256. This requires a lot of work because of the bootloader constraints but hopefully I'll be able to publish a beta version soon.

Also, in order to give the users the freedom of choosing the security level they need and for those who complain about the slowness of VeraCrypt, a security level choice will be introduced : when creating VeraCrypt encrypted containers or when encryption the system partition, the user can choose between a high security level (equivalent to what VeraCrypt does now), a medium level and a low security level.
Hopefully, this will help accelerate the adoption of VeraCrypt among a wider segment of users.

Monday, May 12, 2014

Fixing Virtualbox mounting shared folders issue

As a VirtualBox user, I started to encounter recently issues related to mounting shared folders into Linux guest VMs. The usual mount command started to fail with "wrong fs type" error after updating the Virtualbox Guest Additions and I couldn't understand why.

After some research, I found that this was due to the fact that the upgrade script of the Guest Additions was confused by the fact that there were many VBoxGuestAdditions-4.XXX under /opt and it failed to pick up the most recent one in order to create the symbolic link under /usr/lib.

So, in order to solve the issue, you have to manually create symbolic link using the command :
sudo ln -s /opt/VBoxGuestAdditions-4.3.10/lib/VBoxGuestAdditions /usr/lib/.

In the above, "4.3.10" is the latest version of the Guest Additions I installed. Replace it with the correct version in your case (list all the directories under /opt and pickup the latest one starting by VBoxGuestAdditions).