Quantcast
Channel: VeraCrypt
Viewing all 7620 articles
Browse latest View live

New Post: VeraCrypt 1.15 - Autodismount after short file search

$
0
0
Hello,

Data from eventvwr, german version (repeated several times):
Die Daten konnten nicht in das Transaktionsprotokoll verschoben werden. Die Daten sind möglicherweise beschädigt: Volume-ID: "\?\Volume{ID}", Gerätename: "\Device\VeraCryptVolumeW:". (Ein nicht vorhandenes Gerät wurde angegeben.)
Auf dem Volume "\?\Volume{ID}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
{Fehler beim verzögerten Schreibvorgang} Nicht alle Daten für Datei "" wurden gespeichert. Die Daten gingen verloren. Mögliche Ursachen sind Fehler bei der Computerhardware oder bei der Netzwerkverbindung. Versuchen Sie, die Datei woanders zu speichern.

Can't run fsutil now, I'm currently not at home. Will do it in the evening.

But my disk is <2TB, didn't have any issue so far with either TrueCrypt or VeraCrypt TrueCrypt mode (except the 3TB Toshiba disk we already talked per Email).

Thank you.

Ciao,
Gerhard

New Post: Windows 7 still crashing

$
0
0
I upgraded Avast to the latest version. Included was a fresh copy of aswmonFlt.sys. I have had no crashes since Friday, Sep 25 when I did the installation.
Thanks for all your help.

New Post: Veracrypt mounting same volume under 2 drives letters

$
0
0
I have had a very similar issue using the latest version (1.15), however my situation was a bit different:
  • Clean install of Windows 10 x64
  • 3 volumes: 2 old, encrypted with VeraCrypt, 1 created just today with latest VeraCrypt
  • Duplicated letters were appearing for the new volume and for one of the old volumes
I've tried deleting entries from "HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices", but it didn't help - duplicated drives were created after reboot and remounting, just with different letters. What helped is switching to an older version of VeraCrypt, 1.0f-2, which was working fine for me before.

New Post: Brute Force Password Tools

$
0
0
I'm really disappointed by this thread. The VeraCrypt community should be encouraging efforts to test and break VC's encryption. If anyone believes that NO bad actors with near-limitless resources are working on vulnerabilities within VC, they are delusional.

Bad actors with near-limitless resources do not rely on helpful advice from community forums to do their work.

This of course doesn't address that GuyMontag is NOT looking to even break VC's encryption - they are looking to TEST it. To brute force crack it, aka putting their resources up against VC's claims of eg "10 years required to crack based on the new default number of iterations".

They are asking for a tool that will work with PIM. While PIM has a function in varying the speed of a brute force attach, in the context of this request it is essentially just a second password.

The VC community is not hiding its code - which I believe is a sound practice.

The VC community should also not reject efforts to test the effectiveness of its code.

New Post: Brute Force Password Tools

$
0
0
GuyMontag -

AFAIK there is no tool to crack VeraCrypt containers at the moment. I am searching as well, to recover a drive with lost password.

If you have the programming skills, I would recommend starting with an open source project with many existing configuration possibilities. OTFBrutus is a potential for Windows, written in C (I think), although it is only current through TrueCrypt v7.0a so it may not work due to VeraCrypt being based on TC v7.1a. TrueCrack may be a better alternative, I'm not familiar with it.

Add functionality to specify the number of iterations (that's all PIM is after all), then you MIGHT BE good to go. If there were other updates to the mounting process, you will have to dig through VC's source and changelog.

My programming skills are limited, so I have been working on batch files that utilize the VC command line interface. I don't know if this is the fastest approach, but it's simple enough that I've been able to make it work.

I used http://regldg.com/ to create my line-by-line batch file. It allows you to create a list based on regular expressions.

eg, putting this expression through regldg

VeraCrypt.exe /q /s /v /a /p foo([1-3]) /m label=\1 /e

will yield a resulting batch file with

VeraCrypt.exe /q /s /v /a /p foo1 /m label=1 /e
VeraCrypt.exe /q /s /v /a /p foo2 /m label=2 /e
VeraCrypt.exe /q /s /v /a /p foo3 /m label=3 /e

I then search/replaced "/v" with "/v \Device\bar\bar" in order to specify the volume to mount. I could never get it to come out right in regldg.

The goal here is to iterate through passwords eg foo1, and apply a key as a label to the drive so that once it's decrypted you can reference the label of the drive against your password list. /e is added so that once you successfully mount the drive it will open an Explorer window to alert you, but it should cycle through the rest of the batch file quickly and without processing anything anyway. You can also specify the PIM through the command line.

You will need to mess around with regldg to figure out how to make it work correctly, it's a little complicated and doesn't follow regular expression syntax exactly. One thing I will recommend is don't mess around with character universes unless you don't have to - just specify exactly what your parameters are (eg [a-z][1-99999999]) and add -uc 0 to prevent universe checking.

My goal now is to separate the VC header from the drive and place it on an EC2 instance where I can iterate through this batch file much more quickly. The drive itself is much too large to upload to EC2.

If anyone has any suggestions on how to separate the header in such a way that it will be mounted by VC, but won't require the entire drive to be present, please let me know.

New Post: Veracrypt mounting same volume under 2 drives letters

$
0
0
@keleran,

Did you try removing the TrueCrypt entries and then reboot the PC before attempting to mount the volume?

Sometimes Windows "remembers" what is in the registry that is put in memory until reboot forcing Windows to read that part of the registry.

New Post: VeraCrypt 1.15 Recycle Bin not working on VeraCrypt drive

$
0
0
Just updated from 1.14 to 1.15 and now I'm finding that the Recycle Bin is not working on my container. I mount a file container as drive D: on my Windows 10 PC but if I delete a file from D: it always gives the confirmation prompt to permanently delete the file. Deleting from my system drive C: is OK.

If I right-click on the Recycle Bin and go to Properties, drive D: is not shown as a drive.
If I go into Admin Tools > Computer Management > Disk Management then drive D: isn't shown there either.
But D: does show in Windows Explorer and still seems to be working properly otherwise.
And Admin Tools > Disk Cleanup does show D: too.

Has something gone wrong with my upgrqade to 1.15?

Thanks.

New Post: Veracrypt mounting same volume under 2 drives letters


New Post: Unabloe to mount Truecrypt volume

$
0
0
What version of TrueCrypt was used to create the volume?

VeraCrypt only supports TrueCrypt 6.0 or higher versions for mounting in TrueCrypt mode.

New Post: I was going to switch from Truecrypt to Veracrypt but now I'm not so sure.

$
0
0
Well I'll test it out on my laptop first. :-)

Also, I wish this would just work with an existing TC system encrypted disk, oh well. Decrypting and re-encrypting pretty much ties up the PC for hours and hours.

Thanks for the responses. Feel more secure using VeraCrypt now.

New Post: Veracrypt mounting same volume under 2 drives letters

$
0
0
Does the "duplicate" need to be deleted from HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 in the registry?

New Post: Unabloe to mount Truecrypt volume

$
0
0
I have been using TrueCrypt for years and have expanded this volume over the years in Truecrypt and am able to mount it in Truecrypt 7.1a with no problem.

Commented Unassigned: Boot loader hide password/PIM length [218]

$
0
0
When verifying the password in bootloader the length of password and PIM can be seen.
Though verifying the password can take several minutes the length of password and PIM should be visible during the verification.

I would suggest to display a new screen while verifying password.
Comments: The best solution is to either * replace the password and PIM-rows with the verifying-message or to * replace the asterisks with something like [ENTERED] for the pw upon pressing enter for the first and [DEFAULT] or [ENTERED] for the PIM upon pressing it the second time, depending on if you are one of the 99,999 % of the users who are not really sure about what PIM is and how it affects security and therefore leave it empty.

New Post: I was going to switch from Truecrypt to Veracrypt but now I'm not so sure.

New Post: Question about PIM

$
0
0
If I read the documentation correctly, I can use high PIM values (more than 98 for system encryption and more than 485 otherwise) to increase security.
  • I can also use lower values to increase mounting performance, but only if my passwort has at least 20 characters, correct?
  • If my pw has less than 20 characters, what will happen if I choose a PIM of 97 for sys encryption? Error message? Or does it automatically use the default value?
  • What if I leave it empty and on boot type in "98"? Is empty = 98 or could I increase security even a little bit by choosing 98 instead of nothing?
  • Why do I have to remember how the PIM is used (PIMx2048 and 15k + PIMx1000)? Would'nt it be easier to just let people choose the iteration count directly?
  • Why the seperate calculations? On boot, performance is more important, granted, but if 500k iterations is minimum for non-system volumes, why is 200k safe enough for the system volume?
  • Why is the length of the password the only criterion for Veracrypt to decide if the user can fall below the default PIM values? For example, if you use a 3-character-password and a good keyfile, a low iteration count would'nt hurt security, am I right?

New Post: Question about PIM

$
0
0
I will answer some of your questions. The last two questions would need Mounir to answer.

Arme001 wrote:
I can also use lower values to increase mounting performance, but only if my password has at least 20 characters, correct?
Correct.

Arme001 wrote:
If my pw has less than 20 characters, what will happen if I choose a PIM of 97 for sys encryption? Error message? Or does it automatically use the default value?
You will get an error message.

Arme001 wrote:
What if I leave it empty and on boot type in "98"? Is empty = 98 or could I increase security even a little bit by choosing 98 instead of nothing?
The program defaults can be different from the PIM calculations. Hence, when using the program default, do not enter a PIM. In cases where the program default iterations matches precisely the PIM calculations, you can enter the default PIM. For example, the non-system hashes HMAC-SHA-512, HMAC-SHA-256 and HMAC-Whirlpool calculations match the program default iterations of 500000 by using a PIM of 485. You could leave the PIM empty or enter the PIM 485 value to successfully mount the volume.

Arme001 wrote:
Why do I have to remember how the PIM is used (PIMx2048 and 15k + PIMx1000)? Would'nt it be easier to just let people choose the iteration count directly?
PIM would be a smaller number and in my opinion an easy number to remember since it is used in different calculations between system and non-system encryption when using many volumes. As you noted, there are different calculations between system and non-system volumes leading to different iteration results.

Commented Unassigned: Volumes are mounted twice [226]

$
0
0
I'd like to mount VeraCrypt volumes using the command line like this:

```
%ProgramW6432%\VeraCrypt\VeraCrypt.exe /quit /cache yes /mountoption removable /volume \Device\Harddisk0\Partition0 /letter Z
```

The drive letter `Z` is then mounted as a removable device, but other another drive letter (the first that's available) is mounted as well.

The previously unassigned drive letter stays visible in Windows/File Explorer until the computer is rebooted (see attachment).

I'm using Windows 10 Pro.
Comments: This problem seems to be related to changes in version 1.15, since it does not happen for me, when i revert to version 1.14: Steps to reproduce: - install OS (tested with Windows 7 64Bit) - create new partition on second disk, no letter, don't format - create non system volume using VeraCrypt 1.15 - used drive letters now are C:(OS) and D:(DVD) -> Screenshot 1 - mount newly created volume in VeraCrypt using drive letter E: What happens: - volume is mounted as E: in VeraCrypt as expected - letter F: is also in use (missing from list in VeraCrypt) -> Screenshot 2 - drive F: may not be accessible until you select "Tools", "Refresh Drive Letters" in VeraCrypt -> Screenshot 3 If you revert to VeraCrypt 1.14 the volume is mounted only once (as expected). My guess is, this is connected to the security fix here: https://veracrypt.codeplex.com/SourceControl/changeset/cf4794372e5dea753b6310f1ca6912c6bfa86d45 Maybe there is something special about how "\\GLOBAL??\\" devices are handled in Windows... Workaround, that works for me at the moment: Unmount unwanted volumes using "mountvol" once, e.g. "mountvol F: /d" This way the volume is not mounted again, even after reboot.

New Post: Veracrypt download infected - WARNING - URGENT

New Post: Two-Factor-Auth with FIDO U2F Support

New Post: Encrypting Linux Mint with LUKS and Windows with Veracrypt.

Viewing all 7620 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>