17 comments

[ 3.6 ms ] story [ 54.3 ms ] thread
That's wonderful news, but I'm curious about a couple things:

(a) How much, if any, of the original TrueCrypt source code was used? The anonymous TrueCrypt author(s) inexplicably refused to open source their code even after abandoning the project, so although all TrueCrypt source code is available, the TrueCrypt author(s) still own it.

(b) Who is behind VeraCrypt? I see two names (idrassi and kavsrf), but who are they really? There were only two developers? Did anyone finance it other than public donations on their website? I'm tremendously grateful for their efforts and I intend to make a donation shortly, but I think we'd all trust it a little more if we knew more about the people behind it.

The source code availability and the audit are even more important than knowing about the people, but knowing about the people adds something as well. A video interview or newsmagazine profile about them would be ideal. (Perhaps I'm asking something contradictory since someone who writes a TrueCrypt replacement is probably a very private person.)

Can it use existing TrueCrypt volumes without modifications?
Yes, when mounting a volume, there is a checkbox "TrueCrypt mode" on right side bottom, under password edit line. You can make it checked by default in settings.
Thank you. I think it's time to switch over from TrueCrypt.
Test it first. It didn't work for me. Maybe because I also use keys not jus password but anyway I had to stick with truecrypt.
Yup, will do that too. Thanks.
This may be because they fixed the vulnerability with truecrypt keyfiles and didn't want to leave the vulnerable implementation around. Might want to report it and see what can be done.
Honestly I dont care. Truecrypt works great for me. My adversary is neither NSA nor FBI, so I can live with some small vulnerabilities. I installed Veracrypt, tried it with "Truecrypt compatibility" on and it didnt worked. This signals to me, that Veracrypt is not very much tested either, if they have bugs like this, they may also have bugs in crypto. So why shouold I trust it more? Truecrypt is proven by years of usage.
You're right, but the one catch is you sure shouldn't be using key files with it as they're one of the few things with known issues.
Well, that's good, Truecrypt mode worked for me. I'll start switching over now in Truecrypt mode, and eventually will create VeraCrypt volumes and move everything over.
This doesn't work properly. I have truecrypt file volumes created by truecrypt 7.1a that veracrypt is not able to decrypt.
I have no problems on 3 drives. Report issue maybe?
I just recently upgraded my system to windows 10 and encrypted it again with truecrypt7.1a if anyone is wondering... everything works fine.
Note that hidden Truecrypt volumes have been found to be broken (not-so-hidden). This has just been fixed in VeraCrypt 1.18a.
>fixes a critical #TrueCrypt vulnerability in hidden volumes

Do I have to upgrade my container to the newer version?