Due to recent audit on VeraCrypt and the AMA on le reddit discuss Veracrypt and other encryption software such as Truecrypt or bitlocker.
https://ostif.org/the-veracrypt-audit-results/
https://www.reddit.com/r/privacy/comments/57yfla/veracrypt_has_been_audited_here_are_the_results/
OSTIF says using the most recent version of VeraCrypt is safe if you see look into the workaround for the bigger issues that are currently in the code: VeraCrypt version 1.19 is the latest version.
https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf
>Read the docs
>Use on bare metal only, no hosted virtual machines.
>Re-encrypt if you used GOST
>Re-encrypt FDE to fix bootloader problems
>No need to re-encrypt normal volumes (unless GOST)
>>57127335
I've been thinking of encryptioning a drive a second time, like encrypting the already encrypted drive.
I'd say that maybe this means people will stop bitching about VeraCrypt on /g/, but that obviously won't happen because /g/.
Thanks for the links, OP, I had been waiting for this to drop.
>>57127414
Your welcome, only one thing though, only the Windows part has been audited. The Mac(who cares) and the Linux part hasn't been audited.
VeraCrypt might not be the best choice on Linux just yet, but TrueCrypt certainly isn't a better choice.
>>57127438
I heard LUKS is a pretty strong solution on Linux. Legit?
>>57127515
Yes or GPG encrypt: https://www.gnupg.org/gph/en/manual/x110.html
VeraCrypt should be fine on Linux though, just the drivers part, encryption for containers should be the same as on Windows if I'm correct.
>>57127335
>https://www.reddit.com/r/privacy/comments/57yfla/veracrypt_has_been_audited_here_are_the_results/
fuck off back to leaddit
>>57127599
>oh no he showed us where the auditing group made some comments!!!11!!1
who the fuck cares?
>>57127632
have a le upboat my good bacon sir haha
>>57127362
At best this will do nothing as you cannot increase entropy beyond the best the cipher can do. At worst you're just making it easier to crack
>>57127438
Why would TrueCrypt be a better choice on Linux? We're all aware that it has been abandoned on all platforms.
>>57127655
>>57127599
Fuck off retard
>>>/v/
>>57127757
>>>/reddit/
>>57127860
People will think I'm a troll but I'm dead serious.
>>57127860
>>57127872
Okay, you can fuck off now and nobody will care
>>57127695
>but TrueCrypt certainly isn't a better choice.
>Why would TrueCrypt be a better choice on Linux
I'm not saying it is at all, but /g/ is autistic and doesn't like change, every fucktard still clings onto the latest 'stable' version. Just check archive and search on 'veracrypt' or 'truecrypt'. People didn't even know that VeraCrypt was under audit.
>>57127885
>>>57127860
>>>57127872
>Okay, you can fuck off now and nobody will care
I'll care. He's my friend so stop being a mean fag.
>>57127860
Reddit is no better. They appear serious about something and then you discover they're full of shit under the carpet.
>>57128097
only someone from there would know that, you can fuck off too
>>57127335
>Bitlocker
it's a Microsoft honeypot
>>57128118
If I have eDrive enabled, what else can I use to encrypt the password? Every guide on the web, that I can find, is based on bitlocker
http://www.ckode.dk/desktop-machines/how-to-enable-windows-edrive-encryption-for-ssds/
https://www.lullabot.com/articles/adventures-with-edrive-accelerated-ssd-encryption-on-windows
>>57128169
Bitlocker is fine to keep your neighbour, local or even organised criminals out. It's perfectly fine. But the thing is if you want absolute privacy you won't have it. Bitlocker > MS > USA > dun goofed.
>>57128215
So what about edrive?
looks promising
linux audit when?
without even reading OP or any post i can tell that this thread is 110% pure concentrated autism+aids+cancer
>>57130509
Autism: The Post
>le
>>57127772
Not an argument.
>>57127335
If you mongrels have doubt in VeraCrypt, just watch: https://www.youtube.com/watch?v=rgjsDS4ynq8
he is a good guy.
>inb4; allahu akbar, tanned croissant, le meals on wheels, mecca honeypot, bomb jovi, snackbar mudshit, 72 backdoors...
>>57127335
>bitlocker
Is this any good if I just want to encrypt a usb drive with my stuff to carry around just in case some nigga break on my house while I'm working and steal my computer and ym offline backups?
>>57130984
It's perfect against anything but your government if they are in 14 eyes or so. Perfect vs. your average crook.
https://en.wikipedia.org/wiki/Five_Eyes#Future_enlargement
Shit, better update to 1.19
Is there a portable version?
>not using lvm+lfe
shidegggy
>>57132638
Yes, but you get a warning:
>https://veracrypt.codeplex.com/wikipage?title=Portable%20Mode
Commence VeraCrypt shill thread #1,721
>>57127335
>Due to recent audit on VeraCrypt
Bear in mind this was only a partial audit. Large chunks of code retained from TC were skimmed over or skipped entirely. The auditers were also forced to work within a very tight schedule, making this audit less than attentive. We really have no idea what alterations VC's authors have made to the base TC system. So no, VeraCrypt is NOT safe.
TC's audit was very much complete, and didn't reveal any serious issues. So despite TC being deprecated, it's still safe to continue using semi-indefinitely.
Also, let me remind you that TC's license does NOT allow forks. VeraCrypt is NOT an endorsed continuation of TC's development.
I'm using LUKS with two encrypted containers, swap and btrfs.
I encrypted something with the 1.18 version, what do I have to do ? Do I only need to use the 1.19 version to decrypt, or do I need to reencrypt anything ?
>>57132638
Yes, but it needs admin access
>>57132704
>Also, let me remind you that TC's license does NOT allow forks. VeraCrypt is NOT an endorsed continuation of TC's development.
This is irrelevant though
>>57132704
see
http://www.pcworld.com/article/2987439/encryption/newly-found-truecrypt-flaw-allows-full-system-compromise.html
AFTER the audit Google found a huge bug giving elevated privileges.
We are in a no man's land. TC is fucked but I agree VC isn't there yet on trust. I would like to see a federal agent on court in the USA testifying to the judge that they are unable to decrypt VC volumes.
These threads are painfully obvious NSA shilling. You start off with erroneous claims about the scope of VeraCrypt's audit, and then proceed to poison the well to prevent any anons from voicing concerns - "Remember guys, anyone who refuses to use this unauthorized fork is just a big ol' conspiracy nut!"
As soon as an anon points out the flaws in VC's extremely limited-scope audit and the preemptiveness of your claims of VC's "safety," discussion in the thread immediately shuts down. Then you just wait a few hours and start a new thread with the same erroneous claims.
Fuck off.
>>57132948
>AFTER the audit Google found a huge bug giving elevated privileges.
That's not a huge bug.
1.) You have to be using Windows. Why aren't you using GNU/Linux?
2.) You'd have to go out of your way to create the conditions for this exploitation to occur, and it occurs only during installation. Installing TC after a fresh reformat shouldn't be an issue. Or just use TC portable.
Install cryptsetup. Use LUKS. Forget inferior/questionable/shillspammed methods.
/thread
Why fuck do you even need to do that
You can keep your stuff safe with keepass you fucking pedofins
>>57133631
>I have no idea what im talking about: The Post
>>57133044
> luks
> windows
>inb4 nsa backdoors
>inb4 microsft already has all my info anyway
>>57133631
>being this much of a retarded normie
>>57132704
>We really have no idea what alterations VC's authors have made to the base TC system.
They're both open-source what the hell are you talking about?
>let me remind you that TC's license does NOT allow forks
Who gives a shit? The authors were pretty much anonymous and went into hiding. It would be stupid to reinvent the wheel instead of leveraging the work they already did.