VeraCrypt@IDRIX

@GaytriotGannon @bricardg @idrassi In principle, VC can be added to a Macrium rescue environment and used manually to mount a volume first, then Macrium can access the mounted drive letter. But seamless unlocking like BitLocker would require VeraCrypt support to be integrated into the rescue media/Macrium workflow

@GaytriotGannon @bricardg @idrassi For Macrium: BitLocker works because WinPE/WinRE includes BitLocker support and Macrium exposes it directly. VeraCrypt is not built into WinPE by default.

📣VeraCrypt update : after Microsoft reinstated @idrassi Windows Hardware Dev account, active work on the next 1.26.x release is underway. Please share important bugs, regressions or low-risk improvements you think should be included before release.

@GaytriotGannon @bricardg @idrassi If you tested this some time ago, it may be worth trying a recent version. If you hit a specific GPT/UEFI issue, please share the details so we can check it before the next 1.26.x release.

@GaytriotGannon @bricardg @idrassi Supported GPT/UEFI setup is to encrypt the Windows/system partition, then encrypt any remaining data partitions separately and add them as System Favorites so they mount automatically at startup.

@Goodpoe135640 @idrassi Yes, this is the long-standing Github #136 issue. Root cause is Windows driver I/O architecture inherited from the container/disk common path. Partial fixes hit stability regressions. We will resume the driver overhaul, but it's not a low-risk 1.26.x fix.

@VeraCrypt_IDRIX @idrassi Please fix the legacy bug causing encryption performance degradation on NVMe SSDs

@bricardg @idrassi Until then, decrypt/resize/re-encrypt remains the safest path.

@bricardg @idrassi We will investigate a guarded repair option to refresh the system header from the actual partition bounds. It must be conservative, since writing wrong values there can cause data loss or boot problems.

@BYTCMgoodies Thanks for checking. Things are ok. Several factors have forced pausing development but it will resume on January. @idrassi should post an update on Sourceforge. General note: climate around encryption adds pressure and economic situation doesn’t help.

@VeraCrypt_IDRIX Is everything ok? Not seen any nightly builds in ages. You ok? Veracrypt development ok?

@JadeSambrook As a long-running project, we've always made it clear that we would rather shut down than compromise our integrity. Transparency is key and if anything changes, the community will be notified one way or another.

@JadeSambrook Legal landscape is changing rapidly in a negative way for privacy. For now, there is nothing that threatens offline encryption tools that are open source. "offline" aspect means that end user is the sole owner of keys/data. Open source aspect mitigates threats against the tech.

@VeraCrypt_IDRIX Im curious about the future of Veracrypt, or encryption in general, because of the new Online Safety Act in the UK. And many other countries are simultaneously proposing legislation (for example Canada, Switzerland, Australia, etc.) that could potentially ban VPN’s, oblige apps and platforms to implement backdoors (i.e., kill encryption), etc. So the question is: Will these new laws affect the integrity of Veracrypt in any way?

@lordofscripts @Bitwarden Such failures happen because of header corruption in file containers. This is outside of VeraCrypt control. Having an external backup of volume header helps recover in such cases. We always advice to compute hash of file container and export header and store both separately.

@VeraCrypt_IDRIX I can no longer trust VeraCrypt with my data, nor advise anyone to do it. I can no longer open ANY of my containers. Both v1.26 & v1.25 FAIL to open. The filesystems are good, the passwords (kept in @Bitwarden ) are good. Over 10 years of valuable data lost.

@lordofscripts The only breaking change is the removal of TrueCrypt, RIPEMD-160 and GOST89 support in version 1.26.7. If your old containers use any of these, you should open them with version 1.25.9 and convert them to newer format/algorithms. More details at: veracrypt.jp/en/Conversion_…

@VeraCrypt_IDRIX has there been a breaking change? All of a sudden I can no longer open my old container that I have used for about a decade with the same phrase. No luck on Windows or Linux.

@MigueFinance Official domain is now .jp. This is indicated on the project's Github and Sourceforge pages and also in the UI. .io is the official mirror. Other domain extensions redirect to it.

@VeraCrypt_IDRIX your official domain is .jp or .io?? I remember previously was .fr but it now redirects to .io but the .jp does not redirect to anything Thanks

As announced on SourceForge in March, VeraCrypt development is moving to Japan following relocation of main developer @idrassi. Attached are screenshots of his post. Link to the SourceForge thread below. IDRIX signing keys are still in use. Only @idrassi has access to them.

@WaywardGeek Interesting project. Thanks for the proposal. This will require a change in volume format since we don't store any metadata. Also network access adds attack surface and failure points. It's a paradigm shift that needs a careful study. Not sure it's adequate for core VeraCrypt.

@VeraCrypt_IDRIX Please consider supporting ultra-hardened encryption for your users. Check out openadp.org. Volunteers are ready to aid in the upgrade.