VeraCrypt 1.23 with improved Windows upgrades
Idrix, the company behind the encryption software VeraCrypt released VeraCrypt 1.23 for all supported operating systems.
VeraCrypt does not support automatic updates; users and administrators need to download the new version from the official website or through third-party services if available.
Windows users may download a portable version or a version that is installed. The setup version will upgrade any installed copy of VeraCrypt on the system. Please note that it is required to restart the system as the boot driver is updated in the process.
VeraCrypt 1.23 comes more than five months after the release of VeraCrypt 1.22.
VeraCrypt 1.23 comes with operating system specific changes for Windows, Mac OS X and Linux. The Windows version of VeraCrypt received quite a few important changes and new features.
Probably the biggest feature addition of VeraCrypt 1.23 is that VeraCrypt users don't need to decrypt the system partition anymore to upgrade to a new version of Windows 10.
Starting with VeraCrypt 1.23, VeraCrypt is compatible with the upgrading process so that upgrading should be less time-consuming and more straightforward for systems with a VeryCrypt encrypted system partition.
Decryption of the system partition is a time-consuming process. The decryption process depends largely on the size and speed of the drive. While having to decrypt the partition was bad enough, it was necessary to encrypt the partition again once the upgrade completed.
The next Windows 10 feature update, called the October 2018 Update, will be released at the end of this month or the beginning of the coming month and it will be the first major version that would have required the decryption of the VeraCrypt encrypted system partition.
Another, equally important change is support for default EFI SecureBoot configurations for regular versions of Windows and LTSB versions (Long Term Servicing Branch).
Idrix added a new option to the performance and driver settings: "Allow Windows Disk Defragmenter to defragment non system partition/drive" allows the built-in disk defragmentation tool to work with VeraCrypt encrypted disks.
Windows users benefit from several other changes: protection against some forms of tampering thanks to internal verification checks and Secure Desktop improvements.
The list of changes of the Mac and Linux versions of VeraCrypt is much shorter:
- Support for pasting password values on Mac OS X.
- New Checkbox to force the use of the embedded backup header during mount (Linux and Mac).
- If the backing up of the header fails, try to back up the embedded header instead automatically (Linux and Mac).
- New benchmark UI for Hash and PKCS-5 PRF algorithms (Linux and Mac).
- Hidden volume protection limitation lifted for disks with sector sizes larger than 512 bytes (Linux)
Closing Words and verdict
VeraCrypt 1.23 is an important update for Windows users and admins who use VeraCrypt to encrypt the system partition of devices. Operating system upgrades were quite the hassle previously but that changes with the release of the new version.
Now You: Do you use encryption software?
Even though I do not regard encryption as ultra secure, it is still useful and I liked the upgrade process of VeraCrypt 1.23 . I also use Skype desktop private messaging function in Version 22.214.171.124 when appropriate.
” I do not regard encryption as ultra secure”?!?!? What does it mean? If you use a very long password and keep the Key/Pass (or on a secure dongle) offsite, then i really do-not see a problem.
The main problem Is human behavior! The other one is a problem with the interpreter/container implementing Encryption/Decryption.
Math wise the encryption is a done deal! *pending the invention of quantum computers
Concerned about privacy, proceeds to use Skype…
VeraCrypt rules them all.
I miss the relative simplicity of True Crypt, compared to Vera Crypt. Little would need to be done to correct that. It’s essentially an issue of hiding advanced settings. Simplicity is a major factor of security. If security becomes too complex, fewer people will implement necessary measures, mistakes will be made and security will get a bad rap.
“If security becomes too complex, fewer people will implement necessary measures, mistakes will be made and security will get a bad rap”
This is true, but it has to be balanced with the fact that making it too simple also reduces the effectiveness of the security.
The basic tradeoff in security is between being secure and being convenient. The more convenient a measure is, the less secure it tends to be. If that convenience means that people will use it instead of nothing at all, that can still be a net gain, so the appropriate amount of tradeoff entirely depends on the use case and the target audience.
“VeraCrypt does not support automatic updates; users and administrators need to download the new version from the official website or through third-party services if available.”
Isn’t that the case with almost every app on Windows? The only one I know that actually updates itself is Firefox.
I am a VeraCrypt user for quite some time now but only recently realised that when I decrypt the container to use on my work laptop, it’s accessible for our sysadmin guys. I tend to think it’s a feature not a bug, I’m not sure if there’s a way around it with VeraCrypt or with other software.
I tried to find one that keeps my files visible to only myself who actually decrypt them but haven’t yet. I wonder if someone has tried to solve this and if there is a way to do it or it’s wishful thinking at this point.
It’s wishful thinking. While a container is decrypted, then it’s in the clear and security and access control is entirely up to the operating system itself.
There are other sorts of crypt systems that can mitigate this to an extent, by keeping the data encrypted at all times and only decrypting the portion that you or your authorized programs are wanting to see at the moment.
The drawbacks to this are that the decrypted portion is still readable by the system itself while it’s decrypted — you’re just limiting exposure by decrypting a smaller portion at a time — and you pay a reasonable heavy performance penalty as your system has to encrypt/decrypt your data constantly (with every data read or write).
Veracrypt is a YASSSSSSS!
I use it in both Linux and Windows systems.
Has yet to disappoint me . . . LOVE IT, Immensely.
Yes, I use encryption software, but I don’t use VeraCrypt. I don’t avoid it for any rational reason, I admit. I avoid it because I don’t trust it due to it being derived from TrueCrypt. My mistrust is irrational because I know that VeraCrypt has passed security examinations that I consider respectable — but I remain uncomfortable with it regardless. I figure that’s OK as there are many alternatives that don’t make me uncomfortable, and I would never tell anyone else that they shouldn’t use VeraCrypt.