VeraCrypt 1.24 features massive improvements
VeraCrypt 1.24, the upcoming next version of the popular open source and cross-platform encryption software VeraCrypt, comes with a massive list of security and functionality improvements.
The new version of the encryption software is available as a beta release currently. Interested users may download it from the project's Sourceforge Nightly builds directory.
Note: It is not recommended to install the beta in production environments. Make sure to create backups of important data and a VeraCrypt rescue disk and header backup before you install the version on a supported device.
The new version installs fine on its own, as an update of a previous version of VeraCrypt, or as a portable version.
Tip: I suggest you change the default PIM used by the application to improve security further.
The majority of changes apply to the Windows version of VeraCrypt only but some apply to all supported operating systems.
The developers increased the maximum password length to 128 instead of 64 in UTF encoding for all supported operating systems. An option was added to keep on using the 64 limit in Settings > Preferences; check "use legacy maximum password length (64-characters)" to enable the option.
VeraCrypt 1.24 uses hardware random number generation instead of using a CPU-based generation. Additionally, XTS mode performance on 64-bit machines was improved by up to 10% and detection for certain CPU features has been fixed.
The bulk of changes applies to the Windows operating system only. Here are the most important changes in list format:
- Memory attack mitigations make memory used by VeraCrypt inaccessible to non-administrators.
- RAM encryption support for keys and passwords; this is not enabled by default and only available on 64-bit Windows machines. Expect about 10% memory overhead when enabling the feature. You can enable it under Settings > Preferences > More Settings > Performance and Driver Options > "Activate Encryption of keys and passwords stored in RAM".
- VeraCrypt erases the encryption keys from memory when the Windows computer is shut down or when it reboots to defend against "some" cold boot attacks.
- Option to erase all all encryption keys from memory when a new device is connected.
- New driver entry point to erase encryption keys from memory in case of emergency.
- MBR bootloader improvements and fixes.
- Fixed Windows Update issue that broke the VeraCrypt UEFI bootloader.
- Several fixes and improvements for the EFI bootloader, e.g. timeout for password input, Rescue Disk improvements, and fix for Esc-key on password prompt not starting Window.
- New mount option to mount a device without mapping it to the specified drive letter.
- Quick Format option available for file container creations.
VeraCrypt 1.24 will be the first official release of the software program in 2019 and it will be a major upgrade especially on Windows.
Now You: do you use encryption software? Which and why?Advertisement