#Veracrypt vs truecrypt software#
“If the software was too easy to use then people could undermine their own security (by not using it correctly), but the challenge is to create an easy to use interface that still guarantees security.
#Veracrypt vs truecrypt how to#
The positive side of the complexity coin is that VeraCrypt’s current interface means that people have to have some security knowledge to use it, or at least to teach themselves how to use the software. “I need other people to help so I don’t have to make the interface.” “Unfortunately the user interface at the moment is too technical and too complicated for ordinary users,” he said. Idrassi believes that decoupling the encryption engine from the user interface may be a good idea in any case because the current one – which is unchanged from the original TrueCrypt design – is too difficult for many people to use. “VeraCrypt would become just an engine, and someone else (or other teams) could provide the user interface for it,” he said.
#Veracrypt vs truecrypt full#
“The main encryption product would be free, but we would charge for extras to help drive development and full time support,” he said.Īnother possibility is to decouple the underlying encryption engine from the user interface. Idrassi points to Red Hat’s model of charging for Red Hat Enterprise Linux as an example. One possibility that Idrassi is considering is producing an enterprise version of the software that includes extra features or services which businesses would be prepared to pay for. … That’s why not a lot of people contribute,” he said when the project began in 2014. “If you contribute to a project like this, then you will be on a watch list in the U.S. He also believes that many U.S.-based experts may be put off working on VeraCrypt.
Most people just don’t have the know-how to implement such low level software, so very few people can actually contribute.” “Many people offer to help, but a lack of skill is the blocking factor. In the case of VeraCrypt, though, that isn’t possible, Idrassi explained. Most open source projects rely on contributions from volunteers. “I can’t handle it any more unless I recruit dedicated engineers.” “To be honest from a maintenance point of view, it is too big and costly to run,” he said. The project has become too much for Idrassi, as he is only able to devote around 10 hours a week to it. While VeraCrypt is a popular TrueCrypt alternative, it has reached a crossroads and major changes may be afoot. Idrassi’s main concern was that TrueCrypt was not secure against brute force attacks, an issue he addressed by beefing up the transformation process. A security researcher on Google’s Project Zero bug hunting team in 2015 found two critical vulnerabilities in TrueCrypt.
Idrassi is not the only one who has discovered problems. But there were some small things, so we decided to start VeraCrypt,” he said. “There were no big problems, no backdoors or anything like that. Before doing this he carried out a security audit of the code and discovered some issues.
.png "veracrypt vs truecrypt")
Idrassi’s motivation for developing VeraCrypt stems back to 2012 when he was asked to integrate TrueCrypt with a client’s product. VeraCrypt is a fork of the original TrueCrypt code, and the project is run and managed almost single handedly by French IT security consultant Mounir Idrassi. VeraCrypt appeared on the scene as a TrueCrypt alternative. When the TrueCrypt encryption software project was abandoned two years ago, it left many folks looking for an open source encryption system.
0 kommentar(er)
