Can VeraCrypt go more native on OS X?

Topics: Feature Requests
Nov 13, 2015 at 9:00 AM

I'm using TrueCrypt for OS X and thinking to switch to VeraCrypt. The thing that really stops me from doing so at the moment is the necessity to use OSXFUSE. I can't say I'm familiar with it but in general I assume any intermediary layer is evil- it adds complication, computational overhead and security risks.

Can I hope that some day VeraCrypt will work with OS X file system natively, without OSXFUSE? TrueCrypt does not use it by the way.

Also it would be great to see all features - preboot authentication, boot partition encryption, etc. working for OS X, not just containers. Is it somewhere in the plans on the developers?

Nov 13, 2015 at 8:23 PM

Actually TrueCrypt was using Fuse but without informing users!
TrueCrypt installer was installing its own copy of MacFUSE (ancestor of OSXFuse) and I didn't want to replicate this behavior in VeraCrypt for different reasons:
  • Users should know what software is installed on their machine. This is important for trust and TrueCrypt was not clear about this.
  • Shipping a static version of fuse makes it difficult to have updates in case vulnerabilities are found in this layer. By relaying on a maintained project like OSXFuse and explicitly informing users about it, we give users the ability to update their machine when needed.
  • reduce the burden of maintaining a fuse fork in case we want to ship our own copy.
Fuse is the best choice for a cross platform application like VeraCrypt since we can use the same API for Linux and OSX.
Replacing Fuse by a native implementation under OSX requires a huge development effort and clearly this is not part of my expertise. Moreover, vulnerabilities could be introduced to the system because of this since a kernel extension must be developed. Basically, it will be like rewriting OSXFuse!

For system encryption under OSX, there are no plans to implement it because of lack of resources. Other developers are welcome to join the project to work on this.

Nov 14, 2015 at 10:17 AM

thank you for this comprehensive comment. I was really not aware of TrueCrypt using MacFuse silently, and so are most of it's OS X users I'm sure. It changes the balance.

The only questionable moment here is that if you implement "static OSXFuse" inside some product than you probably limit ways of exploiting it's potential vulnerabilities. Once I install OSXFuse as a stand alone application I make it'a API available for every program on the system (including hypothetical malware). Thus increasing 'surface of potential attack', so to say. If, in contrast, OSXFuse is 'locked inside' VeraCrypt, then it's benefits and pitfalls are available only to VeraCrypt.

But no doubt the users shall be informed about this subsystem being installed. I agree 100%.

Thank you for what you do! Cheers