Optimal time to move mouse

Topics: Feature Requests, Users Discussion
Jan 20, 2016 at 8:05 AM
"Move your mouse as randomly as possible within this window. The longer you move it, the better."

Evidently, user can't keep moving mouse forever. He must stop at some moment. So, user needs to decide how many seconds/minutes is enough.

If you don't tell him he is forced to decide himself.

But user's decision will be a pure guess, while you can program VeraCrypt to determine when it received enough random data. I would do it this way:
  1. I would draw progress bar that would show how many random bits the program already received
  2. The progress moves as user moves the mouse
  3. When progress is less than 256 bits the bar is red
  4. When it is between 256 and 1024 the bar is yellow
  5. Above 1024 the bar is green (there is reserve - we need 256 and received 1024)
Jan 21, 2016 at 9:36 AM
Excellent idea. :-)
Jan 24, 2016 at 2:00 AM
I have created a Codeplex issue to track the status of this proposed improvement.

You can upvote this proposal here: https://veracrypt.codeplex.com/workitem/369
Jan 24, 2016 at 8:20 AM
Good idea, something like what is shown in Qlink: https://qlink.it
Jan 31, 2016 at 11:45 PM
I have implemented this excellent idea and I updated the issue entry: https://veracrypt.codeplex.com/workitem/369#CommentContainer0

You can test it using the latest 1.17-BETA19 installer on Windows.

I also used this opportunity to hide the content of the random pool by default and replace it with random characters (6 of them) derived securely from the content of the pull.





Feb 9, 2016 at 8:12 PM
Hello Mounir,

Should there be an option to enable the real random pool verses the fake pool?

My thinking is some people want to see that truly random hex values are being generated.

At minimum, the user should be made aware of "hide the content of the random pool by default and replace it with random characters (6 of them) derived securely from the content of the pull. " so they do not think only 6 values are being used.

Kind Regards.
Feb 10, 2016 at 8:52 PM
Hi Enigma2Illusion,

I'm not in favor of adding an option for such minor feature.
As for making users understand of the nature of the secure representation of random pool content, I understand your point of view but I don't see how this could be done without adding too much text to the GUI.
A simple solution would be to replace "Current Pool Content" by something else that reflects this this is just a limited and secure representation of the pool content. Any proposals?
Feb 10, 2016 at 9:24 PM
Edited Feb 11, 2016 at 5:17 PM
Hello Mounir,

How about replacing Random/Current pool with Simulated Pool?

EDIT 1: Artificial Pool?
EDIT 2: Fictitious Pool?

Kind Regards.