This project has moved. For the latest updates, please go here.

Question about the future of VeraCrypt

Topics: Users Discussion
Apr 12 at 9:21 PM
I understand that Mr. Mounir Idrassi has recently stopped working on the VeraCrypt project for reasons that remain undisclosed, which I fully respect. I have a question about the future of VeraCrypt. Will it remain in active development or should we begin to look elsewhere for disk encryption software?
Apr 13 at 3:06 PM
I sometimes think a small occasional donation from those able to safely make a donation can allow projects such as VeraCrypt to be viable long term. (That's not to say donations has anything to do with it as it stands now, of course.)
Developer
Apr 13 at 3:42 PM
I'm trying to implement some patches like TPM 1.2 support etc.
https://sourceforge.net/projects/dc5/files/beta/

but without sign key I can not create release.
Apr 13 at 9:13 PM
Related to the question above I asked the following questions on Twitter about a week ago and received no response.

Hello, may I ask who are Disk Cryptography Services?
I was going to donate to VeraCrypt but with the new 1.2 build being developed by these guys and Codeplex closing down; I’m not so sure. Is this project over?

For me this is very disconcerting. I don’t expect a reply to every question asked but a short update should have been posted on the main page of the website stating active development had slowed/ceased and provided an update on the current status and possible future of the project.

I would like to contribute financially to this project as I have done since late 2014 (usually 3 to 4 times per year). However I am beginning to re-consider since it appears this project is over or faces a lack of clear direction.

As mentioned above, who are Disk Cryptography Services (DCS)? Until I know who or what they are, I am not using another build of VeraCrypt.

Please do not go the same way as the TrueCrypt developers who simply went silent to all questions and then replaced their homepage with a message stating TrueCrypt may be insecure and to please use BitLocker. At this rate I would not be surprised if the same happened here.

Please do not misunderstand me, I am not trying to scaremonger here. I really like VeraCrypt and want to continue as it has done since it was founded. I am just disappointed by the lack of communication/clear direction.

I realise Mr. Mounir is not available but I needed to search several threads to find this out. This should be easier to locate.

Since he is not available, is this project now over (since he is the only one with the signing key (which I think from a security point of view is a good thing)).
I agree with metar26, donations don’t have this project in the situation it is now.

Thanks for your time.
Developer
Apr 14 at 4:04 AM
Edited Apr 14 at 4:06 AM
I started DCS year ago.

First goal was to create EFI pre boot authorization for VearCrypt because VC/TC is the most well known FDE solution and nowadays EFI is standard environment.

There are several ideas to improve: TPM 2.0, smart card, OPAL drives, over software disk encryption (e.g DiskCryptor, LUKS)

Besides PBA improvements I did some tools
DcsFV (find volume) - to search VC containers (methods: statistics and brute force)
DcsWinCfg - to create multiple hidden volumes in VC container

Future of the project is not clear. Lack of funding.
Apr 14 at 7:33 PM
Hi kavsrf,

Many thanks for your clarification and foe being so honest. I am pleased to meet you :)

Do you or someone else have the necessary permissions to edit the home page of this site?

http://veracrypt.codeplex.com/

If so I would suggest highlighting the uncertainty of this project on this page. Since it lacks funding, ask for funding to better ensure the survival of the project. People will most likely help if they know there is any issue. Honesty can a long way.

Would an Indiegogo or KickStarter campaign be out of the question? Using it to add features or audit the code further could really help.

If I send a donation to the PayPal link on the VeraCrypt homepage, will this benefit the project? I am asking since I don’t know who has access to these funds and realise they may no longer be accessible to the wider project members. I can only contribute financially. I am not code developer.

If anyone else has any suggestions of how better ensure the survival of this project, now is the time to step up and make your voice heard. We don't want this tool to go the way TrueCrypt did.

Thanks for your contribution to this project. Apologies for any offense I caused.
Apr 14 at 7:35 PM
By the way, highlighting that the project needs funds on Twitter would also help. A few well placed hash tags can get a lot of attention.

Thanks.
Developer
Apr 15 at 6:43 AM
Last message I got from Mounir was month ago. He had plans to come back to project. There were some problems.

I do not know - will Mounir be able to come back or not.

I do not have access to VeraCrypt donations and twitter.

To solve urgent issues and publish improvements I created separate project DCS.
Apr 17 at 3:39 PM
Just knowing Mounir at one time was thinking of making a return to the VeraCrypt project is kinda reassuring in that it suggests something untoward wasn't happening. (The way TrueCrypt vanished left many lingering doubts.)
Apr 20 at 7:35 PM
Edited Apr 20 at 7:45 PM
Please see the thread linked to below for an update from Mounir:

https://veracrypt.codeplex.com/discussions/662392

@kavsrf: I will be making a donation to your fund for a signing certificate. I realise you may not need now but I want to help. Thanks again for your work and for providing clarity in this thread.

I'm going to have to retry that donation again tomorrow, it's failing for some reason. But I will persist.