I already think he did a tremendous good job by himself so far but is simple just not enough. I stopped using veracrypt after buying a nvme ssd just to find out veracrypt "downgrades" it to a sata ssd because of the performance issues not fixed not even 3 years after being known as mounir said it will require to rewrite a very big part veracrypt and he doesn't have the knowledge and time to do it alone, not to mention such a big change could introduce vulnerabilities.įor now I use bitlocker as my main encryption software, no matter how talented you are, a cross platform advanced program like vercarypt can't be maintained by 1 single developer that works on it as a hobby in his little spare time.
#BITLOCKER VS TRUECRYPT PASSWORD#
The addition of PIM of veracrypt is just a placebo security just like the other extra encryptions that only downgrade the performance since CPUs only have AES hardware acceleration and if AES would be broken the world would have much bigger problems to deal with than veracrypt, just imagine what would happen to bitcoin.īrute forcing a 48 digits key is simple not possible, not now, not in 30 years so having your password brute forced in 1 million years or 100 millions years is just placebo security, that's why I think the PIM is not helpful unless you use a weak password.I can assure you that in 99% cases nobody will waste more than 1-2 weeks(usually much less) brute forcing your password if they can't find it with another easier way.Īttackers usually try to find out passwords you use somewhere else, use dictionary attacks or will just ask you to hand it over, even in a criminal case the show must go on and they can't be wasting months on your password and will simple just use other evidence.Īs for those thinking they are a high value target and bitlocker has backdoor, no encryption will save you, just look on silkroad owner how they timed their raid to catch him with his laptop opened, they are just too powerful to outsmart them, they could be installing a hardware keylogger on your pc etc. Cold boot attacks the ram while nobody has proven that they were able to extract the key from a firmware TPM which relies inside the CPU and cold boot attacks are very unreliable on DDR4 and DDR5 so I doubt anyone even tries this. Just in my personal view, it is more likely for vera crypt to introduce an unintentional backdoor because of severe lack of development and not being audited for awhile than a big team from microsoft adding an intentional backdoor.īitlocker is better when it comes to cold boot attacks as is taking advantage of TPM unlike veracrypt.
#BITLOCKER VS TRUECRYPT CRACK#
If some big US agency knows a backdoor in it, they are surely keeping it for themselves and high value targets and won't help other countries crack it so you have to put yourself the question, do you really think your computer could end up in the hands of such agency because the honest answer for 99% will be NO. The only advantage i see in veracrypt is being open sourced and offering plausible deniability (which is not easy to obtain if you don't know what you are doing) but have you really seen anyone cracking bitlocker? just head over computerforensic forum and you will see people working for law enforcement not being able to so if you are really paranoid and think that maybe NSA, FBI etc have some backdoor in it, just encrypt your drives with bitlocker and have inside them a veracrypt container with more sensitive information.
You can easily use bitlocker with programs that live boot like unlocking the drive with a simple cmd command unlike vera crypt.īitlocker is up to date while veracrypt developer's haven't logged in its forum in 5 months and is already behind fixing many problems like awful ssd speed problems that are known for 2-3 years and haven't been fixed. You don't need to use complex passwords for system partition as long as they are unique since brute forcing is not an option as TPM will play a big role and an attacker can only attack the recovery key if he moves the drive out of the computer. Bitlocker's implementation is much better since is made by the same company, you won't have problems found in veracrypt like unbootable computer after big upgraded and stuff like this.
0 kommentar(er)
