Security researchers have completed the Open Source Technology Improvement Fund-backed audit of encryption platform VeraCrypt and found eight critical, three medium, and 15 low-severity vulnerabilities. The team behind the popular tool addressed the audit’s findings in VeraCrypt 1.19. This is how security audits should work.
OSTIF said VeraCrypt 1.9 is safe because most of the the flaws have been addressed. Some vulnerabilities were not addressed in this version, due to the “high complexity for the proposed fixes,” but workarounds for those exist.
“As long as you are following the documentation for known issues and using it as advised, I believe [VeraCrypt 1.9] is one of the best FDE [full-disk encryption] systems out there,” said Derek Zimmer, OSTIF CEO and president, in an Ask-Me-Anything Q&A on Reddit. Zimmer is also a partner with virtual private network service provider VikingVPN.
To read this article in full or to leave a comment, please click here