In macOS Mojave, you can choose to encrypt and decrypt disks on the fly right from the desktop. Using this convenient Finder option, we're going to show you how to encrypt a USB flash drive (or 'thumb drive'), which is useful if you're traveling light and want to take sensitive data with you for use on another Mac.

Easy Guide to Remove Veracrypt@foxmail.com Ransomware completely （Guides for Windows PC: Chapter 1 、Mac OS: chapter2. ) If you are a Windows User, please start from here; If you are a Mac User, please turn to the next Chapter below. Chapter 1 Remove Veracrypt@foxmail.com Ransomware from Windows PC. VeraCrypt is a free disk encryption software brought to you by IDRIX (and based on TrueCrypt 7.1a.It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. Apr 28, 2019  Warning! Veracrypt@foxmail.com Ransomware is a very dangerous malware and it will drop tons of threats on the computer, so the highest priority is scanning the computer with Anti-malware tools. Here we recommend tools: Note: Only scanner is free. If it detects a virus or malware, you’ll need to purchase its full version. Read moreRemove Veracrypt@foxmail.com Ransomware.

Finder uses XTS-AES encryption, the same encryption that FileVault 2 uses to prevent access to data on a Mac's startup disk without a password. Note that the following method is only compatible with Macs – you won't be able to access data on the encrypted drive using a Windows machine.
If this is a requirement, you'll need to use a third-party encryption solution like VeraCrypt. With that in mind, here's how to securely encrypt your USB flash drive.
Attach the USB flash drive to your Mac and locate its disk icon on your desktop, in a Finder window, or in the Finder sidebar, then right-click (or Ctrl-click) it and select Encrypt '[USB stick name]'... from the contextual menu.
(Note that if you don't see the Encrypt option in the dropdown menu, your USB flash drive hasn't been formatted with a GUID partition map. To resolve this, you'll need to erase and encrypt the USB drive in Disk Utility – before that though, copy any data on the drive to another location for temporary safekeeping.)
When you select Encrypt, Finder will prompt you to create a password, which you'll need to enter the next time you attach the USB flash drive to a Mac. (Don't forget this, otherwise you'll lose access to any data stored on the USB drive!) Once you've chosen a password, verify it, add a meaningful hint if desired, and click Encrypt Disk.
The encryption process depends on how much data you have on the USB flash drive, but you'll know it's completed when its disk icon disappears and re-mounts. You'll now be able to access the contents of the USB flash drive as usual, but if you physically detach it and re-attach it to your Mac you'll be prompted to enter the password.
Note that the prompt includes an option for macOS to remember this password in my keychain. Check the box, and whenever you attach the USB stick to your Mac again you won't be prompted to enter the password and you'll have automatic access to it, just like any other drive.
If you ever want to decrypt the USB flash drive in future, right-click (or Ctrl-click) its disk icon, select Decrypt '[USB stick name]' from the contextual menu, and enter the password to turn off encryption protection.

How to Encrypt a USB Flash Drive in Disk Utility

Before proceeding, make sure you've copied any data on the USB flash drive to a safe location, like your Mac's internal disk.

1. Launch Disk Utility, located on your Mac in Applications/Utilities.
   
2. In the Disk Utility toolbar, click the View button and select Show All Devices if it isn't already ticked.
   
3. Select your USB flash drive in the sidebar by clicking its top-level device name (i.e. not the volume name that's listed beneath it).
   
4. Click the Erase button in the toolbar.


5. Give the USB flash drive a name.


6. Next, click the Scheme dropdown menu and select GUID Partition Map. (It's important to do this first before the next step, otherwise you won't see the encryption option in the Format dropdown.)
   
7. Now click the Format dropdown menu and select Mac OS Extended (Journaled, Encrypted).
   
8. Click Erase.
   
9. Enter your new password, enter it once more to verify, include a password hint if desired, then click Choose.
   
10. Click Erase once again, and wait for your disk to be formatted and encrypted.
    

Once the process is complete, copy across your sensitive data to the blank USB flash drive, where it will be automatically encrypted and secured with a password.

Front Page Stories

Veracrypt Manual For Mac Download

• Disney+ Will Offer up to Four Simultaneous Streams and 4K Content for $6.99 a Month

• Apple Contractors Listened to 1,000+ Siri Recordings Per Shift

  2 days ago on Front Page

• The Most Interesting Features in Samsung's New Galaxy Note 10+ Flagship Smartphone

  3 days ago on Front Page

• Health and Activity: What's New in iOS 13

  3 days ago on Front Page

• ZENS Unveils AirPower-Like Wireless Charger With 16 Coils to Charge Two Devices Anywhere on Mat

  3 days ago on Front Page

• HomePod Launches in Japan and Taiwan [Updated]

  3 days ago on Front Page

• Apple Debuts New iCloud.com Beta Site With Fresh Look, Reminders App

  3 days ago on Front Page

• Bose Announces AirPlay 2-Equipped Portable Home Speaker

  4 days ago on Front Page

VeraCrypt

Developer(s)	IDRIX (based in Paris, France)[1]
Initial release	June 22, 2013; 6 years ago
Stable release	1.23 (September 12, 2018; 11 months ago[2])[±]
Repository
Written in	C, C++, Assembly
Operating system	Windows XP and later Windows Server 2003–2012 macOS 10.7 and later
Platform	IA-32 and x64
Available in	37 languages[3]
Type	Disk encryption software
License
Website	www.veracrypt.fr

VeraCrypt is a source-availablefreewareutility used for on-the-fly encryption (OTFE).^[5] It can create a virtual encrypted disk within a file or encrypt a partition^[6] or (in Windows) the entire storage device with pre-boot authentication.^[7]

VeraCrypt is a fork of the discontinued TrueCrypt project.^[8] It was initially released on 22 June 2013 and has produced its latest release (version 1.23) on 12 September 2018.^[9] Many security improvements have been implemented and issues raised by TrueCrypt code audits have been fixed. VeraCrypt includes optimized implementations of cryptographic hash functions and ciphers which boost performance on modern CPUs.

• 2Encryption scheme
• 5Security improvements
• 6Security precautions

License and source model[edit]

New parts of VeraCrypt have been licensed under the Apache License 2.0 since version 1.19,^[4] but VeraCrypt inherited a substantial amount of code from its predecessor TrueCrypt, and also inherited the source-availableTrueCrypt License for those files. This license is not one of many widely used open-source licenses and is not a free software license according to the Free Software Foundation (FSF) license list, as it contains distribution and copyright-liability restrictions.^[10]

Encryption scheme[edit]

Algorithms[edit]

Individual ciphers supported by VeraCrypt are AES, Serpent, Twofish, Camellia, and Kuznyechik. The Magma cipher was removed in version 1.19 in response to a security audit.^[11] Additionally, ten different combinations of cascaded algorithms are available: AES–Twofish, AES–Twofish–Serpent, Camellia–Kuznyechik, Camellia–Serpent, Kuznyechik–AES, Kuznyechik–Serpent–Camellia, Kuznyechik–Twofish, Serpent–AES, Serpent–Twofish–AES, and Twofish–Serpent.^[12] The cryptographic hash functions available for use in VeraCrypt are RIPEMD-160, SHA-256, SHA-512, Streebog and Whirlpool.^[13]

Modes of operation[edit]

VeraCrypt uses the XTSmode of operation.^[14]

Keys[edit]

The header key and the secondary header key (XTS mode) are generated using PBKDF2 with a 512-bitsalt and 200,000 to 655,331 iterations used by default (which could be customized by user to start as low as 2,048), depending on the underlying hash function used.^[15]

Plausible deniability[edit]

As with its predecessor TrueCrypt, VeraCrypt supports plausible deniability^[16] by allowing a single 'hidden volume' to be created within another volume.^[17] In addition, the Windows versions of VeraCrypt have the ability to create and run a hidden encrypted operating system whose existence may be denied.^[18]

The VeraCrypt documentation lists many ways in which VeraCrypt's hidden volume deniability features may be compromised (e.g. by third-party software which may leak information through temporary files, thumbnails, etc., to unencrypted disks) and possible ways to avoid this.^[19]

Performance[edit]

VeraCrypt supports parallelized^[20]:63 encryption for multi-core systems and, under Microsoft Windows, pipelined read and write operations (a form of asynchronous processing)^[20]:63 to reduce the performance hit of encryption and decryption. On processors supporting the AES-NI instruction set, VeraCrypt supports hardware-accelerated AES to further improve performance.^[20]:64 On 64-bit CPUs VeraCrypt uses optimized assembly implementation of Twofish and Camellia.^[9]

Security improvements[edit]

• The VeraCrypt development team considered the TrueCrypt storage format too vulnerable to a National Security Agency (NSA) attack, so it created a new format incompatible with that of TrueCrypt. This is one of the main differences between VeraCrypt and its competitor CipherShed, which continues to use the TrueCrypt format. VeraCrypt is still capable of opening and converting volumes in the TrueCrypt format.^[9][21]
• An independent security audit of TrueCrypt released 29 September 2015 found TrueCrypt includes two vulnerabilities in the Windows installation driver allowing an attacker arbitrary code execution and privilege escalation via DLL hijacking.^[22] This was fixed in VeraCrypt in January 2016.^[23]
• While TrueCrypt uses 1,000 iterations of the PBKDF2-RIPEMD160 algorithm for system partitions, VeraCrypt uses either 200,000 or 327,661 iterations by default (which is customizable by user to be as low as 2,048), depending on the algorithm used.^[15] For standard containers and other partitions, VeraCrypt uses 655,331 iterations of RIPEMD160 and 500,000 iterations of SHA-2 and Whirlpool by default (which is customizable by user to be as low as 16,000).^[15] While these default settings make VeraCrypt slower at opening encrypted partitions, it also makes password-guessing attacks slower.^[24]
• Additionally, since version 1.12, a new feature called 'Personal Iterations Multiplier' (PIM) provides a parameter whose value is used to control the number of iterations used by the header key derivation function, thereby making brute-force attacks potentially even more difficult. Veracrypt out of the box uses a reasonable PIM value to improve security,^[25] but users can provide higher value to enhance security. The primary downside of this feature is that it makes the process of opening encrypted archives even slower.^{[25][26][27][28]}
• A vulnerability in the bootloader was fixed on Windows and various optimizations were made as well. The developers added support for SHA-256 to the system boot encryption option and also fixed a ShellExecute security issue. Linux and macOS users benefit from support for hard drives with sector sizes larger than 512. Linux also received support for the NTFS formatting of volumes.
• Unicode passwords are supported on all operating systems since version 1.17 (except for system encryption on Windows).^[9]
• VeraCrypt added the capability to boot system partitions using UEFI in version 1.18a.^[9]
• Option to enable/disable support for the TRIM command for both system and non-system drives was added in version 1.22.^[9]

VeraCrypt audit[edit]

An audit of version 1.18 was conducted by QuarksLab on behalf of the Open Source Technology Improvement Fund (OSTIF), which took 32 man-days and was published on 17 October 2016.^[9][29][30] The major vulnerabilities identified in this audit were resolved in version 1.19, released the same day.^[31]

Security precautions[edit]

There are several kinds of attacks that all software-based disk encryption is vulnerable to. As with TrueCrypt, the VeraCrypt documentation instructs users to follow various security precautions to mitigate these attacks,^[19][32] several of which are detailed below.

Encryption keys stored in memory[edit]

VeraCrypt stores its keys in RAM; on an ordinary personal computer DRAM will maintain its contents for several seconds after power is cut (or longer if the temperature is lowered). Even if there is some degradation in the memory contents, various algorithms can intelligently recover the keys. This method, known as a cold boot attack (which would apply in particular to a notebook computer obtained while in power-on, suspended, or screen-locked mode), has been successfully used to attack a file system protected by TrueCrypt.^[33]

Physical security[edit]

VeraCrypt documentation states that VeraCrypt is unable to secure data on a computer if an attacker physically accessed it and VeraCrypt is then used on the compromised computer by the user again. This does not affect the common case of a stolen, lost, or confiscated computer.^[34] The attacker having physical access to a computer can, for example, install a hardware or a software keylogger, a bus-mastering device capturing memory or install any other malicious hardware or software, allowing the attacker to capture unencrypted data (including encryption keys and passwords) or to decrypt encrypted data using captured passwords or encryption keys. Therefore, physical security is a basic premise of a secure system. Attacks such as this are often called 'evil maid attacks'.^[35]

Veracrypt Manual For Mac Os

Malware[edit]

Some kinds of malware are designed to log keystrokes, including typed passwords, that may then be sent to the attacker over the Internet or saved to an unencrypted local drive from which the attacker might be able to read it later, when they gain physical access to the computer.^[36]

Trusted Platform Module[edit]

The FAQ section of the VeraCrypt website^[37] states that the Trusted Platform Module (TPM) cannot be relied upon for security, because if the attacker has physical or administrative access to a computer and it is used afterwards, the computer could have been modified by the attacker e.g. a malicious component—such as a hardware keystroke logger—could have been used to capture the password or other sensitive information. Since the TPM does not prevent an attacker from maliciously modifying the computer, VeraCrypt will not support TPM.

See also[edit]

Veracrypt Manual For Mac Os

References[edit]

1. ^'Contact Us – IDRIX'. Retrieved 16 November 2016.
2. ^'Release Notes'. 2018-09-12. Retrieved 2018-09-15.
3. ^'VeraCrypt 1.0f Bundle (All files and their signatures)'. IDRIX. Retrieved 2015-01-04.
4. ^ ^ab'root/License.txt'. VeraCrypt. TrueCrypt Foundation. 17 Oct 2016. Retrieved 23 Jul 2018.
5. ^'VeraCrypt Official Site'
6. ^'VeraCrypt Volume'. VeraCrypt Official Website. Retrieved February 16, 2015.
7. ^'Operating Systems Supported for System Encryption'. VeraCrypt Official Website. Retrieved February 16, 2015.
8. ^Rubens, Paul (October 13, 2014). 'VeraCrypt a Worthy TrueCrypt Alternative'. eSecurity Planet. Quinstreet Enterprise. Archived from the original on December 3, 2018. Retrieved February 16, 2015.
9. ^ ^abcdefg'VeraCrypt Release Notes'
10. ^Phipps, Simon (2013-11-15), 'TrueCrypt or false? Would-be open source project must clean up its act', InfoWorld, archived from the original on 2019-03-22, retrieved 2014-05-20
11. ^Pauli, Darren (October 18, 2016). 'Audit sees VeraCrypt kill critical password recovery, cipher flaws'. The Register. Archived from the original on November 15, 2018.
12. ^'Encryption Algorithms'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
13. ^'Hash Algorithms'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
14. ^'Modes of Operation'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
15. ^ ^abc'Header Key Derivation, Salt, and Iteration Count'. VeraCrypt Documentation. IDRIX. Retrieved 2019-02-19.
16. ^'Plausible Deniability'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
17. ^'Hidden Volume'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
18. ^'Hidden Operating System'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
19. ^ ^ab'Security Requirements and Precautions Pertaining to Hidden Volumes'. VeraCrypt Documentation. IDRIX. Retrieved 2018-03-31.
20. ^ ^abc'VeraCrypt User Guide' (1.0f ed.). IDRIX. 2015-01-04.
21. ^Castle, Alex (March 2015). 'Where Are We At With TrueCrypt?'. Maximum PC. p. 59.
22. ^Constantin, Lucian (September 29, 2015). 'Newly found TrueCrypt flaw allows full system compromise'. PCWorld. Archived from the original on April 19, 2019.
23. ^CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege
24. ^Rubens, Paul (June 30, 2016). 'VeraCrypt a worthy TrueCrypt Alternative'. eSecurity Planet. Archived from the original on December 3, 2018.
25. ^ ^ab'PIM'. veracrypt.fr. Retrieved 7 June 2017.
26. ^Khandelwal, Swati (11 August 2015). 'Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security'. The Hacker News. Archived from the original on 10 April 2019. Retrieved 5 June 2017.
27. ^Brinkmann, Martin (7 August 2015). 'TrueCrypt alternative VeraCrypt 1.12 ships with interesting PIM feature'. Ghacks. Archived from the original on 10 April 2019. Retrieved 5 June 2017.
28. ^'Transcript of Episode #582'. GRC.com. Retrieved 5 June 2017.
29. ^'The VeraCrypt Audit Results'. OSTIF. October 17, 2016. Archived from the original on May 12, 2019. Retrieved October 18, 2016.
30. ^QuarksLab (October 17, 2016). VeraCrypt 1.18 Security Assessment(PDF) (Report). OSTIF. Archived(PDF) from the original on August 7, 2018. Retrieved October 18, 2016.
31. ^Bédrune, Jean-Baptiste; Videau, Marion (October 17, 2016). 'Security Assessment of VeraCrypt: fixes and evolutions from TrueCrypt'. QuarksLab. Archived from the original on May 7, 2019. Retrieved October 18, 2016.
32. ^'Security Requirements and Precautions'. VeraCrypt Documentation. IDRIX. Retrieved February 16, 2015.
33. ^Halderman, J. Alex; et al. (July 2008). Lest We Remember: Cold Boot Attacks on Encryption Keys(PDF). 17th USENIX Security Symposium. Archived(PDF) from the original on May 12, 2019.
34. ^'Physical Security'. VeraCrypt Documentation. IDRIX. 2015-01-04. Retrieved 2015-01-04.
35. ^Schneier, Bruce (October 23, 2009). ''Evil Maid' Attacks on Encrypted Hard Drives'. Schneier on Security. Archived from the original on May 25, 2014. Retrieved May 24, 2014.
36. ^'Malware'. VeraCrypt Documentation. IDRIX. 2015-01-04. Retrieved 2015-01-04.
37. ^'FAQ'. Retrieved 2018-05-05.

External links[edit]

Wikimedia Commons has media related to VeraCrypt.

Veracrypt Manual For Mac Pro

• Official website

Veracrypt Manual For Mac Computer