From 8e398770544b303d22fe24fbd89034c7f62c6bf6 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI
Date: Sun, 3 Mar 2019 18:44:21 +0100
Subject: Increment version to 1.24-Beta3. Update Release Notes.
---
doc/html/Release Notes.html | 32 ++++++++++++++++++++++----------
1 file changed, 22 insertions(+), 10 deletions(-)
(limited to 'doc/html')
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html
index c56bd1a9..1cfcfb5f 100644
--- a/doc/html/Release Notes.html
+++ b/doc/html/Release Notes.html
@@ -39,17 +39,34 @@
Note to users who created volumes with 1.17 version of VeraCrypt or earlier:
To avoid hinting whether your volumes contain a hidden volume or not, or if you depend on plausible deniability when using hidden volumes/OS, then you must recreate both the outer and hidden volumes including system encryption and hidden OS, discarding existing volumes created prior to 1.18a version of VeraCrypt.
-1.24-Beta2 (January 31th, 2019):
+1.24-Beta3 (March 3rd, 2019):
- All OSs:
- Increase password maximum length to 128 bytes in UTF-8 encoding.
+
+- Add option to use legacy maximum password length (64) instead of new one for compatibility reasons.
+
+- Use Hardware RNG based on CPU timing jitter "Jitterentropy" by Stephan Mueller as a good alternative to CPU RDRAND (http://www.chronox.de/jent.html)
- Speed optimization of XTS mode on 64-bit machine using SSE2 (up to 10% faster).
- Fix detection of CPU features AVX2/BMI2. Add detection of RDRAND/RDSEED CPU features. Detect Hygon CPU as AMD one.
- Windows:
+- Implement RAM encryption for keys and passwords using ChaCha12 cipher, t1ha non-cryptographic fast hash and ChaCha20 based CSPRNG.
+
+- Available only on 64-bit machines.
+- Disabled by default. Can be enabled using option in UI.
+- Less than 10% overhead on modern CPUs.
+
+- Mitigate some memory attacks by making VeraCrypt applications memory inaccessible to non-admin users (based on KeePassXC implementation)
+- New security features:
+
+- Erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks
+- Add option when system encryption is used to erase all encryption keys from memory when a new device is connected to the system.
+- Add new driver entry point that can be called by applications to erase encryption keys from memory in case of emergency.
+
- MBR Bootloader: dynamically determine boot loader memory segment instead of hardcoded values (proposed by neos6464)
- MBR Bootloader: workaround for issue affecting creation of hidden OS on some SSD drives.
- Fix issue related to Windows Update breaking VeraCrypt UEFI bootloader.
@@ -61,19 +78,14 @@
- Fix ESC on password prompt during Pre-Test not starting Windows.
- Add menu entry in Rescue Disk that enables starting original Windows loader.
- - Better support Multi-boot for EFI system encryption.
-- New security features:
-
-- Erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks
-- Add option when system encryption is used to erase all encryption keys from memory when a new device is connected to the system.
-- Add new driver entry point that can be called by applications to erase encryption keys from memory in case of emergency.
-
-- Use CPU RDRAND or RDSEED as an additional entropy source for our random generator when available.
-- Add mount option that allows mounting a volume without attaching it to the specified drive letter.
+- Add option (disabled by default) to use CPU RDRAND or RDSEED as an additional entropy source for our random generator when available.
+- Add mount option (both UI and command line) that allows mounting a volume without attaching it to the specified drive letter.
- Update libzip to version 1.5.1
- Do not create uninstall shortcut in startmenu when installing VeraCrypt. (by Sven Strickroth)
- Enable selection of Quick Format for file containers creation. Separate Quick Format and Dynamic Volume options in the wizard UI.
- Fix editor of EFI system encryption configuration file not accepting ENTER key to add new lines.
+- Avoid simultaneous calls of favorites mounting, for example if corresponding hotkey is pressed multiple times.
+- Ensure that only one thread at a time can create a secure desktop.
- Updates and corrections to translations and documentation.
--
cgit v1.2.3