Truecrypt volume now mounts read only?

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
Have a Truecrypt volume on external HD concected to Mac Mini OSX Lion.

Created 1 year ago. Been reading/writing to it all that time. The other day it "switched" to read only (in the Get Info).

I checked the Truecrypt mounting options and "create as read only" is NOT checked!

I have no clue why how etc. Help please! And thanks!
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
In Terminal, please run the following command:

diskutil list

Paste the Terminal output to this topic, as code (the ‘#’ icon in the advanced editor). Thanks.

What file system is used for the encrypted volume?

If it’s HFS Plus, then use Disk Utility to verify (not repair) the volume. Does it appear to be OK?
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
Terminal Diskutil List

Code:
Last login: Tue May 12 21:07:28 on console
Macmini:~ jack$ diskutil list
/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.1 GB   disk0
   1:                        EFI                         209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            499.2 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *2.0 TB     disk1
   1:                        EFI                         209.7 MB   disk1s1
   2:                  Apple_HFS OWC Mercury Elite AL... 2.0 TB     disk1s2
/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *4.0 TB     disk2
   1:       Microsoft Basic Data                         4.0 TB     disk2s1
/dev/disk3
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                                                   *3.2 TB     disk3
Macmini:~ jack$


----------

What file system is used for the encrypted volume?

If it’s HFS Plus, then use Disk Utility to verify (not repair) the volume. Does it appear to be OK?
Its NTFS.
 

Taz Mangus

macrumors 601
Mar 10, 2011
4,648
824
Code:
Last login: Tue May 12 21:07:28 on console
Macmini:~ jack$ diskutil list
/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.1 GB   disk0
   1:                        EFI                         209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            499.2 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *2.0 TB     disk1
   1:                        EFI                         209.7 MB   disk1s1
   2:                  Apple_HFS OWC Mercury Elite AL... 2.0 TB     disk1s2
/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *4.0 TB     disk2
   1:       Microsoft Basic Data                         4.0 TB     disk2s1
/dev/disk3
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                                                   *3.2 TB     disk3
Macmini:~ jack$


----------



Its NTFS.
OS X is not able to read/write to NTFS. You must have a third party driver installed if it was previously working. Sounds like there is an issue with the third party driver. Also, not sure if you are aware of this but the TrueCrypt project is no longer being supported since 2014.
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
Thx for helping! You are correct. I bought Tuxera to allow Mac to read NTFS so I sent them a help request.

----------

Also I did know that Truecrypt is done. But I'm not sure what to do to replace it. I've got a 4 TB drive - 3.8 TB full so I really don't know how to use another tool to do what I have done without massive file transfers etc.
 

0983275

Suspended
Mar 15, 2013
472
56
TrueCrypt is still a viable option even if it's not being supported anymore.

An audit on TC was done recently and it was deemed that it's still safe to use.

If you're still worried about that, use something like VeraCrypt (TC fork)
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
Scope of audits of TrueCrypt; security models of TrueCrypt and VeraCrypt

Limited scope of the Open Crypto Audit Project reports on TrueCrypt

… An audit on TC was done recently and it was deemed that it's still safe to use.
From https://opencryptoaudit.org/reports...dit_Project_TrueCrypt_Security_Assessment.pdf (2014-02-14), with emphasis:

"… The assessment explicitly excluded … Mac Components …"​

From https://opencryptoaudit.org/reports/TrueCrypt_Phase_II_NCC_OCAP_final.pdf (2015-03-13):

"… Platform Windows, C / C++ …"​

Security models

Long before those audits, within the security model at least one default struck me as peculiar for computers with multiple users:
  • a user without administrator privileges can access "the filesystem residing within a TrueCrypt volume mounted by another user on the system …".

If you're still worried about that, use something like VeraCrypt (TC fork)
There's the same peculiarity in the security model.

So think carefully before using TrueCrypt or VeraCrypt defaults in a Mac environment with fast user switching … and so on.
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
grahamperrin - what do you suggest for a system where I have many R & X rated videos ripped from DVD that I dont want teens getting access too?
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
The external disk is formatted NTFS and it holds a Truecrypt volume in NTFS. Its connected to IOS X Lion. I have Tuxera software installed to allow Mac to read NTFS

For over a year I had been ab le to read and write to that volume. 2 weeks ago - it changed to read only. Thats what I'm trying to solve. I need to "correct" that so I can again write files to the disk.
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
In the FUSE for OS X pane of System Preferences, check that you have a stable release (at the time of writing: 2.7.5).

Tuxera NTFS for Mac – I see that it can be used with Lion. Did you get a response?

VeraCrypt – I see that its list of supported systems includes Lion.

Lion, no longer supported by Apple.

NTFS.

The combination of those four products, plus NTFS, may be quite rare in 2015. So it's possible that the combination has not benefited from widespread testing – with feedback to all three sets of third party developers.

With that possibility in mind, you might think about borrowing a 4 TB drive (for transfers of data) and then, simply use FileVault in Lion (reliable but no longer supported by Apple) with HFS Plus, instead of the three third party products with NTFS.

Last but not least: when you regain a writeable file system, take the opportunity to perform some weeding. 200 MB or less free on a 4 TB drive is not ideal.
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
My mistake. The OS is 10.8.5 Mountain Lion.

I did get an initial response but their "fix" was not available. I'm still waiting.

As far as your comment "Last but not least: when you regain a writeable file system, take the opportunity to perform some weeding. 200 MB or less free on a 4 TB drive is not ideal." - I dont see where the 4 TB disk or the 3.8 TB Truecrypt volume indicate they only have 200 MB remaining.

Accordint to Disk Util, 4 TB drive has 779 GB available and the 3.2 TB Truecrypt volume has 387 GB available.
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
In the FUSE for OS X pane of System Preferences, check that you have a stable release (at the time of writing: 2.7.5).

Tuxera NTFS for Mac – I see that it can be used with Lion. Did you get a response?

VeraCrypt – I see that its list of supported systems includes Lion.

Lion, no longer supported by Apple.

NTFS.

The combination of those four products, plus NTFS, may be quite rare in 2015. So it's possible that the combination has not benefited from widespread testing – with feedback to all three sets of third party developers.

With that possibility in mind, you might think about borrowing a 4 TB drive (for transfers of data) and then, simply use FileVault in Lion (reliable but no longer supported by Apple) with HFS Plus, instead of the three third party products with NTFS.

Last but not least: when you regain a writeable file system, take the opportunity to perform some weeding. 200 MB or less free on a 4 TB drive is not ideal.
OK Graham - I'm back. With a new 4 TB USB Drive. So.....

Here's again is my situation. Original drive has movies on it, some rated for adults only. Ss I need to be able to encrypt/password protect/ or something so kids can't access. I was using Truecrypt. It was fine. But having the original drive in NTSF, I have to use Tuxera software to write to it. Then POOF, no more write capability and Tuxera has not found the bug yet.

So how should I format them (I see 4 Mac options in Disk Utility) and how should I "encrypt/protect" them?
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
When you get a spare drive:
  1. format the drive, Mac OS Extended (Journaled) with a GUID Partition Table
  2. use the File menu of Disk Utility to create a new blank disk image
  3. in the image creation dialogue, choose an encryption method
  4. sparse bundle disk image may be the ideal image format
  5. store the image on the volume that was created at step (1).
screenshot 2015-06-25 at 16.17.18.png


There's also the more modern Core Storage approach to encryption, but in your situation privacy may be easier to achieve with a traditional disk image.

Whichever approach you choose, double check that other users of the computer can not see the contents of the mounted volume. (I can't recall how things behave with Lion.) If contents are visible to other users, then return to your own user account and use Finder to set stricter permissions.
 
Last edited:

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
When you get a spare drive:
  1. format the drive, Mac OS Extended (Journaled) with a GUID Partition Table
  2. use the File menu of Disk Utility to create a new blank disk image
  3. in the image creation dialogue, choose an encryption method
  4. sparse bundle disk image may be the ideal image format
  5. store the image on the volume that was created at step (1).
View attachment 564080

There's also the more modern Core Storage approach to encryption, but in your situation privacy may be easier to achieve with a traditional disk image.

Whichever approach you choose, double check that other users of the computer can not see the contents of the mounted volume. (I can't recall how things behave with Lion.) If contents are visible to other users, then return to your own user account and use Finder to set stricter permissions.
I'll try that in a bit. Am I making an image of the original truecrypt disc? And wouldnt the same read only permissions transfer over?
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
I'll try that in a bit. Am I making an image of the original truecrypt disc? And wouldnt the same read only permissions transfer over?
When you get a spare drive:
  1. format the drive, Mac OS Extended (Journaled) with a GUID Partition Table
  2. use the File menu of Disk Utility to create a new blank disk image
  3. in the image creation dialogue, choose an encryption method
  4. sparse bundle disk image may be the ideal image format
  5. store the image on the volume that was created at step (1).
View attachment 564080

There's also the more modern Core Storage approach to encryption, but in your situation privacy may be easier to achieve with a traditional disk image.

Whichever approach you choose, double check that other users of the computer can not see the contents of the mounted volume. (I can't recall how things behave with Lion.) If contents are visible to other users, then return to your own user account and use Finder to set stricter permissions.
Graham - first thanks sooo much for helping. can I ask you to elaborate a bit for me plesse so I understand what we're (I'm) doing?

2. Why do I need a disk image rather than just Copy/Paste files from old to knew? Does this allow a Truecrypt like setup? If so, how does that work? Only my user can see it? Or requires password or?
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
… Does this allow a Truecrypt like setup? If so, how does that work? Only my user can see it? Or requires password or?
The similarity to TrueCrypt is the encryption, step (3). During the image creation routine the operating system will prompt you for a password.

Here's an end result of the routine in Mavericks, viewed by me:
screenshot 2015-06-25 at 22.23.59.png


Viewed by a different user (not me):
not me.png


Ignorance of ownership, shown at the foot of each screenshot, is normally a sign that permissions and access controls are ignored.

In the second shot that sign is potentially misleading; truly, the user has no access √
 
Last edited:

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
OK.
So - will I be able to write to this "image" anytime in the future?
 

grahamperrin

macrumors 601
Jun 8, 2007
4,942
643
Yep.

The sparse bundle disk image format allows you to begin with a small .sparsebundle and the size will grow, as you add to the disk.
 

hotkey

macrumors member
Original poster
Feb 8, 2010
42
2
Yep.

The sparse bundle disk image format allows you to begin with a small .sparsebundle and the size will grow, as you add to the disk.
OK thx! I'll roll up my sleeves and get to it this weekend and we
ll see what happens!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.