Truecrypt volume now mounts read only?

Discussion in 'macOS' started by hotkey, May 14, 2015.

  1. hotkey macrumors member

    Joined:
    Feb 8, 2010
    #1
    Have a Truecrypt volume on external HD concected to Mac Mini OSX Lion.

    Created 1 year ago. Been reading/writing to it all that time. The other day it "switched" to read only (in the Get Info).

    I checked the Truecrypt mounting options and "create as read only" is NOT checked!

    I have no clue why how etc. Help please! And thanks!
     
  2. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #2
    In Terminal, please run the following command:

    diskutil list

    Paste the Terminal output to this topic, as code (the ‘#’ icon in the advanced editor). Thanks.

    What file system is used for the encrypted volume?

    If it’s HFS Plus, then use Disk Utility to verify (not repair) the volume. Does it appear to be OK?
     
  3. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #3
    Terminal Diskutil List

    Code:
    Last login: Tue May 12 21:07:28 on console
    Macmini:~ jack$ diskutil list
    /dev/disk0
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *500.1 GB   disk0
       1:                        EFI                         209.7 MB   disk0s1
       2:                  Apple_HFS Macintosh HD            499.2 GB   disk0s2
       3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
    /dev/disk1
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *2.0 TB     disk1
       1:                        EFI                         209.7 MB   disk1s1
       2:                  Apple_HFS OWC Mercury Elite AL... 2.0 TB     disk1s2
    /dev/disk2
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *4.0 TB     disk2
       1:       Microsoft Basic Data                         4.0 TB     disk2s1
    /dev/disk3
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:                                                   *3.2 TB     disk3
    Macmini:~ jack$ 


    ----------

    Its NTFS.
     
  4. Taz Mangus macrumors 68040

    Taz Mangus

    Joined:
    Mar 10, 2011
    #4
    OS X is not able to read/write to NTFS. You must have a third party driver installed if it was previously working. Sounds like there is an issue with the third party driver. Also, not sure if you are aware of this but the TrueCrypt project is no longer being supported since 2014.
     
  5. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #5
    Thx for helping! You are correct. I bought Tuxera to allow Mac to read NTFS so I sent them a help request.

    ----------

    Also I did know that Truecrypt is done. But I'm not sure what to do to replace it. I've got a 4 TB drive - 3.8 TB full so I really don't know how to use another tool to do what I have done without massive file transfers etc.
     
  6. Idarzoid macrumors 6502

    Joined:
    Mar 15, 2013
    #6
    TrueCrypt is still a viable option even if it's not being supported anymore.

    An audit on TC was done recently and it was deemed that it's still safe to use.

    If you're still worried about that, use something like VeraCrypt (TC fork)
     
  7. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #7
    Scope of audits of TrueCrypt; security models of TrueCrypt and VeraCrypt

    Limited scope of the Open Crypto Audit Project reports on TrueCrypt

    From https://opencryptoaudit.org/reports...dit_Project_TrueCrypt_Security_Assessment.pdf (2014-02-14), with emphasis:

    "… The assessment explicitly excluded … Mac Components …"​

    From https://opencryptoaudit.org/reports/TrueCrypt_Phase_II_NCC_OCAP_final.pdf (2015-03-13):

    "… Platform Windows, C / C++ …"​

    Security models

    Long before those audits, within the security model at least one default struck me as peculiar for computers with multiple users:
    • a user without administrator privileges can access "the filesystem residing within a TrueCrypt volume mounted by another user on the system …".

    There's the same peculiarity in the security model.

    So think carefully before using TrueCrypt or VeraCrypt defaults in a Mac environment with fast user switching … and so on.
     
  8. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #8
    grahamperrin - what do you suggest for a system where I have many R & X rated videos ripped from DVD that I dont want teens getting access too?
     
  9. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #9
    Operating systems?

    Use of NTFS implies Windows in the mix. Which version?

    Do you expect to upgrade from Lion?

    Any other operating systems?
     
  10. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #10
    The external disk is formatted NTFS and it holds a Truecrypt volume in NTFS. Its connected to IOS X Lion. I have Tuxera software installed to allow Mac to read NTFS

    For over a year I had been ab le to read and write to that volume. 2 weeks ago - it changed to read only. Thats what I'm trying to solve. I need to "correct" that so I can again write files to the disk.
     
  11. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #11
    Please: if there's no use of Windows, then why was NTFS chosen?
     
  12. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #12
    I really dont recall...I had a reason at the time....but its irrelevent. I'm looking for help solving the problem.
     
  13. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #13
    In the FUSE for OS X pane of System Preferences, check that you have a stable release (at the time of writing: 2.7.5).

    Tuxera NTFS for Mac – I see that it can be used with Lion. Did you get a response?

    VeraCrypt – I see that its list of supported systems includes Lion.

    Lion, no longer supported by Apple.

    NTFS.

    The combination of those four products, plus NTFS, may be quite rare in 2015. So it's possible that the combination has not benefited from widespread testing – with feedback to all three sets of third party developers.

    With that possibility in mind, you might think about borrowing a 4 TB drive (for transfers of data) and then, simply use FileVault in Lion (reliable but no longer supported by Apple) with HFS Plus, instead of the three third party products with NTFS.

    Last but not least: when you regain a writeable file system, take the opportunity to perform some weeding. 200 MB or less free on a 4 TB drive is not ideal.
     
  14. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #14
    My mistake. The OS is 10.8.5 Mountain Lion.

    I did get an initial response but their "fix" was not available. I'm still waiting.

    As far as your comment "Last but not least: when you regain a writeable file system, take the opportunity to perform some weeding. 200 MB or less free on a 4 TB drive is not ideal." - I dont see where the 4 TB disk or the 3.8 TB Truecrypt volume indicate they only have 200 MB remaining.

    Accordint to Disk Util, 4 TB drive has 779 GB available and the 3.2 TB Truecrypt volume has 387 GB available.
     
  15. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #15
    OK Graham - I'm back. With a new 4 TB USB Drive. So.....

    Here's again is my situation. Original drive has movies on it, some rated for adults only. Ss I need to be able to encrypt/password protect/ or something so kids can't access. I was using Truecrypt. It was fine. But having the original drive in NTSF, I have to use Tuxera software to write to it. Then POOF, no more write capability and Tuxera has not found the bug yet.

    So how should I format them (I see 4 Mac options in Disk Utility) and how should I "encrypt/protect" them?
     
  16. grahamperrin, Jun 25, 2015
    Last edited: Jun 25, 2015

    grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #16
    When you get a spare drive:
    1. format the drive, Mac OS Extended (Journaled) with a GUID Partition Table
    2. use the File menu of Disk Utility to create a new blank disk image
    3. in the image creation dialogue, choose an encryption method
    4. sparse bundle disk image may be the ideal image format
    5. store the image on the volume that was created at step (1).
    screenshot 2015-06-25 at 16.17.18.png

    There's also the more modern Core Storage approach to encryption, but in your situation privacy may be easier to achieve with a traditional disk image.

    Whichever approach you choose, double check that other users of the computer can not see the contents of the mounted volume. (I can't recall how things behave with Lion.) If contents are visible to other users, then return to your own user account and use Finder to set stricter permissions.
     
  17. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #17
    I'll try that in a bit. Am I making an image of the original truecrypt disc? And wouldnt the same read only permissions transfer over?
     
  18. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #18
    No; step 2 specifies a blank.

    Create the new blank disk image, then copy data from your original.
     
  19. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #19
    Graham - first thanks sooo much for helping. can I ask you to elaborate a bit for me plesse so I understand what we're (I'm) doing?

    2. Why do I need a disk image rather than just Copy/Paste files from old to knew? Does this allow a Truecrypt like setup? If so, how does that work? Only my user can see it? Or requires password or?
     
  20. grahamperrin, Jun 25, 2015
    Last edited: Jun 25, 2015

    grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #20
    The similarity to TrueCrypt is the encryption, step (3). During the image creation routine the operating system will prompt you for a password.

    Here's an end result of the routine in Mavericks, viewed by me:
    screenshot 2015-06-25 at 22.23.59.png

    Viewed by a different user (not me):
    not me.png

    Ignorance of ownership, shown at the foot of each screenshot, is normally a sign that permissions and access controls are ignored.

    In the second shot that sign is potentially misleading; truly, the user has no access √
     
  21. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #21
    OK.
    So - will I be able to write to this "image" anytime in the future?
     
  22. grahamperrin macrumors 601

    grahamperrin

    Joined:
    Jun 8, 2007
    #22
    Yep.

    The sparse bundle disk image format allows you to begin with a small .sparsebundle and the size will grow, as you add to the disk.
     
  23. hotkey thread starter macrumors member

    Joined:
    Feb 8, 2010
    #23
    OK thx! I'll roll up my sleeves and get to it this weekend and we
    ll see what happens!
     

Share This Page