2021 06 18                        BOX and COOLING

My computers need names, to reduce the confusion:

• STIRLING 2021 - Built last February, currently running a Ryzen 9 3950X CPU. Stirling is a lovely town in Scotland where my beloved and I stayed overnight on a 2nd honeymoon trip some years back. Three Stirling computers have been built so far, but only Stirling 2021 exists here now. One failed, and another is put to good use elsewhere.
• FORTE - The computer we're building now. The word origin is probably French, meaning "strong point." Usage and pronunciation may be influenced by Italian, as in music. Pronounced for-tay in my office, accent on "for," it is simply the name of my next computer.

So far we have decided on these components:

• CPU: AMD Ryzen 9 5950X CPU, 16 cores & 32 threads, $799.00 Amazon, two on order, one due very soon, one in July.
• Motherboard: ASUS ROG Crosshair VIII Dark Hero, PCIe 4.0 and more, $449.00 Amazon, ordered for delivery Wed, Jun 23.
• Windows 10 Professional, FPP, box pack, full version, USB. Not yet ordered. Some are available for $99, but that price seems low and I'm suspicious that it might be a knockoff. I want the real thing from Microsoft.

The AMD Ryzen 9 5950X CPU which is arriving soon could be used in either Stirling 2021 or the new Forte. We'll see. It depends a little on how soon the second one arrives. It's on order too.

be quiet BK022 Cooler
Image from Amazon web page

A "be quiet" brand BK022 Dark Rock Pro 250W TDP CPU cooler (air, not liquid) was ordered and has arrived. $89.90 from Amazon. It remains to be seen whether that will fit on the selected motherboard in the selected case above/beside the selected memory cards. It's a big honker, weighs 2.4 pounds, and will sit directly atop the 5950X CPU. 

It came with a second fan, not attached but attachable. I'm still a little confused about where the loose fan should mount. There's a space right in the middle of the cooler - the image shows a fan there. Should the loose fan go there? If so, why wasn't it mounted there at the factory? If there's room, should I add a third fan on the back, pulling air rather than pushing? Why not?

Phanteks Enthoo
Pro PH-ES614PTG_BK

The case will be the same as the one used in the Stirling 2021 computer, the Phanteks Enthoo Pro "PH-ES614PTG_BK" ATX Case with tempered glass side panel and integrated RGB (LED) lighting. Ordered from eBay (Newegg store), $109.99, shipped yesterday, should arrive in a week. Size HWD 21.1 x 9.4 x 21.7 inches. The glass side panel is one whole side of the case, so you get a spectacular view of the innards, taking full advantage of any RGB inside. And for other reasons as well, I really like this inexpensive but full-featured case. 

The case has three bays for optical (CD/DVD/BD) drives, and I'm still a believer in optical discs. Many of us still have a library of movies or games on CDs, DVDs, or BDs that can be played on the computer. You can still buy "My Cousin Vinnie" on DVD or BD from Amazon.

Full case with lots of RGB

Much more important, we write some of our backups on Blu-ray M-Discs because they are a genuine archival medium. An M-Disc in a bank vault will last longer than the bank. Even in our own fire-resistant safe they will probably last far longer than anyone now alive, and longer than we will have computers and drives capable of reading them, if they don't fall prey to some risk other than simple deterioration. See the previous post about risks (theft, fire, flood, etc.).

New laptops are too thin to have disc drives these days. USB flash drives are not archival. So it's just a good idea to have a highly competent computer around that can still read and write CDs, DVDs, and BDs. A good LG drive which will do all of that costs $74.99 at Amazon and hooks directly into a standard SATA port on the motherboard. I have two here in Stirling (and can write two backup BDs at once), but Forte can get along with just one. It's easy to add another. One drive is on order.

2021 06 16                                                      SECURITY 

OK So far the new computer will have: 

• CPU: AMD Ryzen 9 5950X CPU, 16 cores & 32 threads 
• Motherboard: ASUS ROG Crosshair VIII Dark Hero, PCIe 4.0 and more 
• Windows 10 Pro, full version, USB 

  

But first some words about security: BitLocker is Microsoft's full-disk encryption facility, and it works. The computer must be and will be BitLocker compatible. It turns out that BitLocker has almost no impact on performance, even gaming performance, so that's not a downside. I think that the the mobo (motherboard) should probably have a header for a TPM (Trusted Platform Module), and the "Dark Hero" does. I'm not certain about actually using a TPM though, because I think that the CPU or the firmware may also provide the necessary BitLocker functions. If so, the separate TPM module would not be necessary. In fact, last I looked, new ones with the right updates were kind of hard to find. On a previous computer I enabled BitLocker with a tiny USB flash drive and no TPM. Important point: Even if the mobo is compatible and everything is in place, BitLocker doesn't have to be enabled. 

 

If you're not a BitLocker (or Microsoft) fan, or you don't have the Professional version of Windows, an excellent alternative is VeraCrypt, an open-source and thoroughly-audited facility which has both a full-disk encryption mode and a file-encryption mode. In fact, the best security may be found with a combination, where BitLocker is used to encrypt the whole disk, and the most precious individual files are further encrypted with VeraCrypt. Examples: A lawyer's client files, an engineering company's proprietary designs, the computer owner's social security numbers, bank accounts, and website logon passwords. I do use both BitLocker and VeraCrypt, plus several more. 

 

Please do not use the same password for BitLocker and VeraCrypt, or for anything else. That would entirely defeat the additional security. That's what a password vault is for, and there are some very good free ones.

 

In addition to BitLocker and VeraCrypt, there are other very useful encryption facilities. For example, I use Macrium Reflect to back up entire disk drives, and those output files can be encrypted. I'm sure that some of the competitive backup facilities can do the same. There is also a free and widely-used zipping app called 7Zip which is better than the Windows zipper in several ways, especially because its zipped output files can be encrypted. Here is a partial list of a few handy encrypting apps:

• BitLocker (requires Windows 10 Pro) 
• VeraCrypt (replaces TrueCrypt) 
• 7Zip 
• Macrium Reflect (or competitors) 
• KeePass (password vault, or competitors) 
• EFS (Windows "encrypting file system") 
• Lots more ... 

Macrium Reflect

Please PLEASE do not lose your BitLocker keys! Or your VeraCrypt passwords or PIMs, or any other encryption keys. There is likely no recovery except for your backups, and only then if the backups are UNencrypted or you know THEIR keys. Losing the keys is the same as a disk crash. Obviously, it's not a clever plan to keep the only copy of your encryption keys WITHIN the encrypted files. Please please write the keys on paper, or in a file within an UNencrypted DVD or flash drive, and keep that in a safe place, like a bank safe deposit box or your best friend's top dresser drawer, several miles away. Note: If you have more than one disk, you will have more than one key. You must save all of them. 

No matter what you think, the keys are not safe in the residence (or office) where the computer is located. Period.

 

Here is an only-slightly tongue-in-cheek list of risks to keeping the keys in the residence: Theft, computer virus, ransomware, fire, flood, lightning, hurricane, tornado, sinkhole, earthquake, termites, C-drive failure, other drive failure, smoked motherboard, smoked CPU, BitLocker failure, other encryption failure, Covid-19, another pandemic, asteroid impact, ultra-Plinean volcanic eruption, lunar cataclysm, black hole consuming the earth, gamma-ray burst, nuclear explosions, coronal mass ejection, sun going nova, or bad luck. 

 

The point is: Some of these could actually happen, and some WILL happen to some people who don't have their keys. Please don't be one of those. My residence is not safe, and neither is yours.

 

There is no rule against keeping the keys in multiple places. It's a really good idea. 

Backup is even (far) more important than encryption, and we have said little about it here. There is much more to be said about security, but saved for another time. 

The next post will get back to building a computer.

2021 06 13

What computer shall I build this time? I'm a retired guy with an appreciation for excellence and (maybe) enough budget to do excellence. My computer experience started in 1962 with the University's Control Data 1604 using a magnetic tape operating system. Indeed, even though that computer cost a million dollars, disk was still a dream. My how times have changed.

I'm going to make (another) very hot, dual-purpose, world-class (if consumer-grade) Windows 10 desktop computer.

New Computer with RGB (LED) Fans
Photo by Don

Last February, 2021, I fired up a really nice new homebuilt desktop computer with an AMD Ryzen 9 3950X CPU, the gamey little brother of the Ryzen 9 5950X CPU, which is is arguably the hottest silicon on today's market. Both CPUs sport 16 cores and 32 threads with speeds that make them appropriate for BOTH gaming and content creation. At the time, I bought the 3950X instead of the 5950X to avoid scalper's prices and sellers with odious reputations. That computer is working very well, thank you, but perhaps I'll upgrade to the 5950X soon anyway. The ASUS mobo and everything else will support the big brother.

Now I want to build another new computer just because it's fun to build hot computers. I don't really have any use for it yet - perhaps I'll sell it, or use it and sell the first one. Cost is an issue, but performance is a bigger one. Here are some features that are already pretty much decided:

Photo by Don

Processor: AMD Ryzen 9 5950X. I'll get one somewhere, maybe two. Prices are coming down and the sellers are looking more reliable. In fact, BREAKING NEWS, last week (June 5, 2021) Amazon was selling these from their own warehouse to prime members, with 3-week delivery, at the AMD list price of $799. Today they aren't, though. Sigh. Guess I should have snagged one when I could have. Yep. 

More BREAKING NEWS - I just ordered one from Amazon Prime with delivery in July. $799.00 Sold by Amazon, shipped by Amazon. And just now I hear that delivery will be in June after all. I like Amazon.

ASUS ROG Crosshair VIII Dark Hero,
 Image borrowed from Amazon

Motherboard: ASUS ROG, X570, exact model to be determined. TUF? STRIX? Crosshair? What kind of a name is "Crosshair" anyway? (oh, it's a rifle sight). Or "Strix" for that matter (a mythical bird of ill omen). I choose ASUS only because I have some experience with ASUS. Most of that experience is good, though not all. Is there a better mobo? Comments invited. Maybe this isn't so very decided after all. Having done some searching, I'd probably choose the same board that I bought before, the ASUS ROG Crosshair VIII Hero, though I was advised online not to waste my money on "that brick." 

Looking further, however, I'm now attracted to the newer ASUS ROG Crosshair VIII "Dark Hero" mobo. It's more expensive yet, but has every feature of the plain ordinary brick plus Wi-Fi, and seems somehow simpler and more straightforward. In particular, it doesn't seem to need its own fan to cool the X570 chips. It's just cool all by itself. $433.89. BLT (ShopBit.com).

More coming soon ...

Which Flash Drives Are Best for Backup?

The most appropriate form of backup depends on the type of threat to the files. For example, a permanently-connected hard disk backup drive will protect against failure of the primary disk drive, but not necessarily against fire, flood, theft, viral infection, ransomware, you get the idea.

Online backup protects against most of those but it can be painfully slow and, in my own experience, may fail when recovery is required.

I do create monthly backups on archive-quality Blu-ray M-Discs, and keep those in safe places, but would like something more frequent and current.

How about a nightly flash-drive backup that I can carry with me if I like? Below are tests of some drives. All prices are Amazon Prime:

Corsair Voyager Vega (CMFVV3-128GB) USB 3.0 128GB Ultra Compact Low Profile Flash drive $53.99

Of the drives that I tested this is easily the best, though also the most expensive. I like the very small size, making it perfect for a complete backup that can be carried inconspicuously in a pocket, a wallet or purse, briefcase, shoe, wherever. A bright little blue activity light flashes during data transfer. The drive seems to get a little warm during transfer, but not hot.

Using a USB 3.0 port, the flash drive writes data at about 432 megabits per second (Mbps), which is about 9% of the 5,000 Mbps USB 3.0 standard.  My recent backups are 25 zipped files running about 77 GiB (82.6 GB) total, and the transfer is completed in about 25 minutes.

Using a USB 2.0 port with the same drive, the write speed is about 205 Mbps and the whole task takes about 54 minutes, more than twice as long as when writing from a USB 3.0 port. Maximum theoretical data transfer speed for USB 2.0 is 480 Mbps, so the flash drive is actually writing at 43% of theoretical. Not bad, but I'll stick with USB 3.0.

Lexar JumpDrive S75 (LJDS75-128ABNL) USB 3.0 128GB $33.29

Second in price, second in performance.  This flash drive has the same 128GB nominal capacity as the Corsair, but is physically much larger (see image), the largest I'm testing, and far from wallet size. Using USB 3.0 it writes at about 293 Mbps and finishes the 77 GiB job in about 37 minutes. It doesn't seem to get warm. It does have an activity light. If size is not an issue, it's a less-expensive alternative to the Corsair and about 2/3 as fast.

Patriot Tab Series Micro-Sized (PSF64GTAB3USB) USB 3.0 Flash Drive, $17.99 for 64GB, no 128GB version currently available.

Though it hardly seems possible, this drive is even smaller than the Corsair. It doesn't get hot. It has no activity light. The 64GB version can't take my entire backup, but a transfer of about 40GB yielded a write speed of about 169 Mbps, or 21 MB/s.

Sandisk Ultra Flair USB 3.0 32GB (SDCZ73-032G-G46) Flash Drive High Performance, $29.99 for 128GB.

This drive is a big disappointment. I previously held Sandisk in high esteem, based on prior experience, but this drive is WAY over-hyped. A lot of ballyhoo about high-speed USB 3.0 performance (even in the name), but it heats up and actual performance falls off dramatically after a minute or two. A 24 GiB transfer achieved a rate of about 166 Mbps, finishing in a little over 20 minutes. Lots of marketing, not so much product. It might be OK for some applications, but not for this backup. By comparison, the Corsair finished the same 24 GiB task in less than 8 minutes.

It gets hot to the touch when writing, and warm even when idle. No activity light. Note: Testing was done on 32GB models, not the 128GB model. I believed the hype and bought several, but they perform badly and I won't be buying anything more from Sandisk. Ever.

Testing platform:

The computer used for these tests is a two-year-old ASUS H170-Pro motherboard with an Intel i7 6700 3.4 GHz Quad-core CPU and H170 chipset running Windows 10. Five USB 3.0 ports and two USB 2.0 ports are available at the front of the system. The C: drive is an SSD, but only 4GB of the backup data comes from C:, the rest coming from Seagate SSHD hard drives on SATA 6.0 Gb/s ports.

More about the backup:

All of the tested flash drives are bootable on this system (and several other systems). In particular, they are intended to be used as Macrium Reflect Rescue media, with backup files then written and rewritten to them as desired.

All are USB 3.0. In my opinion, USB 3.1 is an unnecessary enhancement in a backup application unless the destination drive is actually able to write at speeds of at least 1 or 2 Gb/s, and no flash drives are that fast yet. Be wary of the 3.1 hype.

Read speed was not measured on any of the drives. They are backups, and if all goes well I will never have to read from them except very occasionally to verify that they are written correctly.

Prices are what I actually paid, and may change at any moment, most likely down.  This technology is moving fast, and no doubt new devices will soon make these obsolete.

CyberPower CP1500AVRLCD UPS Review

Love the Hardware.  After four days (!), the UPS works exactly as hoped, or even better.

The software, not so much.

Hardware:

We have one nice, new home-built desktop computer and several laptops, all on a network.  The UPS serves three purposes, in order of importance:

• Avoid harm from bouncing, flickering, up/down/up power failures like those we experienced several times last Monday.  Those erratic fluctuations put sensitive computers, disk drives, and disk data at serious risk.  I've had an older computer fail because of a simple down/up power outage.  Was it the power supply, the mother board, CPU chip, what?  Spare me!  Last Monday's repeated power failures resulted in an effort by Windows 10 to "repair" the SSD on this new desktop during one of the several reboots.  Was the repair successful?  I may never know, but was inspired to buy a UPS.
• Keep the network running, including the internet (DSL modem).  The laptops mostly laugh at power problems anyway, being battery-powered already, so all they need is the Wi-Fi network to continue unaffected for a while.
• Allow work on the desktop to continue undisturbed through short power outages.  That's why I bought a 900-watt UPS for a 110-watt load.  For any given load, a higher-rated UPS is likely to have bigger batteries, which will last longer when the power goes off.

Connected to the UPS are: (1) Computer; (2) Monitor; (3) DSL modem/router and WAP; (4) Network switch; (5) 3TB network drive; and (5) Speakers. According to the UPS display this array pulls 117 watts when the computer isn't very busy.  The sealed lead acid batteries in the CyberPower CP1500AVRLCD are rated at 9 ampere hours and 24 volts, for a nominal 216 watt-hours.  Thus my computer and the rest of the load might theoretically run for a maximum of 216/117 = 1.8 hours, or 108 minutes.

In practice the computer can pull much more, going up to 220 watts when the CPU gets really busy.  Moreover, there are inefficiencies in the UPS, and of course the UPS won't allow the battery to run all the way down, so I'd be content to get half of the 108 minutes.  Almost an hour, that's enough.  We live in a suburban city, and rarely experience outages longer than an hour anyway.  Indeed, when I unplugged the UPS from the wall, everything ran normally for 68 minutes, more than expected, even though I was actively using the computer throughout that time.

So the UPS works surprisingly well and I'm happy with the hardware.

Software:

The software is called Power Panel Personal Edition:

Nothing comes with the unit - no DVD or thumb drive in the box.  You have to find the software on the CyberPower web site, then download it.  Here is the link for the  CP1500AVRLCD Model.  Click on the Downloads tab.  The unit does come with a USB cable, providing the data connection between the computer and the UPS.  And see update below - that cable may be all that you need.

The Power Panel Personal Edition looks nice, with displays of power source, battery capacity, and estimated run time.  However, going into the Configure options and exploring a bit more, it turns out that the software INSISTS on automatically shutting down the computer AND the power to all device at some point.  Yes, the software will turn the UPS completely off!  You can choose whether this is a few minutes after the AC utility power failure, or a few minutes before the batteries will fail altogether, but those are the only two choices and it's going to happen.  When it does, everything goes down, including the network, in my case.

This is exactly the opposite of what I want in a UPS.  Power should stay UP as long as possible.  The software offers a brief (10 second?) popup window allowing the shutdown to be aborted, but you'd better not miss it!  I especially want this to work when I am not around.

When we have an AC utility power failure here, we really don't know when it will be back.  How about an option to shut down the computer, but not the UPS, when half of the power is gone?  Or a third, or two thirds?  This would allow the network to keep running, and for much longer than it would run with the computer and monitor drawing power.

Further, there is risk of data loss.  Much of the time I have applications open (e.g. VeraCrypt volumes, the Mail app) that shouldn't be open when the computer shuts down - they should be closed first, or data integrity is imperiled.  What is really needed is a way for the computer to interact with the UPS - to know whether power is coming from the line or from the battery, for example.  Perhaps a command-line script that could be launched when the UPS switches to battery power.  Power Panel Personal Edition provides no such hooks.

There is another version of the software, Power Panel Business Edition, which appears to be free, and which may have more functionality.  Perhaps someday I'll look into that.  In the meantime I will uninstall Power Panel Personal Edition.  The UPS itself has a very nice front panel which tells me what I need to know.

I've also developed a command-line script that detects whether the scanner and laser printer are both off line, indicating that AC utility power has been lost.  If so, the script waits for a programmable number of minutes (now 15) and then offers the user (me) an optional graceful shutdown.  It shuts down the computer (but not the UPS) if the answer is Yes or if the prompt times out after 5 more minutes.

Update 2016 February 27:

Since installation and uninstallation of CyberPower's Power Panel Personal Edition software, the standard Windows laptop battery-level indicator icon appears in the taskbar of the desktop computer if the USB cable is connected from UPS to computer.  Further, when the AC utility power fails and the UPS switches to battery, the computer recognizes that, displays the "percent full" battery status, and employs the special power options for turning off the monitor and/or shutting down when on battery, just as if the computer were a laptop.

I don't know if the battery-level icon showed up before the Power Panel software was installed - I didn't notice it.  It probably showed up as soon as the USB cable was connected and the CyberPower driver downloaded.  In any case the normal Windows power options, now present with the Power Panel software gone, are preferable to those offered by the Power Panel software.

My system still wants advance warning of a pending shutdown though, so that the shutdown can be done gracefully.  Therefore the command-line script mentioned above is still in place.  I've tested the software by unplugging the UPS, so now I'm almost (not quite) hoping for a real power failure.

Perhaps I'll Build Another Computer

Oops - the power went out and my old computer, the nine-year-old one that started this blog, didn't come back up again.  Power supply voltages looked good, but a new mobo didn't fix it, so I'll build a new computer and maybe fix the old one later.  It could serve as a server.

Requirements:

• The old computer seemed fast enough, but the new one should be very modern and thus much faster.
• Quiet.  I was very fussy about this when building the old one, and this one too.
• Cool running - no worrying about CPU or anything else overheating.
• Mobo capacity for at least two BD/DVD/CD drives and four hard drives.
• Must fit under my desk drawer.

  

  Left side view

In other words, a sprightly, silent, cool computer.  I don't play games on it - no overclocking or overvoltage required, just reliability.

Nine years ago I chose the box, motherboard, memory, and everything else, assembling it all myself.   This time I took advantage of a company that builds "bare bones" computers from their stock, then ships the mostly-assembled box.  I visited three of these on the web: 

• Magic Micro, 
• OutletPC, and 
• PortaTech , 

The OutletPC systems did not meet my needs.  Hoping for the quickest delivery, I configured a system from PortaTech, as follows:

• Thermaltake Showcase mid-tower case.
• Intel Core i7 6700 Processor 3.4 GHz, four cores, eight threads, 3400 GHz.
• 16 GB memory, DDR4, 2133 MHz.
• Asus H170 Pro motherboard, 6 SATA ports, one additional M.2 PCI Express (PCIe) disk port, lots more. I'm not yet sure if this means it will support 6 disks or 7.
• Quiet Cooling Package.
• 700W power supply.
• 14x Blu-Ray writer (BD/DVD/CD).  The 16x was not available on the web site.
• No disks.  I have plenty, from the old system.
• No Graphics card (yet) - the CPU includes graphics.

The new bare bones box arrived promptly. At a modest extra cost, they built and shipped it by second-day express the day after they received the order.  Since my main machine was down, that was very cool.

My first surprise was the Thermaltake X31 Showcase case itself.  It is two inches larger in all of the three dimensions than the old Antec box holding my first computer.  Happily, I do have space for it.  It was slightly over-advertised on the PortaTech website, though (now fixed), and it came with only three of the six disk trays. The left-side rack has capacity for three disks, and oddly, there is space on the right side of the bulkhead for three more, but it is nevertheless supplied with only three trays.  

As the case arrived, more or less

Since the right side has no air circulation, and I had no more trays anyway, I asked the PortaTech people for a solution, and they responded by supplying another 3-disk rack, with trays, for the left side.  These racks are stackable (nice!) and there are now six hard disks mounted there, all of which can be connected to the mobo at the same time if the BD drives are not connected.

Both side panels of the X31 are removable, and in fact it is quite necessary to remove the right-side panel to do anything at all with hard disks.  It does come with mounting brackets for two 2.5-inch (laptop) disks, but I don't have plans for those just yet.  In my experience with many computers I have never had a 3.5-inch drive fail (though they ALL will eventually), but most of my laptop drives have failed, and we do not abuse our laptops. Maybe I could use these brackets for SSD drives someday? I suppose that's what they are for, but I have another idea for an SSD drive.

I should have done a little more research on the case before specifying it in the order, but it's very sturdy, well designed otherwise, and I'm warming up to it.  In particular, the buttons, lights, and USB ports are on the top in the very front, front, rather than the front panel, and if the case sticks out from user the disk by an inch I can see them easily.  Especially nice to see the disk activity light sometimes.

Next - Other additions to the hardware.

VeraCrypt Review

It works!  I recently switched to VeraCrypt from TrueCrypt, because TrueCrypt is now unsupported and rumor has it that technology was making TrueCrypt less and less secure.  I do not use Partition/Device encryption or System encryption, only Volume Encryption, meaning that specially-created "container" files in the normal unencrypted Windows environment are mounted as encrypted volumes exactly as if they were separate, encrypted disk drives.  I keep my personal and business files there, and I do it this way because it is simple, because backup of those container files is trivially easy, and because there is zero risk of a complete failure.

If you want to know more about Partition/Device encryption or System encryption, the information in this post may not help you.

A year ago I wrote about TrueCrypt Forks. I didn't like VeraCrypt then because it took a very long time, a minute or more, to open a container after entering the correct password.  This was by design - the VeraCrypt developer, Idrassi, by default uses hundreds of thousands of iterations in the key derivation function, contending that it helps protect against brute-force attacks, where a computer is automatically trying billions of password guesses.  He is right - this method of attack is becoming faster and more effective as computer power increases and multiple processors can be brought to bear.  However, I open and close encrypted volumes frequently and the defaults pushed my patience too far.

Happily, the current version of VeraCrypt, Release 1.17, offers a compromise:  If the password is 20 characters or more, VeraCrypt allows the user to bypass the defaults and choose a lower number of iterations by specifying a Personal Iteration Multiplier (PIM).  The minimum multiplier of 1 will still result in an iteration count 8 to 16 times greater than that used in TrueCrypt, with a very short delay, whereas multipliers in the range of 10 to 100 will increase security but will cause somewhat greater delays.  Those delays might still be acceptable, depending on the speed of the processor. I experimented with several different PIM values.

The PIM is a secret value, chosen when the container file is created, and it must be entered correctly as a separate parameter when the password is entered to mount an encrypted volume.  Therefore, though the PIM may be used to reduce the iteration count and make a brute force attack easier, it also effectively increases the password strength, making the attack more difficult again.

I use passwords of 20 characters or more anyway, so the PIM is a perfect compromise.  During the process of creating new volumes I did have to wait through some long delays, but now that the volumes are created and in place, the delays are quite acceptable.  PIM works.

Also interesting, VeraCrypt can actively coexist with TrueCrypt on the same system, running at the same time.  I created new VeraCrypt containers and copied the encrypted contents of the old mounted TrueCrypt volumes directly into the mounted VeraCrypt volumes with no problems.  During that process, none of the encrypted files were ever decrypted on disk.  That's cool - no disk wiping required.  Actually, VeraCrypt can mount most TrueCrypt volumes (though not my oldest ones), so the applications might not have to coexist, but it was slick.

I rarely use the TrueCrypt or VeraCrypt console, instead using command-line scripts (cmd.exe processor) to automatically mount and dismount volumes, create backups of volumes, copy volumes to the cloud and to other computers, and more.  Every script that worked with TrueCrypt still works with VeraCrypt, after just changing the run path.  It just works, no errors, no problems.

For a thorough, functional test I uploaded a 3 GB encrypted container full of files to the cloud, using both iDrive and CloudBerry, then downloaded that same file back to the desktop.  Using Microsoft's comp program, the files compared exactly with the original in each case.  Also, in each case, the downloaded encrypted container opened without issue, the true proof that the file was not corrupted.

I use VeraCrypt on two computers, a desktop and a laptop,  The desktop runs a clean install of Windows 10 (it once ran Vista), and the laptop runs Windows 10 upgraded from Windows 7.  Both have plenty of RAM and disk, with dual processors in the 2 - 3 GHz range.

My congratulations to Mounir Idrassi, the force behind VeraCrypt.  I'll be making a PayPal donation to the cause.

By the way:  I also downloaded CipherShed, intending to compare it with VeraCrypt.  However, the CipherShed installer informed me that I would have to uninstall TrueCrypt first.  Since I want to keep TrueCrypt around, I did not install CipherShed.