Well, veracrypt has a random seeding stage where you're required to shake the mouse around to create randomness. Problem is, that it only registers when the mouse is over the actual tiny veracrypt window. Problem with that is, it tells you that in some tiny bold text at the bottom. You can waste literally an hour wondering why the randomness meter goes up only sometimes. A better UI might fix that.
Afaik that kind of entropy generation is silly on modern machines. You should just call getrandom (or whatever the equivalent is for the modern OS it’s running on is) and be done with it. Hand rolled entropy like this isn’t necessary anymore - the OSes have very high quality CSPRNGs baked in natively and seeded directly from interrupts and other HW entropy sources.
It also doesn't hurt if you hash it into or xor with existing randomness, it will still be as strong as the best source of entropy you have even if it's all 0's being mixed in.
Good point. Is entropy built into the kernel, though? Last time I checked this I had to manually enable it as a system service, though this was a fair few years back.
You can even click on the window, hold the mouse button clicked and now all mouse movements, even outside the window, register and increase the randomness meter.
A small UI improvement is not worth switching from a far more tested and audited application. The UI might be worse, but I wouldn't play dice with applications with critical security requirements.
I think putting some efforts in the user experience is important. A better GUI may mean that more people will use encryption.
Bitlocker and FireVault are very easy to use compared to VeraCrypt or LUKS, and they are much more common. So many Linux installations don't have disk encryption…
Most definitely, especially in FOSS which has a dearth of good UX. But the point was more that this shouldn't be a form-over-function moment, do that with something else like a lounge purchase.
