TrueCrypt - Free Open Source Industrial Strength Encryption

Excellent article. Guide to follow.

A nice article. I've been using TrueCrypt for a while now, here's where I heard about it the first time, and I have to say it works very well. They now also include a feature called Encrypt System Partition/Drive... which encrypts your system drive/partition so it can't be booted without the passphrase. They even have (like hidden volumes) hidden systems, of which the existence (if all guidelines are followed) will be impossible to prove. For more information, refer to their website.

Thanks for the recommendation. I'll be looking further into TrueCrypt for my laptop at home, which is currently not secured. It's become our primary computer in the house, as well.

I'll have to add it to my desktop, as well, but I've also looking into a NAS solution for the house that I may try your suggestion about putting the device in a "locked storage". I would also encrypt that storage device, as well in case, but that is the direction I am heading now.

About your article, I see that it's very useful for those who'd like to encrypt their data. However, in the first solution "Whole Drive Encryption", I think it's not the best or recommended way of encryption because unauthorised people can also access the data encrypted by using a special software (I don't remember it now) by many ways.
For the second solution, I think it is more advanced but people can still access the data too, by using password finder softwares but much more difficult to do. However, these softwares can only work on common encrypter softwares (like WinRar or so), so to prevent thieves, I recommend using rare encryption formats (like kge, zip files v12.0, etc.). In these formats, we cannot mount it to a new drive, though it's more secure. But be careful to delete files in temp folders of hard drives (often in C:) because the software often leave it there undeleted & unencrypted when the PC suddenly loses power.
Thank you for the article. Here I just want to contribute to the tips. Best wishes.

It seems to me (without trying my guess out) that TrueCrypt could also be used to protect emails between users. Do you consider this possible (oh, yeah, and reasonably easy)?

You certainly can, but in all honestly tools like 7-Zip or AxCrypt are more suited to encrypting individual files for transmission this way.

28-Oct-2009

How would you compare TrueCrypt with Best Crypt?

Not very famliar with it, but from what I can see no reason to pay for it, over TrueCrypt which is free.

28-Oct-2009

trueCrypt -
FANTASTIC
I personally use Winmagic-SecureDoc (paid program) for full disk encryption, needs passphrase at bootup, have been doing this for many years, VERY secure (TrueCrypt did not have this feature when I started using WinMagic)

BUT, BOOT enryption is very secure; once machine is off, data cannot be extracted from the hard drive.

AND, you can encrypt the vaults on the hard drive, only mount themn when you need them

RE: EMAIL and secure stuff, YES, you could create a small truecrypt vault, include your data, email the truecrypt vault, and either phone your friend with the decryption key, OR evn send them the key in a different email from a different account (depending on sensitvity of info in that vault)

AND, you can create your own personal USB stick, with password programs, ec, on it; create a truecrypt vault on the usb stick, and copy over your programs.
THEN, in the root directory of the usb stick (unencrypted), copy over the TrueCrypt program folder itself.
then, when traveling, you have the trueCrypt program, AND you have an encrypted vault on your USB stick, with your data protected, and can use it when you need it

As I have many invention circuits and idea's to keep safe, I have been using True Crypt for years.
I use a pass phrase with no spaces and it's one that I cant forget but over 30 letters long.
With regards to being able to crack it - not possible without a cray computer and 2000 years to work with. I selected the 256 bit DES blowfish military encryption and NO, you can't find the pass phrase on the disk because it doesn't exist on the disk. Each letter is filtered through another algorithm in the program which changes each time you use it much like PGP where you have essentially 2 keys. So your pass letters are re-translated with another different code table which itself changes. Do you ever wonder why the military use it?. I personally know of one case in the local paper where Authorities tried to break it on someones computer and failed dismally [ Only had 30 days to do it by law ].
Since the container itself is invisible and direct access reveals random data on the disk [ junk] it's absolutly secure. Renaming the container to a common extension [ zip ] just like a valid file assures the attack to open it will start with zip crackers - a waste of more time trying to get into it.

If I use TrueCrypt to encrypt the boot/system drive, and move that drive to a new computer as a data drive (a common tactic to save everything from the old computer on a new computer), can I access everything on that drive OK if I know the passphrase?

TrueCrypt provides additional protection to your data so that when your storage device falls into the wrong hand, the data cannot be retrieve easily. But it does not mean that the data cannot be retrieve at all.

That is correct. Brute force attempts to crack properly setup encryption will take years (if not decades or centuries), but it's theoretically possible. The true weakest link is the passphrase you choose - choose something simple that anyone can guess, and all the encryption in the world won't help you.

20-Dec-2009

To post a comment on "TrueCrypt - Free Open Source Industrial Strength Encryption", please return to that article's main page.