Posts Tagged ‘encryption’

TrueCrypt 6.0a

July 21, 2008

I’m a bit late on this one, but TrueCrypt 6 was released earlier this month. This upgrade won’t be a major benefit to everyone, but it does have some interesting new features.

The first is the ability to create hidden encrypted operating systems when using whole-disk encryption. This works in a similar fashion to hidden encrypted disk containers. That is, you have a primary boot partition that is encrypted with one password, and a second virtual one that is contained within the primary, but encrypted with another password. The password you enter will determine which partition is loaded and, without knowing the password, it is impossible to know that there is a second hidden operating system. This is called plausible deniability and allows you to have a “decoy” or “safe” operating system to open if, for example, you were under duress. While most of us aren’t spies, this feature may still come in handy.

The other new features are more performance and reliability enhancements. TrueCrypt is now multi-core aware, so if you’re creating a lot of encrypted disks, the time to encrypt them will now be halved on a dual-core, quartered on a quad-core, etc. In the area of reliability, the team have added header redundancy so you have a greater chance of recovering a damaged container or partition.

For regular use, you probably won’t notice a lot of difference, but none-the-less, it’s another great release from the TrueCrypt team.

TrueCrypt 5.1a

March 17, 2008

The TrueCrypt team are working overtime adding improvements and bug fixes.

This time they’ve increased boot speed (for system encrypted drives) by ~10% and fixed some system incompatibility issues which could lead to the hibernation file being left unencrypted on particular setups. Good to see them dealing with these issues so quickly, yet another reason TrueCrypt’s such a great product.

TrueCrypt 5.1

March 14, 2008

A few days ago, the TrueCrypt guys released version 5.1 of their stunningly secure and free, data encryption utility. The release of TrueCrypt 5.0 added support for system partition encryption, ie. encrypting every byte on your OS partition, so you have to enter a password before Windows/OSX/Linux boots. 5.1 added hibernation support for this sort of encryption.

Whole disk encryption isn’t a do-or-die for everyone, so here’s my two cents on using TrueCrypt.

USB Sticks: They’re just asking to be lost. If they are, any old sideshow could read through your resume, work documents, love letters and whatever else you keep on it. TrueCrypt has a ‘Traveller Disk’ tool which lets you encrypt some or all of your USB stick. Making a small (mine’s 100MB) encrypted file (an encrypted file which you mount as a drive letter) container will give you enough space to lock up your important files, while leaving your videos and mp3s alone. TrueCrypt throws a portable version of the software on your USB so you always have it on hand.

External Hard Drives: From a security point of view, these are similar to USB Sticks. They’re small, light and easily stolen/lost. However, you’re likely to store a lot more data on them and the data’s likely to be more important. It’s best to encrypt the whole disk. A couple of caveats though. Unlike system partition encryption, you can’t just click “decrypt disk” to get rid of the encryption. You have to copy the data off the disk, reformat, then copy it back on. Another issue is that if you use your disk on other people’s systems, you’ll have to install TrueCrypt first. If either will cause problems, figure out what needs to be secured and create an encrypted file container.

Laptops: There are a lot of news articles about laptop theft. Because they are so tempting to thieves, it’s probably best to encrypt your whole disk. You could just create an encrypted file container or encrypt your data partition (if you have one), but it’s better to do the whole lot, just in case you have some financial papers or embarrassing photos stored somewhere you’ve forgotten about.

Desktops: The risk of these being lost/stolen is significantly less than laptops or USB sticks, but it still happens. Encrypting your whole disk doesn’t hurt. In fact, according to tests by Steve Gibson, it actually makes your drive run faster in some situations. That said, even though TrueCrypt is phenomenally reliable, encrypting your drive could make it more difficult to recover data from if there is a problem. It’s probably better to create an encrypted file container and mount that. If you have a separate HDD or partition for your data (which is recommended, less system files fragmention), you can encrypt the whole thing and have TrueCrypt auto-mount and prompt for a password when you boot up your OS.

Then again, if you don’t store anything private on your computer, don’t bother. But chances are you have at least a few files which are worth the small inconvenience of using TrueCrypt. I highly recommend giving it a try.