Posted: 4/7/2017 7:38:20 AM EDT
|
Rather, most cost-effective disk encryption software?
I would go with Truecrypt but it has been broken and no longer available so I heard. Not using Windows native bitlocker. My first choice would be Symantec Drive Encryption (powered by PGP Technology) --- and I've used PGP for decades but it is expensive at almost $200. Something under $80 ideally. |
|
Quoted:
ROT-13. Run it twice for double the security 
I'm partial to Veracrypt...although I've still got some Truecrypt 7.1 containers laying around, too... |
|
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor. Quoted:
Quoted:
ROT-13. Run it twice for double the security
I'm partial to Veracrypt...although I've still got some Truecrypt 7.1 containers laying around, too... https://opencryptoaudit.org/reports/TrueCrypt_Phase_II_NCC_OCAP_final.pdf I personally consider it "good enough" along with Veracrypt and the larger commercial / enterprise FDE suites. |
|
Quoted:
My understanding is, correct me if I am wrong, that Truecrypt has been cracked, not backdoored. Quoted:
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor. |
|
Quoted:
Nope. The audit found some minor security flaws but they've been updated in the latest version of Veracrypt. Quoted:
Quoted:
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor.
I have not played with Veracrypt ill have to check it out. What i really want is an encryption package that can self unlock without installing the app on every computer it touches. |
|
Quoted:
I'm probably reading too many conspiracy websites.
I have not played with Veracrypt ill have to check it out. What i really want is an encryption package that can self unlock without installing the app on every computer it touches. Quoted:
Quoted:
Quoted:
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor.
I have not played with Veracrypt ill have to check it out. What i really want is an encryption package that can self unlock without installing the app on every computer it touches. For what you're talking about using either an encrypted .zip container or using an encrypted USB drive (with the encryption software built-in) is probably your best bet. At some point you reach the "good enough" threshold - if you're worried about someone with nation-state resources you're pretty much fucked. If I'm an intelligence agency I'm not going to waste time trying to break your encryption - I'm simply going to hack your system remotely and either grab what I need directly or install a keylogger and grab some password(s) as you enter them. Or hit you with that metal pipe (posted above) until you give me your passwords
Hope that helps! |
|
Quoted:
I suppose it doesn't really matter because the site is down and it's no longer available. Or you have to find an out of date version and use it. Quoted:
Quoted:
Nope. The audit found some minor security flaws but they've been updated in the latest version of Veracrypt. |
|
Quoted:
Pray tell, what is the TPM chip? Quoted:
Quoted:
That's what I use. It's more than sufficient to counter the threats I'm worried about. Hardware-based encryption system built into most Windows laptops now. ETA: In very general terms: The TPM stores an encryption key that is used to encrypt/decrypt the contents of the hard drive on the fly... |
|
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor. Quoted:
Quoted:
ROT-13. Run it twice for double the security
I'm partial to Veracrypt...although I've still got some Truecrypt 7.1 containers laying around, too... It's been audited, no significant issues were found. By now, I think if it were backdoored it would have been disclosed by someone. |
|
Quoted:
My understanding is, correct me if I am wrong, that Truecrypt has been cracked, not backdoored. Quoted:
Quoted:
This version can still be found floating around on the internet. iirc its the last version not to include the .gov backdoor. |
|
I'm still using an old version of TrueCrypt as it has not been broken. There are weaknesses that can be exploited - like having the container open when the Windows PC goes into hybernation and then someone gains physical assess to your machine (AKA fail). They then deploy serious hours of time on a supercomputer and crack in. Seeing as how I have nothing of interest to the NSA I haven't a worry about my containers being cracked open as the NSA likely already has access to my account numbers, software product codes, and internet passwords.
YMMV If "they" want there's damn close to a 100% that "they'll" get in one way or another no matter what program you use. Many times you don't have the discipline to maintain the key safely. You'll pick a poor key or if you pick a good one you'll write it down. Then there's always being put in jail and compelled to provide the key 5th Amendment go to hell. And finally there's a little known tactic involving a $6 lock in a sock where you beat the holder of the key until they give up their pass phrase. Anyone asking about crypto here only needs something like Windows bitlocker as your wife doesn't have the ability to get time on the supercomputer to crack into your tentacle porn stashes. She's also more likely to take the lock-in-a-sock to you for other reasons. |
|
Quoted:
Trusted Platform Module. Bitlocker is better than you think and is what I would suggest if your Windows OS supports it. Quoted:
Quoted:
Pray tell, what is the TPM chip? Bitlocker is better than you think and is what I would suggest if your Windows OS supports it. |
|
Quoted:Not that's known about. There's really not any reason to think it was cracked. A lot of speculation about why the team shut it down, but nothing really indicates it was cracked or backdoored, and the audit didn't turn up anything significant. The phase one of the code review was conducted and completed before the project was shut down. |
|
Quoted:
I'm still using an old version of TrueCrypt as it has not been broken. There are weaknesses that can be exploited - like having the container open when the Windows PC goes into hybernation and then someone gains physical assess to your machine (AKA fail). They then deploy serious hours of time on a supercomputer and crack in. Seeing as how I have nothing of interest to the NSA I haven't a worry about my containers being cracked open. YMMV If "they" want there's damn close to a 100% that "they'll" get in one way or another no matter what program you use. Many times you don't have the discipline to maintain the key safely. You'll pick a poor key or if you pick a good one you'll write it down. Then there's always being put in jail and compelled to provide the key 5th Amendment go to hell. And finally there's a little known tactic involving a $6 lock in a sock where you beat the holder of the key until they give up their pass phrase. Anyone asking about crypto here only needs something like Windows bitlocker as your wife doesn't have the ability to get time on the supercomputer to crack into your tentacle porn stashes. She's also more likely to take the lock-in-a-sock to you for other reasons. |
|
Quoted:
Not sure if Veracrypt supports that...currently I'm running it on a (Bootcamp-ed) Macbook Pro using it to encrypt a partition that's shared between the Windows OS partition and the OSX partition. For what you're talking about using either an encrypted .zip container or using an encrypted USB drive (with the encryption software built-in) is probably your best bet. At some point you reach the "good enough" threshold - if you're worried about someone with nation-state resources you're pretty much fucked. If I'm an intelligence agency I'm not going to waste time trying to break your encryption - I'm simply going to hack your system remotely and either grab what I need directly or install a keylogger and grab some password(s) as you enter them. Or hit you with that metal pipe (posted above) until you give me your passwords
Hope that helps! |
|
Depends who you are intent on keeping it from.
We've seen how our government can bully tech companies into doing basically whatever they want them to, and force them to keep it a secret. Commercial products are fine, if you want to keep other commercial entities out. If you are protecting yourself against an invasive government: If it's not open source, it's not trustworthy. |
|
Quoted:
Depends who you are intent on keeping it from. We've seen how our government can bully tech companies into doing basically whatever they want them to, and force them to keep it a secret. Commercial products are fine, if you want to keep other commercial entities out. If you are protecting yourself against an invasive government: If it's not open source, it's not trustworthy. |
|
Quoted:
Just use bitlocker. If the government wants your stuff and can't back-door in they'll just beat it out of you. - Your kids - Your wife - Criminals - Local law enforcement - Federal law enforcement unless you are the most heinous of bad guys Bitlocker won't protect you from: - Judges that will throw you in jail for contempt - Three letter organizations that aren't going to burn methods for your porn stash - Science fiction |