« How users switch between screens, or use more than one screen at the same time | Main | Snippets from 17 September to 29 October »

TrueCrypt compromised? [Was: Using TrueCrypt instead of EFS to encrypt data on a laptop]

Note - May/June 2014. This 28 May 2014 report in The Register indicates that TrueCrypt, certainly in its latest version 7.2, may have been compromised. Security company Sophos has more, as have Runa Sandvik in Forbes, James Lyne in Forbes, David Meyer in Gigaom, Cory Doctorow, Dan Goodin in Ars Technica#1Dan Goodin in Ars Technica#2, Bruce Schneier, and Steve Gibson (recommended). There are also:

  1. TCnextSwiss-based continuation of TrueCrypt;
  2. VeraCrypt, based on TrueCrypt version 7.1a, but with several of its vulnerabilities resolved.

[Last updated 24/10/2016]

*****************************************************************

28 October 2012

For the last several years I've used Microsoft XP's built-in EFS encryption system for the data directory on my Windows laptop, making it less likely that someone could access my data if I lost my laptop or if someone stole it.

A problem with EFS is that it works behind the scenes: unless you take special steps to save a couple of files that are needed for decryption purposes (away from the device that is encrypted), there is always the nasty and real possibility that you could lose access to all your data. [I know this from a friend who learned it the hard way.]

Last week, on the recommendation of someone I trust, I finally got round to stopping using EFS, switching instead to an almost Open Source product called TrueCrypt, which is available for Windows 7/Vista/XP, Mac OS X, and Linux. It took me less than five minutes get TrueCrypt installed and running, and less than an hour to use it to encrypt a new data directory and to move my data across.

TrueCrypt's user documentation is exemplary, and TrueCrypt works sufficiently "in the foreground" for you to know that it is there. You can also use it quickly and easily to encrypt removable media like USB sticks or drives. I have also had no trouble getting Carbonite (the remote back-up service that I use) to back the data up from the TrueCrypt encrypted drive. Unlike with EFS, the data once backed up is only encrypted by Carbonite's system, rather than retaining the local encryption as well. That means that when I restore a file from Carbonite it is unencrypted, unless I restore it to an encrypted drive. This was not the case with EFS encrypted files.

I should emphasise here that I am a self-taught amateur on matters such as this. Caveat reader, therefore.

Posted on 28/10/2012 in Nothing to do with online learning |

|

Comments

The comments to this entry are closed.