Topic: Encryption programs?

[Frelance]

Hello,


So, I am looking into encrypting all my data and have been looking for the best program to use. So far Truecrypt seems to be the best option so far for free software but I wanted to see if anyone on E would have some suggestions.

If there is already  thread dedicated to this please let me know and I will just go there.

[sara223]

what Operating system are you using?
what kind of data do you want to encrypt?
what kind of encryption are you looking for?

true crypt is a great free software but it is more easy broken since it is so popular. it also has a learning curve since you have alot of options and need to know what your doing with it to get proper encryption.

If you just want to Protect some data, putting a password on a .rar. they used to be easy to break but it's becoming harder and harder to do that now adays.

[Frelance]

what Operating system are you using?
what kind of data do you want to encrypt?
what kind of encryption are you looking for?

I am using windows 7 64-bit and will be setting up a dual boot with a Linux distro.

I am looking the encrypt all data including the OS if possible.

Whole Disk, network traffic and email messages are what I want to encrypt.

Ya I noticed the learning curve when I was looking at Truecrypt. I also saw a few posts about it being cracked.

[Psi]

If you want to use it cross platform you need to look at a commercial package, or open source that supports all platforms which rules out Bitlocker (Win), FileVault (OSX)

True Crypt does cross platform but I would look at vaults first, before you move onto Whole Disk Encryption.

[sara223]

windows 7 pro has it's own encryption system, EFS, not quite sure how good it is, but it's a whole system encryption.  if you want cross platform or disk encryption as a whole, your not going to find much free. your going to have another trade off; speed/ with a full encryption system it's going to be much slower then a non encryption systems.

the reason for this is that you have to decrypt everything you access to use it then re-encrypted it when your done. this is a very intensive process so you speed will suffer.

whats the main reason you want to do this kind of encryption. knowing your reason should help us narrow down what kind of encryption you need and how much you could be spending on it.

[Psi]

What is the hardware you are running this on?  I have been using a mix of Disk Images & WDE for several years.

First PGP with Windows XP (WDE on 7400 RPM), and then after I got a mac both Filevault (not WDE on 7400 RPM) and FileVault 2 (WDE on 740 RPM and SSD)

My hardware is capable enough that I virtualise rather than dual boot.   10.7-9 with VMWare fusion running XP/Vista (ugh) / Win 7 and now Win 8.1 and even at one stage Ubuntu over the years.

Doing it this way means I can flick between multiple systems without a reboot, they use saved states and I can rely on a single platforms built in WDE to reduce the complexity.

however, whichever path you choose, you need to decide why your encrypting, and make sure you have backups.

If your drive fails, your not going to be able to recover data easily, like you can with non-encrypted data.

The devices I encrypt, are the ones that are portable.  I am not worried about the safety of the desktop I have, but the laptops I carry around to work, that have confidential data etc I do encrypt.

I have a mix of backup routines, every OS upgrade I do full clone of my HD, excluding the virtual machines and data stored elsewhere on my NAS.  I have two encrypted time machine backups, one on a 2.5" HDR and one on a time capsule.   I also use crash plan to backup pure data directories.   I backup media such as music/videos etc manually.

Photos are captured in my time machine backups, and if have an aperture vault, as well as exported projects and an export of any adjusted photos in JPG that are accessible via the NAS.

email encryption is just the default provided by the host, but I don't setup any non SSL if I have any choice.  I have demod how easy it is to access this to people before.  if I need to do net banking on external networks, I establish a VPN home and use that to connect from a trusted network.

[stormwyrm]

true crypt is a great free software but it is more easy broken since it is so popular.

Nonsense. It is probably harder to break than any other similar system. There is an ongoing effort to fully audit it, meaning people who actually know a thing or two about cryptography are having a look at it for vulnerabilities. I'd trust it more than a proprietary package, where you have only the word of the people who made the package that they haven't put in a back door that will allow the NSA to read all of your stuff. A back door that will allow key recovery is a lot harder to hide in an open source package than it is in proprietary software.

I will never trust any crypto that isn't open source with anything I really want to keep private. If the source code of a cryptographic system is not open to outside scrutiny, how can you be certain that the system isn't doing something sinister behind your back? At least if you have the source code, you can try to have a look at it yourself, or pay someone you trust to examine it for you. And chances are someone already has.

I am using windows 7 64-bit and will be setting up a dual boot with a Linux distro.

I am looking the encrypt all data including the OS if possible.

Whole Disk, network traffic and email messages are what I want to encrypt.

Ya I noticed the learning curve when I was looking at Truecrypt. I also saw a few posts about it being cracked.

Whole disk is easy enough to do with TrueCrypt. You can mount TrueCrypt volumes on both Linux and Windows. Network traffic encryption depends on where you go. If a site supports HTTPS then you're good to go. I believe there was a discussion on how to use HTTPS with E before, but apparently Vekseid hasn't made it the default yet. For email, well, everyone you talk to has to be doing PGP or something like that as well, and most email apps have plugins that allow you to use PGP or GNU Privacy Guard to do things like this. Encryption if done properly is always end to end.

I suppose you want your network traffic anonymised as well as encrypted. I would suggest use of a Linux distribution like Tails or Qubes that give strong privacy guarantees for network traffic. It's probably the safest way to use Tor.