Episode #1: Crypting a full Windows computer with TrueCrypt
Time and time again we hear stories of laptops with sensitive data being stolen or people going to other people’s computers without permission. Fortunately there is a simpel solution to prevent data from leaking out like this. TrueCrypt, an open source package, offers the option of encrypting an entire Windows-computer. It does take sometime to set it up, but it isn’t all that hard. In this episode I show you how to do this with just a few clicks of the mouse and a couple of reboots. It’s so simpel that you should ask yourself, why you haven’t done this yet. Well: Go for it!
Episode #1: Crypting a full Windows computer with TrueCrypt [7:52m]: Play Now | Play in Popup | DownloadTags: Encryption, Harddisk Encryption, Security, TrueCrypt, Windows
May 1st, 2008 at 4:01 pm
Truecrypt provides excellent whole disk, partial disk, and “virtual partition/volume” encryption, no doubt about it. However, there’s a catch. Your data is really only as safe as the physical environment you keep it in.
see:
http://www.nytimes.com/2008/02/22/technology/22chip.html
for one of many ways your computer can be compromised.
Basically, almost nothing can stop a determined and resourceful attacker with physical access to your computer.
That said keeping your truecrypt volumes in an unmounted state may be a good safety precaution. another would be to use whole drive encryption and then using truecrypt volumes within that, which you keep unmounted.
Also, choose strong passwords. strong passwords that you can remember. but never store your password on your computer unencrypted, because your hard drive can be downloaded to someone elses hard drive and ALL strings in the drive can be added to a password cracking dictionary.
A trick i use is to take a password i have been using for a while, and then mutate it on paper, while keeping the way i pronounce it in my had. Say i used chose the word “macbookair” (I didnt, and you shouldnt because its now public, but this was a good password for a base because it takes three dictionary words and puts them togather for my password). Then what i might do is capitalize certain letters and change the o to 0: MacB00kAir, now i add some more shifts and it looks like MacB))kAir or maybe i move some things around and its now nACb))K02 (02 for air). This might seem diffucult, but once you have a strong password like this, there’s no need to change it often (some may disagree) and once its memorized and you use it every day for a week, its memorized.
Ok, there’s my 3 cents
May 5th, 2008 at 8:53 pm
Thanks for the podcast Brenno!
Can you say something about TrueCrypt compared to FileVault ( http://en.wikipedia.org/wiki/FileVault ) the encryption facility that is embedded in Mac OS X please?