A stupid question

I think this is the right forum.

I have two HDs on this computer. My C: drive is only the operating system and software. Everything else, files, folders, tax and business info, etc is kept on the D: drive.

I've been looking at PGP and even downloaded the older 8.1 version freeware to play with and try to learn. I prefer it since it's considerably smaller than the new version 9, which contains a lot of stuff I don't need and would never use. Unfortunately the freeware version is very limited so I haven't been able to try encrypting an entire drive (which I would do on my other computer which also has a second drive, just in case I screwed up).

Okay, question. I'm assuming that, if I can even buy PGP 8.1 these days, learn it well enough, and can lock down the entire D drive using AES 256 with a strong password, it's going to be secure from anything getting at the stuff on the drive.

What if... playing the devil's advocate, some malware is there and all my scans missed it? From what I gather, encryption software keeps things out, but does it also keep things in?

I've looked at CryptoSuite too and even made a container on the D drive *patting self on back,* and put several files in it. Obviously I did something wrong since the container is there but when mounted, none of the junk files I put in to test are encrypted. Or, maybe Cryptosuite depends on the password, which I think is usually the weakest link in the chain.

 

Short answer: ANY encrypted container/file system/file/etc is subject to the same risks as its unencypted counterpart once you have unencrypted it. If you encrypt your D drive, but everytime you boot up you mount the d drive so you can access it, then it is NO safer than if you had never encrypted it.

It will only be "immune" when locked/unmounted or if stolen.

 

Let's assume you're using AES in an IND-CPA-secure confidentiality mode of operation, such as CTR or CBC. In such a case, you can expect the confidentiality of your data to be preserved -- but nothing more. The ciphertext is exposed to its host's insecure environment. As surprising as it may seem, even ciphertext can be manipulated in a way that may be useful to an adversary, and can even lead to a loss of confidentiality in some cases; given that, it's always wise to preserve the integrity of data, as well.

Examples of software that do this are PGP, via asymmetric digital signatures, and AxCrypt, via symmetric MACs (Message Authentication Codes). I've used PGP Corporations products, and would recommend them. Although I haven't used AxCrypt, and cannot vouch for the correctness and security of its implementation, I have conversed with its developer, Svante Seleborg, and appreciate the design decisions behind it. It's the best-looking approach to software of its kind that I've seen.

(As for CryptoSuite, I wouldn't recommend it; several of the design decisions behind it make absolutely no sense.

 

I agree. It's a POS software from another disappearing developer.

 

I took a brief look at TrueCrypt for the past couple of days. I still have it sitting on my drive. Frankly, I find PGP easier to work with. I never thought I'd see myself write that. I had experience with PGP in the latter 1990s and never could figure it out so avoided it until I saw some posts here.

TC has the advantage in some areas over PGP. Hidden containers, maybe even encrypting and hiding my entire second drive is nice, but the program itself doesn't appeal to me.

I've settled on free PGP v 8.1 on my desktop and will continue with the v9.9 trial on my Vista laptop and might let it go to free. I really like the new pgp but can't seem to find the single year price at their website. I see no need for the $219 perpetual license. Maybe I'll hunt up one of those OEM outfits that sell disk only for $15 or $20 bucks.