If I have my whole drive and externals encrypted then why...

I've always wondered ( probably I'm a bit ) that if I encrypted my whole drive and all the externals (USB's etc) why I should ever worry about a hacker stealing my data?

There must be a flaw in this somewhere?

 

If they hack you while you computer is unencrypted, while you are using it, then they could get personal info and steal your identity.

 

I personally don't have a ton of personal info on my computer. If a hacker got onto it it wouldn't really ruin me or anything.

However, getting malware is a pain ~ Snipped as per TOS ~ because of removal. That's why I protect my computer.

 

Password cracking, which can be easy with a boot disc.

 

?
If your system is encrypted with TrueCrypt or bitlocker and fully shut down, no boot disk will crack your computer.
Caspian gave the right answer, when your encrypted system is mounted, the encryption is "unlocked". A mounted system is no different from a non-encrypted one. An evil website or trojan email attachment can infect either way.

 

Anything that you're using, accessing, reading, etc has to be unencrypted during that time. This makes it vulnerable to keylogging, screen capture, and transferring out the data while it's decrypted. Disk and file encryption protects the contents from being accessed by someone else when they're not in use. Think of disk and file encryption in terms of a locked box. As long as it's locked, no one can see, take or alter its contents, yourself included. In order to do anything with the contents, you have to open that box. When you do, the contents are accessible to you, and to anyone else who happens to be there. The weakness in this system is the PC. Encryption is only as secure as the PC it's running on.

 

Thanks guys this set of posts has helped me clear my head on this one.

See if this 3 pronged approach makes sense:

1) While my PC is sitting unused and it is lost or stolen then full encryption / bit locker makes sense, the thief will have a hard if not impossible time accessing my private data.

2) However when my PC is in use by me it is wiser to keep my private data and folders encrypted selectively like say tax files only need to be open for a few weeks each year ( not right now for instance)

3) All other normal layers of security solid passwords , FW, AV HIPS etc still needed with or without encryption.

 

That covers it quite well. If the data you have encrypted is quite sensitive, you might also consider doing a full reboot before decrypting and if possible, disconnecting the PC from the net while you do.

 

Thanks, the only other procedure step I could think of was NOT storing the sensitive data on the active drive but on a USB or cd/dvd only used when needed.

 

Your choice there would depend on whether you need to be able to edit that data. If you don't, the CD is the better option. Once written, the disk can't be infected or deleted, and it can't be encrypted again by malware that holds users data for ransom. It really depends on the nature of the data and your top priority for that data, eg. keeping it hidden (personal records for instance) vs keeping it preserved intact for when it will be needed (such as evidence of abuse or corruption).