I'm new to the whole encryption game. I was looking into encrypting my hard drive. I know there is Bitlocker and Truecrypt. But I was reading online today that both of these can be cracked easily with Elcomsoft. Is this true? Are there any other encryption tools out there that is better?
First ask your self if you really need it. We had an old truecrypt thread. Never read many sucess stories, but quite a few threads asking for help as they couldn't get into their drives. Just be carful
No, it is not true if somebody use good password. There are some attacks such as Evil Maid, but they require physical access to hard drive multiple times by adversary. We don't know whether Microsoft built-in some kind of backdoor, but regular company or police unit don't have access to it, even if they did. At least until information about supposed backdoor would not leak publicly. But again, we don't know whether there is some kind of backdoor. TrueCrypt is more trusted (open-source and there were an audit by cryptographers). Unfortunately TrueCrypt was discontinued.
I have zero experience with BitLocker. And I tend to distrust Microsoft I have seen lots of angst from TrueCrypt users. But it's my impression that two factors were mainly responsible. Both about Windows. One, many Windows users didn't really know what they were doing. And they were careless, or whatever. And two, Windows tends to mess with partitions that it doesn't understand, or recommends that users do so. I suspect that VeraCrypt suffers from the same problems. But I'm certainly no expert. I must say, on the other hand, that I've never lost a LUKS volume. OK, except for one or two, where I forgot the passphrase But I don't know what that says about the software. Maybe it's just that there's no Windows to mess with stuff.
As you are no doubt learning, encryption is a tricky subject. Lost of people claiming that this or that encryption has a backdoor or is broken by the NSC,CIA,FBI etc... Most experts will say it's unlikely AES is broken or has a backdoor and I personally believe AES is unbreakable for now. That said, there are so many ways to bypass encryption. Most obviously, a weak password can be guessed easily. Along the same line, if someone can capture your password (camera, keylogger, etc.) they can get in as well. Then, there's the problem of keeping your data safe while you are using it. You need to open your files sometimes and view them. The only way to do that is to use an operating system. Microsoft claims there are no backdoors into Bitlocker. However, the whole framework of the Windows operating system is full of holes so it really doesn't matter if Bitlocker code is secure by itself. How do you know that your password isn't being stored on disk somehow when you type it in? When you decrypt and open a file, Windows often makes a copy of some or all of it for various reasons. Bottom line is that if you are using Windows, the operating system is the weakness in the encryption, not the encryption itself. For most people, Bitlocker is the best solution. It is secure from the petty thief who steals your laptop plus it has some password management and recovery options that help you in the event you get locked out. If you want a bit more security, you could try Veracrypt (TrueCrypt successor) but you really need to read the manual carefully because there are many ways to screw up and loose your data forever. With either of these, you are still using Windows which limits your ultimate security. For ultimate security, go with LINUX FDE and/or LUKS volumes.
That was the reason for many of the problems reported in the old TrueCrypt forum. To avoid these problems, use only BitLocker to encrypt Windows partitions.
Please have a read of the whole thread below, I've linked specifically to Bitlocker. https://www.wilderssecurity.com/threads/hard-disk-encryption-options.372834/page-3#post-2470793 The consensus here is, I believe, that if one is using Windows, then Bitlocker with a TPM is the best solution for reasons outlined in the thread. At bottom, even if you don't trust Bitlocker, Windows itself is a much bigger target in the first place, and nothing bitlocker (or any FDE encryption) does helps with remote networked attack and exflitration. These days, people would tend to use Veracrypt rather than Truecrypt because of active development and remediation of the issues raised in the TC audit. But full support for the system partition FDE is still being developed, it is by no means supported as it is for Bitlocker. If you use long strong passwords, and of course take care with recovery and backup, this is NOT "cracked easily". Most recovery techniques rely on weak or common passwords, or ones harvested from your existing documents if those are available.
Yes, I agree that BitLocker is the best choice on Windows. Except for maybe one of the self-encrypting disks. But I have little experience with either. So hey.
