TrueCrypt - HUGE Changes in New Version

Truecrypt, in its usual understated way, has announced that TrueCrypt 5.0 will be available in January. It includes system partition encryption (!), a graphical user interface for the Linux version and (drumroll) -- a Mac OS X version!! Talk about a holiday present from the TrueCrypt foundation!!!!
http://www.truecrypt.org/future.php

 

Does that mean I can encrypt a whole harddisk, including my separate harddisk for personal data files ?
I wonder how fast the backup/restore will be of an encrypted HDD.
I was very slow with ATIv9, maybe ShadowProtect will do it faster.

 

TrueCrypt has tutorials at their websiye that will walk you through everything step by step.

 

Yes

 

The problem with TrueCrypt is that it acts like a vault. As long the vault is closed you are safe, once the vault is open any malware or hacker can steal your data.
A vault only protects you against physical theft, when a burglar steals your computer and can't read your data because the vault is closed.

My original and wrong idea was that TrueCrypt would encrypt any file on my data partition and make it unreadable for the thief, even when the file was stolen by malware or hacker. After all on-line theft happens alot more than physical theft.
If that was possible, I don't need outbound protection anymore, because whatever is stolen, the thief can't read it in a million years. Unfortunately it doesn't work that way. That was the reason, why I ditched TrueCrypt long ago.

 

axcrypt is free and comes highly recommended. You can encrypt individual files and it is easy to use. You could encrypt your files and then put them in a truecrypt partition, hehe!

 

Theft of data happens online more than OFFline? No way. Laptops that go missing with hundreds of thousands of files of customer information, someone has a laptop stolen at the airport, DATA theft is most common from OFFline scenarios.

 

I was talking about home, not a laptop, which is an easy target for thiefs.

 

And the thief can't read a file encrypted with axcrypt ?
And I have to encrypt them one-by-one with axcrypt ?

 

locking the vault is a basic switch to turn it off. you can't rely on the software doing everything you pc dont turn on by itself you have to do it. it same for banks they have to lock there vault. yes there is timed vault which the software can be made to do. it all come down to having common sense to be vigilant. thats the best security using your head. one click and the vault is locked. it hard not to forget as the vault is staring you in the face.

Truecrypt has option to be readonly and also to lock vault if no data has been written to it in a specified time.

 

Vault is one way, there are other ways to do encryption.

 

@ErikAlbert

If you turn off the hard drive theres no need to do encryption. You set the hard drive to turn off when you go online at a set time. You using Sandboxie and/or Returnil. If you really want ironclad security disable the 2nd hard drive in the bios and forget about it. When the time comes you need something off that 2nd drive is the time you realise it not there so you turn it on again in the bios. in fact theres a util now to access the bios from within windows.

 

I agree that turning off the 2nd HDD would be alot better, but it has to be something PRACTICAL and CONVENIENT. Turning it on/off in the BIOS isn't and this time "no writing possible by malware", not like PC Security.

 

can you not say Truecrypt locking the vault at set time all set by the options isn't pratical when you go online? surely it is teamed up with Sandboxie

 

At a set time ? Is that practical ? I want to lock or unlock my 2nd HDD when I need it, not at a specified time.
Sandboxie doesn't protect my 2nd HDD, when I test a suspicious software in my system partition, which can infect my 2nd HDD, unless it is locked properly.

 

ErikAlbert, There is no such thing as on-the-fly encryption without it being vulnerable while the partition/container is open. File-By-File encryption, such as AxCrypt, would be your only solution.

 

OK. I will wait ... until the file-by-file encryption is more convenient to use.

 

It sounds like you tried using TrueCrypt with a partition-based volume. However, did you ever consider creating a small number of container files instead? Each one could containing a certain collection of data. Only mount (open) the volume that you need, and close it as soon as you are done.

To some degree this is the software equivalent of manually switching a second hard drive on and off, as per your earlier post, but this much more flexible because you can have as many 'drives' as you want, you can mount as many or as few as you need and you can dismount them all almost instantly if desired.

 

Check out R-Guard, or the file protection in COMODO Firwall Pro.

 

Can't wait to see how useful the new version will be.

I've mainly steered away from encryption anything for fear of ultimately losing data but maybe this is more reliable then i been led to believe all along.

I make plenty of use of virtual partitions via files in the past and they been reliable enough for me but perhaps encryption needs another look.

I kind of like the idea of AxCrypt files to TrueCrypt. Another interest to test out for sure.

 

I thought everyone already did that! Pete

 

Exactly like me.

Yes I read this 2 weeks ago. Very cool and wondering why this took so long for realization.

That´s the next problem if you want to be secure while surfing the internet.

How would you like to realize it? Windows itself would be unable to read its files. You would need a turbo engine that en/decrypts millions of things at the same time, probably needing octacore and system performance would probably go to 0.

True too but

That is reality in most cases.

At least something.

Think exactly.

Winrar is enough too no need for Axcrypt.

 

PC's are way too slow, but one day, when the hardware is improved, they will be fast enough to solve this problem. After all the chip was also a big improvement in the past, nothing stops inventors to do better.
One day harddisks will look old like tapes.

 

Certainly not this one yet. Greets Pete.

I take another approach in virtual file partition to store various data/items but never keep anything of a truly sensitive nature on disk, at least not on disk connected to internet access, LoL.

Always good to read your articles on gov privileges and their impact on citizens freedoms. Much to be said & realized for those kind of efforts rarely told, keep up that timely reporting, worthy reading indeed. Appreciated.

Also see you keep a foot in the door at ERASER, been my fav a very long time and still is.

Encryption? A new venture for me, but then theres always a new discovery awaiting where concerns the computer right?

Regards EASTER

 

Hello,

A suggestion to all encryption users:

You MUST keep an unencrypted version too. Otherwise, if the encrypted volume gets corrupted somehow, you're most majorly cankered.

The idea of encryption is not to protect the data as to protect the device with that data. For example, no one will steal your lousy DVDs with words like movie movies or stuff written on it. But thumb drives, mobile HDDs, laptops, are a lucrative theft prize. They should be encrypted.

Mrk