Truecrypt or FreeOTFE

So I've got this 500GB external which I'm planning to encrypt and store data and backups on and the two viable encryption software that comes to mind are FreeOTFE and Truecrypt.

The question is, if I excrypt the entire partition will I need to have Truecrypt/ FreeOTFE installed on each computer/laptop that I plug the external drive on? Say I encrypted the partition using Desktop A using Truecrypt, will I need Truecrypt to be installed on Desktop B for me to have access to the encrypted partition?

One more thing, which drive backup program do you use to backup a system drive unto a Truecrypt encrypted partition? And I surmise that backups are limited to online backups since the encrypted drive needs to be mounted first right?

 

No, but you will need to have administrative privileges on the computer because both programs need to install a driver. You can use FreeOTFE Explorer which doesn't need a driver. I think there are some drive formatting considerations to be made if you're going to use FreeOTFE Explorer, so be sure to read the documentation.

You could use just about anything that can perform a backup while booted into Windows using shadow copy with your TC volume mounted. The problem will be if you ever have to recover this system drive from your encrypted volume. AFAIK you would need a properly prepared and configured BartPE CD in order to mount your volume and restore the system drive.

I encrypt the system drive and offline image it to an unencrypted drive. The only problem with this method is that the image takes up as much space as the drive due to having to make a sector by sector image.

 

Yes you need Truecrypt either installed or run self executable portable on any system to mount the encrypted volume.

Just my views on anonymity though.. there were reviews that Truecrypt so-called encrypted sectors provide "dead giveaways" to computer forensics. I'm not sure about FreeOTFE.

 

Would you care to provide any evidence of this claim or further explain what you mean?

From everything I've ever seen, this statement is dead wrong. The only sectors that are "dead giveaways" are in the first track when the operating system is encrypted. Every WDE software is like this.

 

OrionMan is just letting his mouth run about issues he doesn't know anything about .. The fact that he speaks about 'anonymity' in connection with disk-encryption software should make it clear .

That being said, there is no such thing as 'random data' on a 'normal' HDD .
If it all looks like random garbage in a hex-editor, it isn't exactly rocket-science to figure out what it is.
But that's not the same as proving it ..

 

A proper disk wipe with a PRNG would look exactly like TrueCrypt data. Also, TrueCrypt and other WDE software will double as disk wipers. Some people may use them for that purpose.

There's, in fact, nothing to prevent the TrueCrypt people from marketing their program as disk wiping software, possibly also adding a few extra PRNGs in the mix.

I suggested this on their forum, but I got no response.

 

TrueCrypt lets you create a traveler (portable) version of itself that you can run without install from any Windows or WinPE system. To access the encrypted partition you mount it (requires password) with the traveler or full version of TC. When not mounted, the partition appears unformatted (raw). I'm not familiar with FreeOTFE.

For TC you can use any backup program, and you can do offline backups too from 32- or 64-bit Windows or WinPE based "recovery" or "emergency" disks (e.g. from BartPE). You would use the TC traveler disk or a TC plugin to mount your encrypted drive first.

The question of which backup program to use can become more pertinent if you decide to encrypt your system partition, which is why I prefer DiskCryptor for system encryption (DiskCryptor is also free). You can use DiskCryptor for encrypting external USB drives too, but as far as I know there's no traveler disk or other portable version of it so that makes things a little trickier. There is a BartPE plugin for DiskCryptor though.

 

what are the dead giveaways ?

 

Huh?

If you go back to post #3, you'll see that OrionMan first used the term "dead giveaway".

Anyway, the only giveaway to the use of encryption is the TrueCrypt bootloader on the first track (63 sectors) of the hard drive. It's specific to TrueCrypt, and it's only used when WDE is used. If you use file-hosted volumes, partition encryption, or device encryption without system encryption, then there is no bootloader and no "giveaway".

This is the same issue with any WDE program. They all need a bootloader on the first track to give you a password prompt prior to loading the encrypted operating system.

 

I recently jumped on the same boat. Been using TrueCrypt Containers for some time now (on thumbdrives between different PC's, I always have portable TrueCrypt on a thumbdrive), and just recently decided to encrypt my entire system. I'm running Windows 7-64bit and haven't looked back since doing it. Now if I ever lose my laptop I don't need to worry about anyone gaining access to my Wilders Security Forums password, my emails and et cetera. Like they'd get into my KeePass file anyhow, but that's beside the point.

As for backups I used to use Clonezilla, but due the size of the backup since encrypting, I decided to image while the system was up and running with the built-in Windows backup utility. Sure it works fine, but I wanted more so, I tried Paragon's free version and quickly moved up to the paid version ($30.00) and couldn't be happier. And I must say, what endless possibilities you have with a Paragon image.

I'm not worried about a restore because, I have a good image, my TrueCrypt recovery disc, alternate OS'es with TrueCrypt and ParagonPE on my thumbdrive and CD. I can always manipulate the situation and get my image to to be a clone if need be.

Check, double check, test, and then re-check and test. Especially, when dealing with encryption, or you'll be locked out!


Hope this helps,
Chris

 

Okay, I just re-read your question and my previous answer is kinda gibberish. Anyhow, I'd create two partitions on that 500GB hard drive one only needs to be large enough for TrueCrypt portable which is less than 5MB so, a 100MB partition would be more than perfect. That's what I'd do so, you always have access to that encrypted partition from any PC. Then just mount it with TrueCrypt, and back up what ever you'd like to it.

Edit: You could probably use Parted Magic and mount your encrypted backup media with TrueCrypt within Parted Magic, and then use Clonezilla within Parted Magic to backup your unencrypted system. Probably in any order, but I haven't tried it yet. Kinda just popped into my head. Going to try now.

What's more, who cares if it's a "dead giveaway" you'd have to physically extract the password from me. And what if I'm using a key file or have hidden containers? So what, I encrypt my personal information!

Hide the most important stuff in images. No one checks 43MB .tif images from the Library of Congress for secretes or TrueCrypt recovery iso's.

 

The whole thing was off-topic to this thread, but I responded since it was brought up.

The people that would care would be the ones who want to deny they're using encryption to begin with. To anyone else, it's irrelevant.

 

I was going to say the same thing. I agree create a small partition on the 500 Gb hard drive to put True Crypt portable on then that eliminates the need to have True Crypt on every computer.

 

Thanks for the replies. gave me a few options instead of going for full drive encryption. The thing is it doesn't really matter to me if forensics experts can see trails of having a truecrypt volume on the drive. The only reason I want some sort of encryption is so that my files remain undisclosed on such an occasion that I lose the drive. Theft is becoming prevalent in my university ergo my paranoia of losing the drive and the files along with it. Don't want those amateur flicks out in the open don't we

I kid, I kid.

How about this, partition the drive into one big partition and set up say 100 to 200 gigs of space for a truecrypt file container? Is there a noticeable performance difference between a file container versus an encrypted partition ie reading, writing off and to the encrypted volume?

 

I've never noticed a difference in performance between using a container vs a partition. I'd recommend just creating a large container, unless it's the system drive I always use containers, they're easier, look better and can be moved. And containers are less likely to be accidentally formatted or whatever? Either way is fine.

TrueCrypt will mount the container as a new drive letter so, it will feel like a partition.

 

is a good idea save the container with a name like pagefile.sys or ?

but between these programs there is one more strong in the encryption ,or do they use the same algorithm ?

i guess they are both fast, aren't they?

are they the only 2 free programs?

thanks
cheers