Discussion in 'privacy technology' started by Loki, Dec 19, 2002.
Anyone know how good XP Pro Encryption is? If I use it do I need something like PGPDisk?
I would like to know also.
I'll speak for myself - personally.
I don't trust Microsoft. I believe there is the real possibility that back doors in the EFS architecture was a part of the sweet deal from the feds.
There are too many other options.
With that said, Loki, if you were going to use the EFS encryption system in Windows XP there would be no reason for PGP. One or the other. (I assume you're talking about PGPDisk)
My choice has been DriveCrypt 3.03 and I also have the DriveCrypt Plus Pack - which is a Full Disk encryption package. It can encrypt individual partitions, entire drives (including the drive with the operating system) where you use pre-boot authorization. This can render all the "scrubbing" we do moot. If the disk is encrypted - and encrypted right - nobody could ever get in to see what is in the cache, registry etc. anyway. I know people who use DCPP and never bother running those tools. I DO, but if you use it right, why worry about it? It is also totally transparent in its use - the user doesn't have to do anything once locating the key and entering a double password. As soon as you sign-off or do a quick emergency shutdown - the entire drive is encrypted - or drives.....and there's no getting back in the computer - at all - without the key. Warning: DCPP is not cheap - $149.00 - they are currently offering their once-a-year hundred dollar off sale to regular DriveCrypt owners. If you are a DriveCrypt owner and use XP, I can assure you it could be the best $49.95 you could possibly ever spend to protect the security and privacy of your computer.
Drivecrypt 3.03A (On-The-Fly Hard Disk Encryption):
(Trial download is available)
DriveCrypt Plus Pack (DCPP - FULL Disk Encryption):
Then there is always PGPDisk, BestCrypt and others.
Do you know anything about Steganos Security Suite, and if you can encrypt an entire drive like you do with DriveCrypt?
No, Steganos does not provide Full Drive Encryption.
Thanks for the reply, now all I need to do is re-read your post on free encryption and decide how much I can afford to spend versus how much I think I need encryption of a high caliber sort like DriveCrypt.
Free versus Pay. I'm not cheap, ignore the Eagle screaming...
If you are going to use a wireless home network you should really use encryption anyway.
I would love to know if MS really made a deal with the FEDS as part of the antitrust lawsuite for their encryption...
I am guessing if that were true? and somebody found out?
Bye Bye MS....>>>>> RIGHT?
Thank you for sharing some of your knowledge. I was reading about Drive Crypt and that power pack version, and noticed that the encryption differs on each program, PP with 256 and regular DC with 1344 bit. Is this normal or what? Just wondering why such a difference between two products from the same company? Also, you said you use both products...how? Do you use DriveCrypt to encrpt entire drives and the DCPP to encrypt the drive with the OS on it? I appriciate you taking time to answer.
Don't get too hung up on the 128-bit, 256-bit, etc. It gets to be marketing hype. No, I probably wouldn't personally use anything less than 128-bit encryption when dealing with basic file encryption. There is so much more to cryptography and conventional encryption than that. What algo is being used, etc. For one thing, a 128-bit encrypted partition with a high-quality passphrase/key is better than any 1,024-bit encrypted anything with a POOR passphrase. So, don't let that bother you too much. There IS weak and strong encryption - don't get me wrong, but the user is the weakest link.
DriveCrypt Plus Pack (FULL disk encryption) uses 256-bit encryption because it uses AES. The developers of AES (or Rijndael as it is sometimes called - pronounced: "Rain Doll") specified the use of AES for three key lengths: 128-bit, 190-bit and 256 bit. So, with 256-bit AES you are getting maximum protection.
The DriveCrypt 3.03 (HARD disk encryption - containers and partition encryption) gives you several choices of algorithms and key-lengths, including Blowfish, Triple-DES, AND Rijndael.
So, that explains the difference. Why use both? Because I am paranoid. Though, frankly, it's really unnecessary on the drive with DCPP. I use several drives and operating systems, so DriveCrypt is really essential for me.
Controler had a good word of advice: you should especially use encryption if you are on a WiFi/Wireless Lan. I believe it's important anyway, but Controler was absolutely correct in mentioning that - using a wireless network without using on-the-fly encryption is very dangerous.
Hope I helped clear a little of that up!
No, I don't think that's right. No way would it be bye bye Microsoft for one very simple reason. There would be two or three Microsoft executives ready to take the fall for working out a very subtle programming hole, handing it over to the government, "to save Microsoft and preserve our security." Bill Gates would obviously fire them in a fiery speech about the great "betrayal of the company" -- and behind closed doors, promptly give them a golden parachute (an extremely generous exit severence) for their service to the company.
I'm not suggesting that's what happened. I am suggesting it is not out of the realm of possibility. Nothing I'm willing to trust - and with encryption - a healthy dose of trust helps one sleep at night.
That helps alot. I have been spending a few hours reading about encryption and one thing i am not to sure on is that with DCPP if for example i were to get a trojan (God Forbid I use TDS-3) would that individual have access to the encrytped file or the decrytped file since i would be logged into my machine? I guess what iam asking is that does DCPP really only protect your files as long as your not logged on? I think you've sold me and i will probably be getting myself DCPP for a christmas gift to my Puter
P.S. i also had another post about that software DeepFreeze as i have heard so many good things about it. Do u know if it is possible to install and run DeepFreeze over a DCPP encrypted HD?
Thanks again and HAPPY HOLIDAYS!!
I'll ask the samething as Jonas, once you open an DCPP encrypted drive or use a program on an encrypted drive is the rest of the information open too?
I'm sorry! I totally missed the message from Jonas....
No...once you boot, you can close anything that is open (an encrypted partition, drive, etc.) you can set hot-keys or use "log off" and that particular encrypted partition or drive is immediately closed and encrypted. So, no, the information is not always "available" as long as you're on. It can or can't be - it's really up to you. A lot of ways to configure.
If this might help, I have the user manual in a .pdf file and if you would like me to send it to you, I would be happy to. Just PM me and don't respond on the board. That might give you a good overview (as well as all the details!)....
Let me know, Loki!
All the best,
Thanks for the reply. I went to the DriveCrypt web site and the answers were right there, imagine that . I've download the PDF file and it has answered my questions. After giving this subject some thought and using the Demo I have purchased DriveCrypt. Well this is another thing to learn to use effectively.
Thanks for all the information
And may the New Year be Good to all of us.
I have a lot of experience with DriveCrypt. If you have any questions at all -- feel free to shoot them my way. DriveCrypt is an excellent program and in selecting an encryption program, you made a very solid and wise choice.
I forgot to say one of the selling points for DriveCrypt is they are not a US company so hopefully they will stay secure (No backdoors) even under pressure from the good ole US. The times are changing and not for the good . Since I have taken an interest and also made my views known to the Gov. I have decided that using encryption is now necessary, this is a sad state of affairs when a law abiding US citizen must encrypt his computer from his own Government.
Stay Safe during the Holidays
Separate names with a comma.