I've been looking for a good disk encryption system for a while. In the past few years, I've been using PGP's PGPDisk tool with good success, but there have been a few annoyances.
- Difficulty interacting with WindowsXP, drives have to be mounted at bootup or they won't show up after being mounted. This made it difficult to keep PGP volumes on DVD-R for ad-hoc mounting to refer to information contained within the encrypted disk.
- PGPDisk does not remember how to mount disks at the previously mounted drive letter. (Something that DriveCrypt did very well.)
- Pricing. The PGP suite with PGPDisk has gotten more and more expensive over the years. It used to be available for well under US$100 with no subscription but now costs US$80/yr for each user. That cost precludes using it for more then a handful of users.
So, with all that in mind, I've been looking at TrueCrypt which is a replacement for the PGPDisk tool. It offers the same functionality, but is open-source and free.
Note: Disk encryption works in two ways.
1) You create a file on your hard drive that contains a virtual drive. The PGPDisk / TrueCrypt / DriveCrypt software allows you to mount this file as a drive letter on your system. Any data inside of that virtual drive is encrypted on the fly. When the drive is not mounted, the data is safe from prying eyes.
2) You create an encrypted partition on a dedicated hard drive (or a partition on a hard drive). This is called "whole disk encryption" by some vendors. It has some advantages over the file-based method but mostly works in an identical manner.
...
So why should someone use disk encryption?
The easiest scenario to sell is with someone who uses Quicken or MS Money to manage their finances. This is the primary reason that I started using disk encryption back in 2000. Since I keep my Quicken program on my laptop, I want to protect my financial data in case the laptop gets stolen. By storing my Quicken files inside of an encrypted volume that is rarely mounted, a thief who steals the laptop will not have access to those files.
In addition, if the hard drive fails, I don't have to worry about getting it back up and running to wipe the data before getting a replacement.
skip to main |
skip to sidebar
Posts
Posts
Copyright 2003-2010, Thomas G. Harold, All Rights Reserved
Random technical tidbits from around the web, or things that I've figured out along the way.
Search This Blog
Blog Archive
Subscribe To
Posts
Posts
Labels
2003
(14)
2004
(68)
2005
(50)
2006
(58)
2007
(23)
2008
(17)
2009
(27)
2010
(10)
2011
(10)
2012
(4)
2013
(10)
2014
(1)
2015
(24)
2016
(1)
3ware
(3)
ActiveDirectory
(2)
Angband
(1)
autofs
(2)
Backups
(15)
bash
(3)
Benchmarks
(7)
BIND9
(2)
BorgBackup
(4)
CentOS5
(22)
CentOS6
(2)
ClamAV
(1)
Code
(1)
CSS
(3)
Cygwin
(5)
DisasterRecovery
(4)
DIY
(1)
Dovecot
(4)
EMail
(3)
Encryption
(10)
ExQuilla
(1)
ext3
(2)
ext4
(2)
Firewalls
(9)
FRAPS
(1)
FreeNX
(5)
FSVS
(10)
Gentoo
(70)
Gigabyte-GA-6VA7+
(7)
Gnetoo
(1)
GNUParted
(1)
GnuPG
(4)
GRUB
(3)
Hardware
(6)
IMAP
(2)
IPSec
(2)
IPTables
(1)
iSCSI
(5)
iSCSITarget
(2)
jQuery
(1)
Linux
(13)
LUKS
(2)
LVM
(10)
Mint
(2)
MotorolaQ
(5)
MRTG
(1)
Nagios
(1)
NAT
(1)
News
(14)
NTFSClone
(2)
NTP
(4)
NX
(5)
Office365
(1)
OpenVPN
(1)
pfSense
(6)
Postfix
(2)
PostgreSQL
(7)
PPTP
(1)
Prices
(4)
Printing
(1)
PuTTY
(2)
RAID
(1)
Releases
(1)
RHEL5
(3)
RHEL6
(1)
RSync
(9)
Samba
(7)
SAN
(5)
SecureCRT
(2)
Security
(10)
SELinux
(9)
ServerAdministration
(5)
Shorewall
(1)
SmartPhones
(1)
SMTP
(2)
SNMP
(3)
SoftwareRAID
(30)
SPF
(2)
Squid
(3)
SSH
(13)
SSL
(3)
SubVersion
(12)
SVK
(1)
SystemAdministration
(3)
Thinkpad
(2)
Thunderbird
(3)
TrueCrypt
(4)
Ubuntu
(2)
UltraVNC
(1)
VBScript
(1)
VIAEPIA
(19)
Virtualization
(2)
VisualBasic
(3)
VLAN
(2)
VNC
(4)
VPN
(2)
WiFi
(1)
Win2000
(3)
Win2003
(6)
Win7
(2)
WindowsEFS
(2)
X11
(2)
Xen
(2)
No comments:
Post a Comment