Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Disk Encryption: TrueCrypt Setup v.7.0a vs. folder Lock 6 Setup?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
joe schmoe Disk Encryption: TrueCrypt Setup v.7.0a vs. folder Lock 6 Setup?
Member 15th Jul, 2011 22:04
Ranking: 38
Posts: 139
User Since: 26th Nov, 2008
System Score: 100%
Location: US
Hello,

Am considering encrypting files and/or OS drive only.

Any one know of or has used these programs above?

Does TrueCrypt encrypt all HDDs on system?

Do either offer additional layer of security (protection) against outsider intrusions when running?

Any modification to MFT as in bootable entry in MFT?

Can either be successfully uninstalled w/o problems?

joe schmoe

--
XP Pro SP3 P4 3.2 HT 2 GB RAM Avast! 9.0.2018 AIS
Win 7 Home Pro SP1 Pentium D 2.8 3 GB RAM Avast 9.0.2018 AIS
Secunia PSI 2.0.0.3003 XP Pro 32-bit & Win 7 H Pro 64-bit

ddmarshall RE: Disk Encryption: TrueCrypt Setup v.7.0a vs. folder Lock 6 Setup?
Dedicated Contributor 17th Jul, 2011 19:00
Score: 1198
Posts: 954
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Any one know of or has used these programs above?

I use TrueCrypt but only for file-hosted volumes where a virtual volume is created in a file.

Does TrueCrypt encrypt all HDDs on system?

You can encrypt as many partitions or removable devices as you like. However only the System Partition/Drive can be encrypted on the fly in place. If you change any other drive into a TrueCrypt volume, all the data on the drive will be lost.

Do either offer additional layer of security (protection) against outsider intrusions when running?

TrueCrypt, no.

Any modification to MFT as in bootable entry in MFT?

If you encrypt the System Partition/Drive, TrueCrypt installs its own bootloader so that validation takes place in the pre-boot environment.

Can either be successfully uninstalled w/o problems?

If you uninstall TrueCrypt, the TrueCrypt volumes will not be decrypted. Only the System Drive/Partition can be decrypted in place. For other volumes, you have to move the data to an unencrypted volume, uninstall TrueCrypt and then format the Partition before it can be reused.



--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+4
-0
joe schmoe RE: Disk Encryption: TrueCrypt Setup v.7.0a vs. folder Lock 6 Setup?
Member 19th Jul, 2011 06:37
Score: 38
Posts: 139
User Since: 26th Nov 2008
System Score: 100%
Location: US
ddmarshall,

Kudos for your short and sweet answer.

I get that the primary use of TruCrypt is for the system drive.

As such, on-the-fly encryption is only available for the os partition.

I must admit not to knowing that encrypting other drives would result in data loss.

The only real purpose, perhaps, to encrypting a drive would be to protect personal data via a password lock phrase or key.

Am I correct in saying that once a volume is opened, (in a decrypted state) that this volume can be visible to the outside world when on the Internet?

If you care to explain, what is a virtual drive or os?

I did take care to put a bonus point in there, as your reply is very relevant.

joe schmoe

--
XP Pro SP3 P4 3.2 HT 2 GB RAM Avast! 9.0.2018 AIS
Win 7 Home Pro SP1 Pentium D 2.8 3 GB RAM Avast 9.0.2018 AIS
Secunia PSI 2.0.0.3003 XP Pro 32-bit & Win 7 H Pro 64-bit
Was this reply relevant?
+0
-0
ddmarshall RE: Disk Encryption: TrueCrypt Setup v.7.0a vs. folder Lock 6 Setup?
Dedicated Contributor 19th Jul, 2011 17:23
Score: 1198
Posts: 954
User Since: 8th Nov 2008
System Score: 98%
Location: UK
I get that the primary use of TruCrypt is for the system drive.

As such, on-the-fly encryption is only available for the os partition.


I might have misled you with the term 'on the fly encryption'. Only the system drive can be changed from unencrypted to encrypted or unencrypted to encrypted in place. You would be better reading the sections ot the TrueCrypt documentation at http://www.truecrypt.org/docs/ titled Beginner's Tutorial and System encryption.


The only real purpose, perhaps, to encrypting a drive would be to protect personal data via a password lock phrase or key.
Am I correct in saying that once a volume is opened, (in a decrypted state) that this volume can be visible to the outside world when on the Internet?


That's pretty much the case. The data is never decrypted on disk. The TrueCrypt driver intercepts the reads and writes to the volume and decrypts and encrypts the data in memory. Once the TrueCrypt volume is mounted it is accessible in the same way as any other disk drive.

If you care to explain, what is a virtual drive or os?

It might help if I explain how I use it. I have TrueCrypt volumes hosted in files, as described in the Beginner's Tutorial. I run TrueCrypt and mount the volume, which requires the password. At this stage a new drive letter appears in Computer. I can then use that drive letter like any other disk; reading, updating and saving files. When I've finished I dismount the volume and the drive letter disappears. I only use it for data I wouldn't want anyone who stole the laptop to have access to. I don't encrypt the whole system drive as it's only a 1.6GHz Centrino Duo and encrypting and decrypting every disk access would be too much overhead.

One problem with TrueCrypt is that you can make it very complicated if you use things like hidden Operating Systems and plausible deniability. If you just want to protect a few files, the way I do it is pretty straightforward.



--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability