encryption softs

Hello everyone,

I am interested in two programs from SecurStar. I've talked to the customer support and they were helpful but I just need more info and I thought maybe I could find it here too.

The first one is SurfSolo, it's like a VPN but for personal use, I'd appreciate any suggestions.

I have very sensitive data on my computer and I really consider a full HDD encryption. A friend of mine recommended DriveCrypt PlusPack , this is the second soft that I'm interested in. I know that full disk encryption should be considered only if very necessary but this is my case.

Thanks!

 

I don't even want to think how slow it would be to have a full disk encryption (including the OS). DriveCrypt site never mention about performance (which leads me to believe its very slow)

If you are not regularly working with these sensitive files, and if they are just documents then it might be a better idea to use a virtual machine on an encrypted partition or something... essentially that would be like encrypting the whole disk (for the VM) but you have a usable PC for the rest of the time.

 

Check out TrueCrypt, open source and totally free:

http://www.truecrypt.org/

 

In the same line of thoughts of PhoenixFx, I would put the sensitive data in an external storage HDD, they come with their security applications as well, furthermore it serves as a file backup.

 

TrueCrypt is definitely the best, with government approved and used encryption. Kinda hard to use. But you can't beat the price (free).

 

Here's another vote for TrueCrypt.

Been using it for over a year, and it works flawlessly. Read the instructions and you shouldn't have any problems with how to use it. Very thorough instructions, very easy to use!

 

I would have to agree TrueCrypt is probably the best solution for what you are looking.

 

VPN an drive encryption are completely different things. Take a look at the guide in my signature on how to install truecrypt to do full disk encryption.

Full disk encryption is slow, but then you recommend using a VM? Disk encryption is actually very fast as it is on-the-fly, so it only decrypts whats needed at the time. VMs are awesome, but they are certainly not fast.

 

One word: TrueCrypt. Not only is it free, I think it is simply the best piece of software in its class.

BTW, whole drive encryption will slow down disc operations 2-4 times (!). Can be recommended only if necessary. Otherwise, consider a TrueCrypt partition.

 

2-4 times slowdown, I don't think so!

 

The only reason why anyone would want a full disk encryption including the OS (as OP is insisting) is because of potential security threats posed by temporary files or other programs installed without the owner’s authorization etc. Therefore if he really wants it then the only alternative I can think of is using an encrypted VM.
I assumed OP is using a single HDD notebook therefore if he does a full disk encryption, it will be always slow, even if he is not working with sensitive files. Of cause using a VM on an encrypted partition will be slower than having a full disk encryption, but at least he has normal performance (if he use normal unencrypted OS partition) whenever he is not using sensitive data (the VM), that’s why I said “if you are not regularly working with sensitive data, then use a VM”. Because if he only works with those data like 10% of the time, then he is sacrificing performance on the other 90% of the time.

 

Many corporations laptops are fully encrypted and use VPN. It seems to be a reasonable precaution.

 

Two words: True Crypt:

http://www.truecrypt.org/

 

By the way, encryption is a bit overrated, it's not as safe as what most people think.

<object width='425' height='344'><param name="movie" value="http://www.youtube.com/v/JDaicPIgn9U&hl=en"></param><embed src="http://www.youtube.com/v/JDaicPIgn9U&hl=en" type="application/x-shockwave-flash" width='425' height='344'></embed></object>

Princeton study: Disk encryption not safe

22.02.2008



Researchers with Princeton University and the Electronic Frontier Foundation have found a flaw that renders disk encryption systems useless if an intruder has physical access to your computer — say in the case of a stolen laptop or when a computer is left unattended on a desktop in sleep mode or while displaying a password prompt screen. The attack takes only a few minutes to conduct and uses the disk encryption key that’s stored in the computer’s RAM. The attack works because content as well as encryption keys stored in RAM linger in the system, even after the machine is powered off, enabling an attacker to use the key to collect any content still in RAM after reapplying power to the machine.

“We’ve broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers,” said J. Alex Halderman, one of the researchers, in a press release. “Unlike many security problems, this isn’t a minor flaw; it is a fundamental limitation in the way these systems were designed.” The researchers successfully performed the attack on several disk encryption systems — Apple’s FileVault, Microsoft’s BitLocker, as well as TrueCrypt and dm-crypt — but said they have no reason to believe it won’t work on other disk encryption systems as well, since they all share similar architectures. They released a paper about their work as well as a video demonstration (available at YouTube) of the attack.

Source: Wired

 

That study performed the attack by having a tightly controlled environment where they were able to remove live RAM from a running system and then place it in another specialized system to read the data from it. This scenario is highly unlikely for anyone but the most highly skilled researchers, who are not the kind of people who steal data. Maybe if you were a highly targeted person then someone would be able to get you, but they'd get you somehow anyway.

Disk encryption is mainly for people who are worried about a thief stealing the laptop with important data on it and preventing them from getting to it. These types of thieves are opportunistic, so they are not specifically targeting you. Once you become a specific target, there are numerous ways they can get what they want.

 

Yes it was a controlled environment. But you're still missing something, they also showed how it could work without even removing the RAM at all. A lot of people keep their notebook on standby instead of turning off.

Anyway, you're right, if you're targeted, they will get what they want one way or another. I posted this mostly for corporate users who seem to be worried the most. All I was trying is say is that encryption isn't as safe as people think.