Enter TrueCrypt... It meets my requirements: Its free, and open source. But actually, I've spent some time toying around with it on a spare drive, and after an hour, I'm throughly convinced that it is simply awesome. A 10 out of 10 and truely a wonderful program. I can't help but think that this app could easily sell to government agencies and corperations world wide for hundreds of dollars hands down.
The app is everything you wouldn't want an encryption program to be - invasive, slow & confusing. Its extremely quick... more transparent than a window... and the help and support documentation is top notch. If you aren't picking up what im throwing down, this is by far one of the best written apps I've seen. It's quiet a shock to me -- that i haven't discovered or used this program before. I simply can't say how awesome it is.
So how far does the encryption reach? The whole drive/partition.
- Page files? yup
- OS? the kernels? uh huh
- Documents, Applications, Movies? too easy
- What about free space? That too!
- Needing to reformat? Nah, that would be a pain!
- Decypting files so i can read them? You crazy?! that would suck!
Now, you might say... "with all this encryption/decyrptions... doesn't this consume some serious CPU cycles?!" Well, it does... kinda... copying a 10GB file in my tests put my CPU to 50% (maxed out a core) but i noticed no disk performance degradation. Reading/playing a 1080p x264 movie made no difference (my biggest fear -- my comp sucks ass). In my benchmarks, encrypting a 5MB file has a throughput (off my shitty 1.87Ghz Core2Duo and 1GB ram) of 113MB/s... thats much better than my ~70MB/s drive bandwidth...
Lastly, and the most amazing thing I've seen is the hidden volumes. A hidden volume is a like a hidden disk. But whats cool is not the fact that you can hide a volume, but what you can do with it and how you access it... and also HOW its hidden. Here's the idea... An encrypted drive is more or less useless without its key. The data appears random and its not provable that the disk is encrypted, unless you have a boot loader that says its encrypted. Yet even with a key, some real (or old data) will just appear as noise because files get fragmented, deleted, moved and overwritten. Also, if your smart enough to encrypt a whole drive... your smart enough to know what a secure file deletion is. So in the end, free space starts to appear as just noise, someone can tell the drive is encrypted because the boot loader prompts you.
So say you reach a point where someone FORCES your to give your password/key out... (say extortion or a sopena)... are you out of luck then? lol... no!
What you do is hide a volume (or even an entire OS!) inside this volume. After all, free space appears as noise, so aslong as the space isn't written over, it still looks like noise. And thats what the system does, it marks this space as free, but data doesn't get written there. The only data that gets written in this free space is when your actually using this hidden volume. Its written with a different key (or possibly the same key with a different encryption method... or a different key and encryption method altogether). But here's the real bad ass part: You can put on OS on this volume, and on boot up, from the boot loader. Enter the normal key to bring up your regular encrypted disk, or enter your super secret hidden volume key and bust out a different OS James Bond style. When your 'adversary' forces your key, he gets your 'decoy' or 'duress' key and accesses your encrypted drive, but your super secret volume/OS is safe... it can't even be proven that it exists. Plausible Deniability.
No comments:
Post a Comment