• 0

With TrueCrypt gone, what are the alternatives, besides BitLocker?


Question

I'd prefer an open-source solution, but a paid version would be fine as long as it's cheaper than the $100 Win 8.1 Pro upgrade (the only way to get BitLocker AFAIK).

 

I want to use it to encrypt my laptop and my external music drive.

 

Thanks!

Link to comment
Share on other sites

Recommended Posts

  • 0

google for truecrypt alternatives. there are quite a few out there i would use over bitlocker. the fact that truecrypt website now recommands bitlocker and even has a guide how to migrate is scary itself. i dont wanna know how much money was involved. :s

Link to comment
Share on other sites

  • 0

google for truecrypt alternatives. there are quite a few out there i would use over bitlocker. the fact that truecrypt website now recommands bitlocker and even has a guide how to migrate is scary itself. i dont wanna know how much money was involved. :s

What a conspiracy!  Or maybe the developers got tired of their thankless work and wanted to push people to something that worked well.

Link to comment
Share on other sites

  • 0

Want to keep those Bieber albums top secret, huh? :laugh:

 

Seriously though, why would you want to encrypt a drive with only music on it? Just asking.

Link to comment
Share on other sites

  • 0

I'd prefer an open-source solution, but a paid version would be fine as long as it's cheaper than the $100 Win 8.1 Pro upgrade (the only way to get BitLocker AFAIK).

 

I want to use it to encrypt my laptop and my external music drive.

 

Thanks!

linux has built in HD encryption tool, give it a go

Link to comment
Share on other sites

  • 0

I found this one very interesting as an alternative to Truecrypt and most likely the one I will use. DiskCryptor. I found the video that shows it working:

 

I will likely try this later because in some ways it seems better than even truecrypt ever was. Especially with the boot disk functionality.

Link to comment
Share on other sites

  • 0

Dumb question, since I never had a TPM chip to just mess with... if you use a TPM chip to encrypt using Bit locker, and say the TPM chip is destroyed, it would in essence be impossible to ever recover the encrypted data?

Link to comment
Share on other sites

  • 0

Dumb question, since I never had a TPM chip to just mess with... if you use a TPM chip to encrypt using Bit locker, and say the TPM chip is destroyed, it would in essence be impossible to ever recover the encrypted data?

In principle, as long as you've created Bitlocker recovery keys (as per Bitlocker's instructions) you should be fine. I've never tried this myself though (certainly wouldn't want a destroyed TPM).

Link to comment
Share on other sites

  • 0

That's old, outdated, and it shouldn't be used (afaik). There's a new one called encryptfs, I think, or something similar.

It was audited recently in January 2014, but I guess lack of updates is a problem.

DiskCryptor would be my second recommendation.

And possibly do you mean eCryptfs?

Link to comment
Share on other sites

  • 0

I'd prefer an open-source solution, but a paid version would be fine as long as it's cheaper than the $100 Win 8.1 Pro upgrade (the only way to get BitLocker AFAIK).

 

I want to use it to encrypt my laptop and my external music drive.

 

Thanks!

 

 

...Windows 8.1, 8, and 7 pro all have Bitlocker. What OS are you using?

Linux has all sorts of free open source tools available if that's what you're using.  Ubuntu and Debian both offer you the option to encrypt an entire hard drive/partition or just your home folder on install, plus you can set up seahorse to generate a PGP key to use with Thunderbird or Evolution when sending e-mail.  The "Disks" utility in Ubuntu/Debian allows you to format external drives as an encrypted EXT4 filesystem.

 

From my understanding, Windows has Bitlocker.

 

All of the tools available for Linux probably have OSX ports/versions since it's just a super modified Unix port.

Link to comment
Share on other sites

  • 0

And possibly do you mean eCryptfs?

 

I'm not 100%, it may have been eCryptfs. I read that either on Ars Technica or Stack Overflow, and IIRC it was highly upvoted so I guess it must be true (because we know everything said on the Internet is true!). It was also mentioned that Fedora are in the process of removing or deprecating encfs, or something along those lines.

Link to comment
Share on other sites

  • 0

TrueCrypt hasn't suddenly disappeared or become insecure. Its developers have abandoned it. This means that

 

 - if vulnerabilities are discovered,

AND

 - the project was not forked, is not maintained and the vulnerabilities will not be fixed

 

then TrueCrypt will be insecure. But both of these conditions have yet to materialize. So far there is still plenty of interest around TrueCrypt, with an audit presently in progress, and it seems unlikely to remain unmaintained for long. If anything, it's likely to see more activity and fixes now that its original developers, who hadn't released a new version since 2012, have officially given up on it.

 

And NO I'm not going to use Bitlocker. With everything Snowden has released about wiretapping and backdoors I wouldn't rely on closed-source technology.

Link to comment
Share on other sites

  • 0

Dumb question, since I never had a TPM chip to just mess with... if you use a TPM chip to encrypt using Bit locker, and say the TPM chip is destroyed, it would in essence be impossible to ever recover the encrypted data?

 

BitLocker cannot be enabled on a bootable device unless a recovery method is generated and saved to a USB device or Active Directory.

 

For my personal devices I always disable Recovery Passwords.  They are limited to 48 numeric characters, and thus the easiest to brute force.  Recovery Keys are significantly stronger.  Depends on your tastes, or if it's being deployed to end users who may need to receive a recovery password to a laptop on the road over the phone.

 

You can always remove or add protectors after the disk is encrypted, so you can purge all recovery options if you really wanted to.  There may be a limit to how many total protectors can be assigned to a partition, but I've never hit it.

 

I have another post about BitLocker and TPM chips here:

https://www.neowin.net/forum/topic/1215495-truecrypt-shuts-down-due-to-alleged-security-issues/page-6#entry596428145

Link to comment
Share on other sites

  • 0

As of right now you can't claim any of that, we don't know if TC is safe, or if anyone with the right tool can bust open any TC volume in seconds and the devs found out and simply closed shop.

As for BitLocker. Again there's no magic key that can open all volumes it's pretty much impossible and any back doors would be detectable with the amount of scrutiny the code of such apps go through, you don't need the source to find such obvious exploits like back doors.

Link to comment
Share on other sites

  • 0

Some more TrueCrypt stuff, for those interested:

The audit will continue to Phase II and will look at how good the entropy is and will check for back doors in the random number generator

Also, the audit found that there were vulnerabilities, but no government back doors or anything deliberately put in https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

Maybe that's why they closed the project.

The 7.1a source code is available here:

https://github.com/FreeApophis/TrueCrypt

A fork has been made (from the same people who made the source available):

http://truecrypt.ch/

And they have every single TrueCrypt version you would ever want:

http://truecrypt.ch/download/

Link to comment
Share on other sites

  • 0

Some more TrueCrypt stuff, for those interested:

The audit will continue to Phase II and will look at how good the entropy is and will check for back doors in the random number generator

Also, the audit found that there were vulnerabilities, but no government back doors or anything deliberately put in https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

Maybe that's why they closed the project.

The 7.1a source code is available here:

https://github.com/FreeApophis/TrueCrypt

A fork has been made (from the same people who made the source available):

http://truecrypt.ch/

And they have every single TrueCrypt version you would ever want:

http://truecrypt.ch/download/

What does the fork mean with regards to the project? Is it possible that we might see a continuing trusted release?
Link to comment
Share on other sites

  • 0

Thanks everyone, I'll look into the various alternatives you've suggested. :)

 

 

...Windows 8.1, 8, and 7 pro all have Bitlocker. What OS are you using?

Windows 8.1 Home Premium. I would need to buy the 8.1 Pro Pack ($100) to get BitLocker. I'm not necessarily opposed to that, because there are other good features that come with the Pro Pack, but I want to see what my options are before spending that much money.

 

Want to keep those Bieber albums top secret, huh? :laugh:

 

Seriously though, why would you want to encrypt a drive with only music on it? Just asking.

Because I don't want some thieving jackhole enjoying the close to 2TB of music and concert videos I have on my external drive. I live on Long Beach, where property theft is an unfortunate reality.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.