Survivalist Forum banner

1 - 4 of 4 Posts

1,554 Posts
Discussion Starter #1 (Edited)
OK, so you read Solidus' sticky on securing your computer from viruses and the like. Now that your sensitive data is insolated from trojans... What are your options if your computer or drive is lost or stolen? That login password you have isn't worth squat when someone takes your drive out and mounts it externally, pulling your data off at will. Lovers of tinfoil will be quick to note that Homeland Security or the IRS can confiscate your stuff pretty much whenever they want to. So, what can you do to guard against that?

That's where encryption comes in. You have numerous options, depending on the OS you use.


There are a number of free solutions available. My personal favorite of these is Truecrypt.

It works with both Linux and Windows, and is very flexible: it allows you to encrypt an individual file, set up a "container" that can only be accessed with a password, or even encrypt your entire hard drive. It uses 256-bit AES encryption by default, which is the Department of Defense standard for anything designated "Top-Secret." The tinfoil-hat crowd can even add multiple layers of encryption with different encryption methods and passwords.

Example: I currently have a 4 GB USB stick set up with a 3 GB container (renamed to look like a video file), and the remaining gig is free and open. When you try to access my USB stick, it looks like it has a big movie in it that just doesn't work when opened. I keep a portable version of the truecrypt software on the free part of the stick (renamed to something innocuous), so I can unlock the container and access my files on another windows machine if necessary. The few people savvy enough to realize the big file is an encrypted container will need some supercomputers and at least a few years to brute-force it (assuming your password is good). This took me 3 minutes to make, following a tutorial Truecrypt gave me after installing it.

Vista users:
I believe the Enterprise and Ultimate versions of Windows Vista come with an application called Bitlocker, which allows you to encrypt your entire drive with AES 128-bit encryption. You can unlock it at boot with either a password, or a USB stick inserted at boot (like using a car key to turn the ignition).
Configuring BitLocker

Mac OS X users:
You all have an option called FileVault. It works in a similar fashion to Microsoft's BitLocker, though it encrypts just your home folder. Your password at login unlocks your personal home folder.

Bitlocker vs FileVault comparison

Linux users can do either of the above setups, with more or less technical difficulty.
Use a USB key to decrypt and unlock your computer at boot
Installation and setup of TrueCrypt

The one big caveat to doing this, is that you must use some sort of key to "unlock" an encrypted volume, such as a special file, a USB stick, or a password. If you lose that key, you will find out just how secure your data is :D:

The simplest and safest solution is to encrypt your entire hard drive with one of the above methods, or encrypt an external drive. Keep in mind that if you create a file on an unsecure drive and move it to an encrypted drive, you will still leave a trace of recoverable data in temp folders. Even "deleted" data can be recovered if not overwritten multiple times.

For Windows, programs like Eraser will wipe your free space to eliminate old traces of data, or let you "shred" a file when you drag it to the recycle bin. Mac users have this option built into OS X already:
an informative tutorial for Mac secure deletion

A lot of people will simply store a usb key or CD in a lock box or safe, which is a fine option- but it doesn't hurt to have a digital equivalent to back up that lockbox should it get broken into or stolen. Plus, how secure is the computer you used to make those files? You can bet there is a residual copy there.

Anyone else have suggestions or questions?

Scarred for life...
3,295 Posts
Thanks. I just figured out how to work with truecrypt last night.

I started out encrypting a usb drive and last night I encrypted and decrypted a DVD disk with 4.3Gb of data on it, just to prove it could be done to a friend. I have a 160Gb MyBook drive that I will eventually encrypt when I find a place to put all the data already on it. I may just splurge on a 1Tb usb drive and go that route...

My biggest problem is the password. I typed in a short (10 character) password and truecrypt told me it was not good enough and could be easily broken with a brute force attack. I finally went with a 64 character password.

What is a good way to have access to a large password without it being accessible to others? Any ideas?

I run ccleaner on my computer everyday. It basically removes all trace of various files left on my computer after being online.

I forgot all about eraser though. I just downloaded it and am running it on my computer as I type this.

I also run peerguardian occasionally. Its amazing to have this program running and see who is trying to see who you are when you go to certain sites.

tinfoil bandana
1,164 Posts
There is the mnemonic device to secure passwords, i.e. using just the first letter from a favorite quote plus a few numbers that have meaning only to you, but even this can be cumbersome with a 64 bit key.

I used to use 'l33t 5p33k' to make passwords, but everyone knows how to read that these days.

At some point, you need to write down passwords, unless you have a far better memory than mine.

Got any beer money?
371 Posts
I agree with you on TrueCrypt6.

It's very good, "true" data encryption that even the government can't break (at least according to all the third-party research I did). It's very easy to use and best of all IT'S FREE!

I know you guys will doubt the benefits of anything that is free. So research it yourself, you'll be glad you did.

It also had no ill effect on my system (no spyware, adware, pop-up crap, auto-updating, none of that [email protected]).

Next to GHOST, it's the best software I ever put on my computer.
1 - 4 of 4 Posts