topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday November 4, 2024, 9:39 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: TrueCrypt alternative  (Read 49200 times)

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,964
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #25 on: June 13, 2014, 06:07 AM »
^good post

So the alternatives to TrueCrypt could be:
TrueCrypt software - presumed to be unhackable.
Symantec PGP software - "proven" to be unhackable.
Microsoft BitLocker software + hardware - presumed to be unhackable.

I trust him, I trust him not; I trust him...

1lg098seesaw.gif
Tom

Midnight Rambler

  • Supporting Member
  • Joined in 2005
  • **
  • Posts: 228
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #26 on: June 19, 2014, 11:09 AM »
Have been following Lincoln Spector's advice for years and he recently posted this: Data-encryption alternatives to TrueCrypt.

Excerpt: Currently, I’m still using TrueCrypt. But I don’t know for how long. TrueCrypt, like many other public encryption applications, can be cracked with some effort and the right tools. With no updates, it might become more vulnerable over time. If a new version of TrueCrypt doesn’t rise from the ashes relatively soon, I’ll seriously consider moving over to Cryptainer LE or ME.

At this site, it's referred to as Cypherix rather than Cryptainer.
Compaq Presario 5716 (98), Dell Dimension 4700 (XP), Lenovo ThinkPad T530 (Win 7 Pro > Win 10 Pro).

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #27 on: June 19, 2014, 12:48 PM »
TrueCrypt, like many other public encryption applications, can be cracked with some effort and the right tools.
-Midnight Rambler (June 19, 2014, 11:09 AM)

What kind of effort and tools is he talking about?

TrueCrypt 7.1a is no less secure today than it was before this whole debacle started.  I've heard nothing that indicates that there's a vulnerability. In fact, the audit that so far hasn't found any evidence of a backdoor is far more evidence of no backdoor than any of the other suggested alternatives have (which haven't been looked at by an independent party at all).

I suppose it's possible that all the speculation that TrueCrypt has been weakened by the NSA  - either by planting a backdoor or by having discovered a vulnerability that hasn't been disclosed - is true, but it's all speculation as far as I know.

I doubt that any of the alternatives suggested are any more secure than TrueCrypt 7.1a, and quite possibly less secure. For example, while I don't know if BitLocker has been backdoored by the NSA, I think that a backdoor in BitLocker is at least as likely as a backdoor in TrueCrypt - and probably more likely.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #28 on: June 20, 2014, 02:32 AM »
@Midnight Rambler: Thanks for that info.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #29 on: June 20, 2014, 04:23 AM »
Useful ideas from windowssecrets.com newsletter:
(Copied below sans embedded hyperlinks/images.)
Data-encryption alternatives to TrueCrypt
By Lincoln Spector

It seems as if everyone who kept sensitive files secure did it with TrueCrypt. Edward Snowden depended on it. So did I.

But now that the popular disk-encryption app is effectively dead — at least for the foreseeable future — it's time to look for a replacement.

In last week's (June 12) Top Story, "The life and untimely demise of TrueCrypt," Susan Bradley reviewed the application's history and stated, "It's a mystery that we gave TrueCrypt such an extraordinary level of trust. It had dubious legal foundations, its developers were unknown, and its support was primarily relegated to forums that are now missing."

In this follow-up article, I'll discuss my own approach to protecting sensitive files, and I'll explain why I — unlike Susan — typically don't recommend Microsoft's BitLocker. I will recommend two file-encryption programs that might take TrueCrypt's place.

How safe is safe enough — and for what?
Let's use your home as an analogy. You probably keep your front door locked — at least at night and when you're away. You might have an alarm system or even bars on the windows. But your security system most likely doesn't match those used by New York's Metropolitan Museum of Art or the Getty Center in Los Angeles.

Why? Well, for one thing, you can't afford it. But mostly, it would be overkill. Few of us have anything in our homes that would attract the sort of professional thieves who might steal a Van Gogh.

To a large extent, the same rules apply to data. It takes a lot of time and skill to crack encryption, and most criminals are looking for an easy score. Even the NSA, which has the ability to crack all but the best encryption, probably won't bother. It might soak up everyone's cellphone metadata because that's relatively easy. But it reserves the hard work for the few people of interest.

That doesn't mean you shouldn't take precautions. Going back to that house analogy, encrypting sensitive files is like locking your front door — a reasonable and generally sufficient line of defense. (And you must ensure that unprotected bits of those files don't remain on your hard drive.) You also need to protect the encryption key with a long, complex password that's extremely difficult to crack — and be wary of phishing scams and other deceits that might trick you into handing over the key.

Which files should be encrypted and where?
You don't need to encrypt every file. We'll assume that neither the NSA nor criminals are really interested in your collection of cat photos or your daughter's term papers.

Obviously, you do need to protect files containing bank statements, credit-card information, and Social Security numbers — basic data about your personal identity. But you also might want to encrypt any information that you don't want others to see — and anyone else's personal information you might possess. The simple rule: If in doubt, encrypt it.

Your work might dictate different encryption procedures. For example, a small construction company might need to encrypt just a few financial and customer files, whereas nearly every file an accountant handles probably needs encryption.

The safest place for sensitive files is on an encrypted (and fully backed-up) partition or drive. File-by-file encryption can leave temporary, unencrypted copies on the hard drive. But if every sector on the drive is encrypted, these temporary copies will be unreadable as well.

I'm partial to using a virtual drive/partition — what TrueCrypt called a volume. This is typically a single, often quite large, encrypted file. When you open it with the correct password, Windows sees it as a standard drive from which you can launch files, manage them with Windows Explorer, and so on. When you're done, you close the volume and all files inside are once again inaccessible. Temporary and "deleted" files stay within the volume, so they, too, are encrypted.

You can, of course, encrypt real partitions. In fact, you can encrypt all partitions — including C:. Booting and signing in to Windows automatically opens these encrypted, physical partitions. But if someone boots the system from a flash drive or connects your hard drive to another computer, nothing will be accessible.

Arguably, this is the safest type of data protection. Because your entire hard drive is encrypted, even Windows' swap and hibernation files are locked. But full-drive encryption has its own problems. For example, you won't be able to pull files off an unbootable system by using other boot media.

Also, with full-drive encryption, all data files are accessible whenever you're signed in to the PC. They can be stolen by a remote cyber thief via malware or by a co-worker while you're on a coffee break. By contrast, you have to consciously open an encrypted volume, which can remain locked when you're in a not-so-safe environment — such as on a public Wi-Fi network.

Bottom line: Full-drive encryption makes the most sense if you work primarily and continuously with sensitive information — as in accounting. In most cases, an encrypted partition makes more sense; it's nearly as secure as full-drive encryption and offers more flexibility. File-by-file encryption is the least secure but is worth considering if you can't use drive/partition encryption, as discussed in the May 15 Top Story, "Better data and boot security for Windows PCs," and in a follow-up in this week's LangaList Plus.

BitLocker best for corporate environments
For many, Windows' own BitLocker encryption tool is the obvious TrueCrypt replacement. Susan Bradley put it at the top of her short list, and the infamous TrueCrypt warning on the SourceForge download page provides extensive directions for setting it up.

BitLocker comes with Windows 7 Ultimate and Enterprise plus Windows 8 Pro and Enterprise. It can encrypt real and virtual partitions or the entire drive. In my view, BitLocker has its place — primarily when managed by a PC expert in an office scenario. BitLocker is sort of set-and-forget; non-techie office workers can simply sign in and out of Windows in the normal way without even knowing (or caring) whether their files are encrypted.

But for personal use, BitLocker's password/key system can be overly complex or confusing. For example, when you set up BitLocker, you create an unlock password. (You can also have a BitLocker-encrypted drive unlock automatically when users sign in to Windows — or they can use a smartcard or PIN.) But you must also create a separate key-recovery password that's stored on the system if the PC has a Trusted Platform Module (TPM; more info) chip, or on a flash drive if it doesn't. Setting up BitLocker on a system without a TPM chip can take some time and admin skills.

Basically, if you don't have a newer PC and an advanced version of Windows, BitLocker is simply not a viable option. For an individual maintaining his or her PC, it's just another layer of complication.

Here are two better data-encryption applications for personal PCs.

DiskCryptor: For drives and partitions
Like TrueCrypt, DiskCryptor (info) is free. It's also open-source, though I'm not as confident as I once was that being open-source is an advantage. (As Susan pointed out last week, "There's even debate whether TrueCrypt qualifies as open-source."

DiskCryptor is designed to encrypt partitions. According to the DiskCryptor site, Windows 8 isn't supported. But it seemed to work fine encrypting a separate, nonboot partition on a fully updated Win8.1 Update system.

DiskCryptor's user interface is somewhat unattractive, but it's relatively easy to figure out. The program offers industry-standard AES, Twofish, and Serpent encryptions (see Figure 1). If you're really paranoid, you can combine them, encrypting first one way and then another.
DiskCryptor encryption

Figure 1. DiskCryptor lets you combine encryption technologies for extra security.

A simple wizard helps you quickly encrypt any partition — including C:. If you encrypt C:, you'll have to enter your DiskCryptor password before Windows will load. (If C: is your only partition, you've effectively encrypted the entire drive.) Note: As with all current, third-party encryption apps, you can't use DiskCryptor on a Win8 system's boot (C:) drive that has Secure Boot enabled. For more info, see "Reader disagrees with data-encryption advice" in this week's LangaList Plus (paid content).

Although DiskCryptor doesn't support TrueCrypt-like virtual partitions, you can use a real partition for a similar result. Use Windows' Disk Management program or a third-party partition tool to create a small, separate partition for your sensitive files. Then use DiskCryptor to encrypt that partition (see Figure 2). The result is much like a TrueCrypt volume, except that it's a real partition.
DiskCryptor menu

Figure 2. DiskCryptor's main menu for managing drive encryption

But using a real partition has some disadvantages. For example, the encrypted partition is clearly visible in Windows' Disk Management, though it's labeled as unformatted.

And backups can be tricky. The only way to back up the files when the partition is closed is with image-backup software. Using the default settings for EaseUS Todo Backup resulted in an error message, as shown in Figure 3. After selecting the sector-by-sector backup option, both the backup and the restore worked.
EaseUS Todo Backup

Figure 3. Backing up an encrypted partition with EaseUS default settings generated with an error message.

You can also open the partition and use a conventional file-backup program. But make sure it's one that has its own built-in encryption to secure your files.

On the other hand, backup is very simple with a virtual partition, which to Windows is simply another (really big) file. Keep the file in a standard folder — such as Documents — and it'll get backed up automatically and regularly.

Cryptainer LE: The tool for virtual partitions
If, like me, you prefer a virtual partition, Cryptainer LE (also called Cypherix LE; site) is the better option. The free version doesn't let you create a volume greater than 100MB (see Figure 4), but if you're judicious about what you encrypt, it might be enough.

And if it isn't enough, you can shell out U.S. $30 and get Cryptainer ME, which comes with a 2.5GB-file limit. Shell out $70, and you can create terabyte-sized volumes. But if you're going that big, you may as well encrypt the whole drive.
Cryptainer volume

Figure 4. The free Cryptainer LE lets you set up small encrypted volumes.

Cryptainer is easy to set up and use; the buttons are big and colorful, and — more importantly — they're easy to understand. Tabs help you use and control multiple volumes (see Figure 5).
Cryptainer main menu

Figure 5. Cryptainer LE has a simple menu system for creating and managing encrypted volumes.

When you set up a volume, the free version appears to offer AES 256-bit and Blowfish 488-bit encryption — but you actually get only 128-bit Blowfish. Again, for most people, that's sufficient. Blowfish 488-bit and AES 256-bit encryption are, obviously, enabled in the paid versions.

The choice: Stay with TrueCrypt or move on
If you don't already have TrueCrypt, either DiskCryptor or Cryptainer should do; it just depends on how you prefer to work with encrypted files. (Or, if your encryption needs are relatively simple, use file-by-file encryption as detailed in the May 15 Top Story.)

On the other hand, if you're already using TrueCrypt, you can probably stick with it — at least for a while. As Susan pointed out, a formal code review of TrueCrypt showed that it "does not have any back doors and still provides secure encryption that can't be easily cracked." (Note: There's still a downloadable version of TrueCrypt, but it's read-only — i.e., you can open encrypted volumes to remove files, but you can't create new ones.)

Currently, I'm still using TrueCrypt. But I don't know for how long. TrueCrypt, like many other public encryption applications, can be cracked with some effort and the right tools. With no updates, it might become more vulnerable over time. If a new version of TrueCrypt doesn't rise from the ashes relatively soon, I'll seriously consider moving over to Cryptainer LE or ME.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #30 on: June 20, 2014, 09:31 AM »
@IainB - thx for sharing that. For once I find myself almost entirely in agreement with WindowsSecrets about something important.

(Note: I do however have a problem with Cryptainer's tiered pricing scheme. In the past I've always had trouble recommending it (as in not) because of that. But that's likely more just me being me.  ;))

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,188
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #31 on: June 20, 2014, 10:49 AM »
@IainB - thx for sharing that. For once I find myself almost entirely in agreement with WindowsSecrets about something important.

(Note: I do however have a problem with Cryptainer's tiered pricing scheme. In the past I've always had trouble recommending it (as in not) because of that. But that's likely more just me being me.  ;))

Well, in the past, there were more alternatives :(  I wouldn't recommend diskcryptor just because they say that OSes are not supported.  Just because it seems to work when you encrypt it now, there's no guarantee that it won't stop working if they don't support the OS.  They presumably say that for some reason...

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #32 on: June 21, 2014, 02:01 AM »
...Just because it seems to work when you encrypt it now, there's no guarantee that it won't stop working if they don't support the OS.  They presumably say that for some reason...
I reckon that is a valid point, and if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes. That might be OK if you could trust Microsoft, but Microsoft's own actions would seem to have demonstrated that there is no rational basis for such trust - quite the opposite, in fact.

For example - DRM:
  • Microsoft kinda showed their colours in that regard when they unilaterally decided to embed the functionality of proprietary DRM (Digital Rights Management) into the otherwise apparently excellent WMP (Windows Media Player) several years ago, and then proceeded to cement that into the works right up until the present day. WMP will thus apparently refuse/disable playing of any music/media file that has a dodgy DRM key, and also it wants to phone home an awful lot, passing on goodness-knows-what information about one's media collection and PC to Big Brother's Head Office. A sort of electronic form of Brownshirt or one of Mao's card-carrying child revolutionaries. How could one trust that?

  • Why was Microsoft doing that? Presumably it hadn't been because the users were clamouring for DRM, but because MS had concluded a deal with the **AA to have DRM policing embedded into the OS for every PC as much as possible, for which MS would probably receive monies on some kind of a fee scale. From that perspective, and instigated so many years ago, it would seem to have been a very far-sighted move, and you can bet that the **AA probably didn't dream it up but had to be persuaded of its merit by a third party (i.e., MS).

For example - Stacker:
In the area of disk compression (and some encryption), MS arguably demonstrated its true colours in the '80s - refer:

Can MS be trusted not to behave like this in the future? Probably not.
The general rule would be that a good corporate psychopath - e.g., including such as Microsoft or Google - is a leopard that cannot change its spots, by law and as a legal person, and it would be irrational to expect it to do so, regardless of any corporate propaganda, hype or BS to the contrary (e.g., Google's reported "Do no evil").

There are some (a few) notable exceptions to that general rule that I am aware of, including:
  • Cadbury - founders were philanthropic Quakers.
  • CDC (Control Data Corporation) - founder was philanthropic.
- but this would be (or was) only true whilst they were still under the chairmanship of their philanthropic/Quaker founding presidents/families. However, CDC and Cadbury arguably would not have properly fitted the definition of being "a good corporate psychopath" in any event.
And then there was this curious statement from Apple's CEO:
He didn't stop there, however, as he looked directly at the NCPPR representative and said, "If you want me to do things only for ROI reasons, you should get out of this stock."
So, we know that the motivation is probably not philanthropy (QED - by their own marketing behaviour and the apparently confirmed reports of Apple's use of slave/sweatshop labour in Asian countries), and now we know (or are being told, apparently) that it's not always ROI - so what is it? The inescapable conclusion would seem to be that it could well be (in this case, at least) for religio-political ideological reasons. But that would be incredible - because Apple is an incorporated, for-profit legal person and is obliged to act in that regard at all times.
Thus it is more likely to be driven by the usual cynical corporate psychopathy, which in this case would be to make itself appealing to the huge financial backing of a large green/environmental investment lobby, which has taken on the definite shape of an investment cartel. So Apple's CEO is more likely just a very smart businessman and was dissembling, and he will be acting to increase ROI, since you can't fault investment in green/environmental can you - especially if it is a policy that is backed by the US government?
(Whoops! Did somebody just say "Solyndra"?)
But any sensible investor (those who matter, at any rate) would have known this and would have seen the CEO's statement for what it was - a clever response to appeal to that large green/environmental investment lobby/cartel.

So who can one trust for honesty and ethical integrity in the development of encryption technology? At this point, I would have said "TrueCrypt". (Ostensibly public domain, open technology, not-for-profit.)
Hmm, tricky.
« Last Edit: June 21, 2014, 02:40 AM by IainB, Reason: Minor corrections. »

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,188
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #33 on: June 21, 2014, 10:58 AM »
I reckon that is a valid point, and if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes. That might be OK if you could trust Microsoft, but Microsoft's own actions would seem to have demonstrated that there is no rational basis for such trust - quite the opposite, in fact.

Not exactly.  If you find an encryption tool that's valid for your current OS, then it should be valid up until the point that you change OS.  And you can take steps before you change to see (a) if that particular software supports your new OS before you install it, and (b) if not, find another and switch.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #34 on: June 21, 2014, 11:21 AM »
...because Apple is an incorporated, for-profit legal person and is obliged to act in that regard at all times.

Not really. There's no legal requirement they do so, contrary to the erroneous but widely held belief there is. That Apple (and other corporations) may, in practice, act as if there is such a requirement, is a separate issue.

An article over at the Washington Post by Neil Irwin has a good discussion about the myths and issues surrounding the notion of "maximizing shareholder value." Find it here.

From the article:

...There are no statutes that put the shareholder at the top of the corporate priority list. In most states, corporations can be formed for any lawful purpose. Cornell University law professor Lynn Stout has been looking for years for a corporate charter that even mentions maximizing profits or share price. She hasn’t found one.

Nor does the law require, as many believe, that executives and directors owe a special fiduciary duty to shareholders. The fiduciary duty, in fact, is owed simply to the corporation, which is owned by no one, just as you and I are owned by no one — we are all “persons” in the eyes of the law. Shareholders, however, have a contractual claim to the “residual value” of the corporation once all its other obligations have been satisfied — and even then directors are given wide latitude to make whatever use of that residual value they choose, as long they’re not stealing it for themselves.

It is true that only shareholders have the power to select a corporation’s directors. But it requires the peculiar imagination of a corporate lawyer to leap from that to a broad mandate that those directors have a duty to put the interests of shareholders above all others...


I think it's important to keep in mind that companies do what they do for their own reasons. There are no laws which compel them to behave in an immoral or abusive manner. That some in business attempt to claim there are such laws is simply a smokescreen put up in the attempt to avoid culpability for acts which often are illegal. So let's not get taken in by it.
 :)


IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #35 on: June 21, 2014, 02:09 PM »
@40hz: Though I am a bit rusty now, I don't think it will have changed much in UK Company law since I studied it years ago, where I recall that the link to any implicit obligation for financial performance is from the shareholders via the Articles of Association which is the document created when a company is initially formed. In short, the Articles are the legal means by which the shareholders may exercise control over the day-to-day operation of the company by the Board of Directors. In a for-profit company, the shareholders will require annual profitability and growth, and can/will turf out Board members who do not demonstrate an ability to meet or successfully pull the company towards those objectives.
They can do this via the mechanism of special or annual general meetings, where they can also confirm/re-elect well-performing directors, to retain them for another year/term, and elect new/additional directors, and vote on various proposed resolutions on the published AGM agenda.

The ROI for the "A" ordinary shareholders (i.e., those with voting shares entitling them to vote in the AGM) would usually be a combination of actual dividend/interest paid on their stocks (or accrued/retained) and the growth in market value of the share price. The shares have a nominal value, which will tend to be exceeded by the market value if the company is profitable. Other stockholders - e.g., "B" ordinary shareholders (non-voting), and debenture holders and preference shareholders, may have slightly different objectives for ROI peculiar to their stakeholding, but they will all share the common objective of making a profit out of their stakeholdings.

I thus must admit to a certain confusion when considering the notion of (say) running a FP (for-profit) company as though it were NFP (not-for-profit), since the idea itself would be absurd, the company would soon be wound up or need to have its Articles and tax status changed appropriately - a NFP would generally have different purposes, Articles and governance structure to a FP company.

I certainly do not consider myself an authority, and what I say generally comes from narrow but mixed experience including having previously been a chief accountant for a UK company, involved as an accountant in setting-up several small FP companies in the UK, acting pro bono as an accounting systems advisor to a leprosy charity based in the UK, acting as a tax accountant to a UK property company, having reported to a director on the board of a syndicated multi-bank off-balance-sheet banking subsidiary in Australasia, and being a director of two companies at present in Australasia, and from having also been a director on the board of the UK charitable trust for an international educational organisation based in Europe.

So, with that narrow experience, I would not be able to state definitively what the law might be relating to Apple or any other US corporation. Where I mainly got my information from in that regard was from a study of the history of the '80s corporate collapse syndrome in US and Germany, and from doing some research in 2004 after watching the fascinating documentary "The Corporation". It was the latter that led me to understand that US (and I think it included Canadian) corporations were different to UK companies in that they had some kind of an explicit legal objective to operate to maximise legally-earned profits and which thus encouraged/compelled management behaviours that could effectively sometimes make them operate as "corporate psychopaths" (which concept has been discussed quite a bit, elsewhere in the DC Forum). I regret if I was mistaken or if I took what the documentary talked about at face value and did not think to verify what the relevant US/Canadian company law actually was. I shall have to do some more homework now.    :-[
« Last Edit: June 21, 2014, 02:22 PM by IainB, Reason: Minor correction. »

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #36 on: June 21, 2014, 02:21 PM »

I reckon that is a valid point, and if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes. That might be OK if you could trust Microsoft, but Microsoft's own actions would seem to have demonstrated that there is no rational basis for such trust - quite the opposite, in fact.
Not exactly.  If you find an encryption tool that's valid for your current OS, then it should be valid up until the point that you change OS.  And you can take steps before you change to see (a) if that particular software supports your new OS before you install it, and (b) if not, find another and switch.

Not sure I understand you there. Are you trying to say that the argument:
if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes.
- is incorrect?

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,188
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #37 on: June 21, 2014, 03:09 PM »
I reckon that is a valid point, and if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes. That might be OK if you could trust Microsoft, but Microsoft's own actions would seem to have demonstrated that there is no rational basis for such trust - quite the opposite, in fact.
Not exactly.  If you find an encryption tool that's valid for your current OS, then it should be valid up until the point that you change OS.  And you can take steps before you change to see (a) if that particular software supports your new OS before you install it, and (b) if not, find another and switch.

Not sure I understand you there. Are you trying to say that the argument:
if you follow it to a logical conclusion, then one conclusion you could end up with is Microsoft BitLocker being arguably the only safe/stable encryption tool for the Windows OSes.
- is incorrect?

Yes.  The only argument I was making was that if they say its not compatible with the OS, they are probably saying it for a reason, and if they aren't supporting the OS, then just because it works now, doesn't mean it always will.  If they are *actively supporting the OS*, then I think if you trust it, the stability isn't really in question.  Changes within the cycle for an OS can affect any software, including Microsoft's.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #38 on: June 21, 2014, 11:34 PM »
@wraith808: Ah, I think I see what you meant. I think you pretty much made that point earlier too.
What I was suggesting wasn't refuted by that though, since it could still be correct as far as it went as a general possibility.
What I was alluding to was the possibility that the narrowing of choice of encryption systems by the abrupt removal of TrueCrypt from the market scene (coincidentally preceded by unusual and well-publicised FUD with only vaguely apparent sources) might not have been an entirely coincidental set of events.
Wouldn't it be a pleasant surprise for Microsoft if BitLocker came out as being suddenly the market's apparently best-choice best-man-left-standing encryption system? Ah, serendipity.

Some people (not me, you understand) might say that the open technology of TrueCrypt could have been just too good by far and too difficult for "criminals" to hack, and so had to be summarily executed, and that the criminals may wish to encourage us to use a standard proprietary encryption system which they had the keys to - as and when they might need them. And it would be good if we could be encouraged to pay for this at the same time. However, I couldn't possibly comment.
« Last Edit: June 22, 2014, 09:59 AM by IainB, Reason: Minor correction. »

The_Doomer

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 16
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #39 on: June 22, 2014, 06:12 AM »
Hi!

Maybe Veracrypt could be an alternative for Truecrypt.
PGP Fingerprint: F8FC 92DF AAD2 D91C 1B07  01A6 118F 251B 85EC 1FCE

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #40 on: June 22, 2014, 10:06 AM »
@The_Doomer: Thanks. Looks rather very interesting.   :up:
I wonder if Amazon AWS is a potential candidate for using Veracrypt? Maybe not without some difficulty, as I see the latter, though based on TrueCrypt:
VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.

PS: Nice icon you have there...

cyoung_mi

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #41 on: June 22, 2014, 10:52 AM »

Midnight Rambler

  • Supporting Member
  • Joined in 2005
  • **
  • Posts: 228
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #42 on: June 22, 2014, 12:10 PM »
Interesting read, cyoung_mi.  So stick with v7.1a for now until late summer of 2014. 
Compaq Presario 5716 (98), Dell Dimension 4700 (XP), Lenovo ThinkPad T530 (Win 7 Pro > Win 10 Pro).

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: TrueCrypt alternative
« Reply #43 on: June 22, 2014, 07:09 PM »
@cyoung_mi: Thanks for the link to the Gibson Research post. Very interesting.
Note that once TrueCrypt has been independently audited
it will be the only mass storage encryption solution to have
been audited. This will likely cement TrueCrypt's position
as the top, cross-platform, mass storage encryption tool.

This was why the developers' actions - attempting to pull the plug on TC - seem so strange, and premature. They would have known whether the audit was likely to find any major fault, and that their pulling the plug was unlikely to stop the audit completing in any event.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #44 on: June 22, 2014, 10:17 PM »
In the end I strongy suspect there'll be nothing at all mysterious or sinister behind any of this. I'm guessing they were simply hired by somebody, and were either required to ditch their old opus as a condition of employment/contract - or they did it on their own as a gesture of goodwill to whomever. Probably either Microsoft or Uncle Sam.
 :huh:


paulobrabo

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 88
  • The Brazilian Bomber
    • View Profile
    • Brabo Illustration
    • Donate to Member
Re: TrueCrypt alternative
« Reply #45 on: June 22, 2014, 11:47 PM »
In the end I strongy suspect there'll be nothing at all mysterious or sinister behind any of this. I'm guessing they were simply hired by somebody, and were either required to ditch their old opus as a condition of employment/contract - or they did it on their own as a gesture of goodwill to whomever. Probably either Microsoft or Uncle Sam. :huh:

I can't think of anything more sinister than that!  ;D
English will never be my first language, it doesn't meter how hard I try.

rnordstrom87

  • Participant
  • Joined in 2014
  • *
  • default avatar
  • Posts: 1
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #46 on: June 25, 2014, 02:38 PM »
I have been using skycrypt for few months and it seems to work for me. I tried the free trial from skycrypt.com. does anyone have experience with this?

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #47 on: July 03, 2014, 03:22 AM »
CipherShed is free encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project (coming soon):
https://ciphershed.org/

Midnight Rambler

  • Supporting Member
  • Joined in 2005
  • **
  • Posts: 228
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #48 on: July 03, 2014, 09:19 AM »
CipherShed is free encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project (coming soon):
https://ciphershed.org/

GUI appears like a TrueCrypt clone.  Looks promising.  Too bad it's still in development.  Thanks for the heads-up.
Compaq Presario 5716 (98), Dell Dimension 4700 (XP), Lenovo ThinkPad T530 (Win 7 Pro > Win 10 Pro).

Midnight Rambler

  • Supporting Member
  • Joined in 2005
  • **
  • Posts: 228
    • View Profile
    • Donate to Member
Re: TrueCrypt alternative
« Reply #49 on: July 07, 2014, 06:18 PM »
More alternatives: So long, TrueCrypt: 5 alternative encryption tools.

Once again, TrueCrypt 7.1 and DiskCryptor are recommended.
Compaq Presario 5716 (98), Dell Dimension 4700 (XP), Lenovo ThinkPad T530 (Win 7 Pro > Win 10 Pro).