TrueCrypt - Free hard drive encryption!

I just finished listening to the Security Now! podcast #133 that went into some detail about the newest version of the open source TrueCrypt hard drive encryption software. If you want to learn about computer security in practical ways I highly recommend the podcast in general, but this specific episode of the podcast is a very good review of the TrueCrypt software. You can download the podcast to listen here or read the transcript here.

I am going to talk a little about two really great applications of the encryption software but if you really want detail visit http://www.truecrypt.org and/or listed to the podcast I already linked to above.

As I have mentioned several times already in this post, TrueCrypt is encryption software that now allows you to encrypt your entire hard drive - including your boot or system partition! That is the new feature in version 5. There are some other neat things that it has been able to do in the past and it continues to do (like create an encrypted file that can be mounted as a new drive letter so that you could do something like put all of your many passwords into a text file and then have TrueCrypt encrypt them) but I really wanted to focus on this new functionality.

Why would anyone want to encrypt their entire hard drive? I think there are 3 primary reasons to encrypt your entire drive:

1. If you use a laptop/notebook/table PC.
2. If you have computers used with your business where you may have sensitive client or intellectual property stored on the hard drive
3. You are selling or giving your computer to somebody else

Let's talk about the first reason to encrypt your hard drive. You are used to thinking about things like what to do if you lose a credit card or cell phone. You call and have them deactivated so that nobody else can use them. Imagine if you lost your laptop. Granted, a laptop is not nearly as easily to lose since it is quite a bit bigger than a credit card or cell phone, but given enough distractions it is entirely possible to forget to take it back home with you. Even though you may have a Windows password required to logon to your laptop, in the wrong hands a standard installation of Windows is almost trivial to "hack" and get to the data on the hard drive. Imagine all of the personal data you have on your computer and just how much damage a bad guy with the personal information on your drive could do.

TrueCrypt solves this problem by encrypting your entire hard drive using modern (and thus far unhacked) encryption based on keys and a password. After installing the software you are required to provide your password that in combination with the random keys generated as part of the installation process are required in order to decrypt the data on your hard drive and therefore boot Windows are use the data in any way. Even with modern hard drive recovery tools without the keys and the password it is impossible for anyone (including yourself) to get to the data. So while you would be out the money it took to buy your laptop, if you have encrypted your hard drive at least a bad guy wouldn't be able to turn a sad event into the life altering even that happens when personal data and identity theft has taken place.

The second reason is very similar in nature to the first reason. The key difference is that you aren't likely to lose a desktop computer because you don't generally move them around. Instead, the concern here is that someone could break into your office and steal the computers. Again the cost of the computers themselves is lost in that situation, but the damage that could be done to you and your business with sensitive customer information or other intellectual property could be far worse.

The third reason is a different application of the encryption. Used computers are sold and given to others all the time. I believe that most of the time people don't actually think about just how much data is on the hard drive of the old computer they are getting rid of. Even if they do think of it, most attempt to "erase" the drive by formatting it. It is true formatting the drive would make it so that most people could not get to your data, but it isn't fail safe. Formatting a drive does not actually erase all the data of the drive, it just makes it really hard to get to. Even though in using TrueCrypt to encrypt the entire hard drive you aren't erasing the data, it actually becomes more inaccessible to others than it is by doing a format of the hard drive. In fact, as I went through the installation there was actually an option to have TrueCrypt "erase" the hard drive as part of the encryption process. I didn't do this since I still wanted to have my Windows installation function when I was finished, but from the look of the options it looks like there are even functions that would satisfy the requirements of the US government with regard to erasing data on hard drives they use.

It may be a bit technical to try and go through the TrueCrypt installation, that is always something hard for me to judge. But the installation did some pretty easy to me, and if you use the defaults settings in the dialog boxes you should be more than adequately protected.

The one other concern you should have about encryption is the overhead involved. Usually whenever you talk about adding encryption/security to anything you are also talking about slowing things down. I just installed TrueCrypt today so I can't tell you myself what the performance impact is of TrueCrypt, but on the podcast they talked about initial testing showing that performance actually improved! That's right, after installing TrueCrypt doing a disk defrag went faster. They guessed the reason for this was something called pipelining, but didn't know for sure what it was.

I have installed TrueCrypt on my laptop today (and wrote this post while it was encrypting the drive) and will see how it goes over the coming weeks. I think I will probably install it on all of my computers just to give me peace of mind.