TrueCrypt

I posted before about my Seagate 320GB USB drive that I use to store all my images. It slips into a pocket which is both very convenient and a huge danger. It is so easy to steal.

I decided to encrypt the whole drive using the TrueCrypt encryption tool. TrueCrypt is an open source free tool that works on Windows Vista/XP, Mac OS X and Linux. It is a small, straightforward tool that does exactly what it is supposed to do with no fuss. It has never given me any trouble. That’s the greatest thing you can say about utility software: most of the time I don’t know it is there.

TrueCrypt main screen

TrueCrypt allows you to either encrypt a whole drive or a file that acts as a virtual drive. It has lots of other features but these are the ones I use. Here is the top level feature list from the TrueCrypt web site:

  • Creates a virtual encrypted disk within a file and mounts it as a real disk.
  • Encrypts an entire partition or storage device such as USB flash drive or hard drive.
  • Encrypts a partition or drive where Windows is installed (pre-boot authentication).
  • Encryption is automatic, real-time (on-the-fly) and transparent.
  • Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
  • Provides plausible deniability, in case an adversary forces you to reveal the password: Hidden volume (steganography) and hidden operating system.
  • Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.

Now I have encrypted my Seagate backup drive, if anyone steals it and mounts it on their computer it looks like an empty volume. There’s no hint on the disk even that I used TrueCrypt. If my PC annoys me and I do what so many advise: ‘get a Mac’ I can attach my Seagate drive, transfer my backed up Lightroom catalog and be up and running in no time.

I have also encrypted about half of the 250GB drive on my Compaq laptop. I store all my data there including the current year’s photos in Lightroom. So Lightroom sees that volume on my laptop (drive M:) and the 2008 photos on the attached drive (drive N:). When 2010 comes I will tell Lightroom to look on N: for the 2009 images, delete them from M: and store 2010’s images there instead with a backup on N:. This is a bit hard to explain but it works for me.

I know that Windows XP Pro and Vista support encryption. I used that with my Thumbs Plus setup. The problem was when my old Sony laptop crashed and I wanted to use the external drive I was then using with a new PC. With Windows the encryption is linked to the user that encrypted the volume. This makes it a bit more transparent but it means that if I want to mount the encrypted files on another machine even with the same user name/password Windows will not decrypt the files. (Windows identifies the user using a GUID, not the name).

I am sure Microsoft thought this through when they designed the encryption facility, but they did not consider my use case. Fortunately I had an unencrypted backup on CD so I didn’t lose all my files but it was a close run thing.

One annoyance whenever you buy a disk is that the actual capacity is far less than the published capacity. Seagate says I bought a 320GB drive but TrueCyrpt only sees 298GB. I don’t know where the other 22GB – 7% – went.

I would have encrypted my entire PC drive but TrueCrypt doesn’t support that under XP – only Vista. I am sticking with XP for reasons I may explain in another post.

Advertisements

5 Responses to “TrueCrypt”

  1. GB-in-TH Says:

    I just upgraded to the latest version of TrueCrypt: 6..2a. The entire download is just 3MB and the upgrade was completely painless. Oh that all my software is this simple.

  2. GB-in-TH Says:

    BTW – your 7% space loss is California Sales Tax.

  3. My Workflow « Bkkphotographer's Blog Says:

    […] logging on to XP I mount the backup drive with TrueCrypt […]

  4. There’s no perfect way to back up your hard drive – SiliconValley.com « Bkkphotographer's Blog Says:

    […] I could work on recovering it – it has not failed completely. I think it is the USB 2.0 interface that has failed, not the physical drive. Any recovery would be complicated that the whole drive is encrypted with TrueCrypt. […]

  5. Storing Data in the Cloud Has Drawbacks « Bkkphotographer's Blog Says:

    […] Anything else is held in encrypted storage using a tool that I trust: TrueCrypt. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: