Practical whole disk encryption, or, how to frustrate data forensics.

When you get right down to it, the best way for an attacker to get hold of your data is to shut the box down, pull the drive, and rip a sector-by-sector image to analyze offsite. It might not be quick (depending on the speed of the hard drive, speed of the storage drive, and a number of other factors) but if you're not there when it's done you might not know that it ever happened. However, if you encrypt data at the level of the drive, they can copy the drive all they want but they won't be able …

Read more...

FIXED - Truecrypt v6.0a released.

I'm well over a week late with this post, but better late than never. The Truecrypt Foundation announced on 8 July 2008 that v6.0a of Truecrypt, the cross-platform disk encryption package was released to the Net, along with its source code. Judging by the changelogs, it stands head and shoulders above the last releases (v5.1 and v5.1a) in several important respects. First and foremost, the new release takes full advantage of systems that have more than one CPU in them (like many laptops these days), so if you're using whole disk encryption storage I/O will be …

Read more...