 |
12-16-2013, 10:14 PM
|
#1 | ||
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Personal Computer Encryption
I use encrypted Western Digital HDs for backups and they work great, particularly since I keep one offsite in our safety deposit box.
However, I'm getting a little more paranoid. My wife and I are to the point that it's much more dangerous to lose the data and the possible identity theft than replace the laptop itself. Sure, at businesses, laptop encryption has been going on for years but I've always thought it too much a hassle to do at home. Truecrypt looks like the easy winner for freeware encryption. But before jumping in, I'm curious of thoughts for anyone that's done it:
SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
||
|
|
|
12-17-2013, 01:19 PM
|
#2 | |
|
College Benchwarmer
Join Date: Nov 2003
|
Quote:
I've used it for several years now and have not had any problems.
__________________
“The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding.” United States Supreme Court Justice Louis D. Brandeis |
|
|
|
|
|
12-17-2013, 01:36 PM
|
#3 |
|
Mascot
Join Date: Mar 2002
Location: Kansas City, Kansas
|
I have used Truecrypt for a couple of years on some Win XP laptops and have had no issues. It was pretty easy to set up. The users have not noticed any kind of performance impact. I have not used it on SSD's so I can't speak to that.
I just used the entire hard drive encryption option so it would probably be classified as a basic installation so I can't speak to the advanced options. Overall I am very satisfied with it especially considering the free aspect. Todd |
|
|
|
|
12-17-2013, 01:43 PM
|
#4 |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Yeah- I'm just looking for a simple "full hd" option. The idea is, as described: if someone stole my laptop from the house or while I was at the airport or whatnot, I can have some piece of mind that my hattrick spreadsheets and vacation pictures will not be used for nefarious purposes. Oh, and the other types of stuff that could be more dangerous in the wrong hands.
SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
|
|
|
|
12-17-2013, 01:49 PM
|
#5 |
|
Death Herald
Join Date: Nov 2000
Location: Le stelle la notte sono grandi e luminose nel cuore profondo del Texas
|
There is one potential gotcha with SSDs and TrueCrypt. You mentioned a concern about uneven wear and premature drive failure with SSDs. The way you mitigate that is if the drive supports TRIM. But the way TRIM works is that it marks "deleted" space as free without actually deleting the contents. It is a bit esoteric, but that info could be useful to someone who was trying to break into the contents of the drive.
That probably isn't a deal breaker in your case, but it has been for one of our government clients.
__________________
Thinkin' of a master plan 'Cuz ain't nuthin' but sweat inside my hand So I dig into my pocket, all my money is spent So I dig deeper but still comin' up with lint |
|
|
|
|
12-17-2013, 07:52 PM
|
#6 | |
|
College Benchwarmer
Join Date: Nov 2003
|
Quote:
I have mine set up as a 4g file so I can back it up to a dvd. Then set it up to load on boot. So when I boot, a popup asks for my password, and from then on it is treated as just another hard drive. Works well for me, but as always YMMV.
__________________
“The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding.” United States Supreme Court Justice Louis D. Brandeis Last edited by Surtt : 12-17-2013 at 08:01 PM. |
|
|
|
|
|
12-17-2013, 08:52 PM
|
#7 |
|
Coordinator
Join Date: Jul 2003
Location: Here and There
|
Is this a Mac? Because it has native encryption - FileVault2.
|
|
|
|
|
12-18-2013, 06:45 AM
|
#8 |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Nah, a pair of PCs with Win 7. Windows comes with BitLocker now but it's only for Ultimate, Enterprise, or Super Duper Edition (or whatever- I can't keep their SKUs straight)
SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
|
|
|
|
12-18-2013, 09:40 AM
|
#9 |
|
Head Coach
Join Date: Oct 2000
Location: Colorado
|
May I ask what is stored on the HD that is so sensitive?
|
|
|
|
|
12-18-2013, 10:23 AM
|
#10 | |
|
Hall Of Famer
Join Date: Oct 2002
Location: Massachusetts
|
Quote:
__________________
Get bent whoever hacked my pw and changed my signature. |
|
|
|
|
|
12-18-2013, 10:55 AM
|
#11 | |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Quote:
We just got a house so I have digital copies of the mortgage paperwork, will, some tax forms- those sorts of things. It's not a lot but it's enough to make us concerned. We could just go with paper copies for everything but there's also danger to that, too. We have lockable filing cabinets but if someone is in our house long enough, they'll be able to break into those, too. We figure the best thing is to have a single paper copy in the safety deposit box at the bank and a digital copy on the computer. Also, I'm a little overly paranoid about what someone could do with my computer access. While I store very few (and I think all harmless) passwords in my browser, I worry what someone could do if they got my laptop. If there's some site I forgot about, that's access to Amazon, ebay, my credit card sites, etc- the nightmare it would take to clean up the identity fraud is enough to make me try to do an ounce of prevention to avoid the pound of cure. SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
|
|
|
|
|
12-18-2013, 11:05 AM
|
#12 | |
|
Death Herald
Join Date: Nov 2000
Location: Le stelle la notte sono grandi e luminose nel cuore profondo del Texas
|
Quote:
Stay tuned. Our company is working on a Dropbox-like service that uses PKI encryption, so you'd be able to store just the stuff you are worrying about encrypting there, and not have to deal with the hassle of encrypting your entire computer.
__________________
Thinkin' of a master plan 'Cuz ain't nuthin' but sweat inside my hand So I dig into my pocket, all my money is spent So I dig deeper but still comin' up with lint |
|
|
|
|
|
12-18-2013, 11:12 AM
|
#13 | |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Quote:
That's a major "fuck no" from me (others, YMMV). I don't trust the cloud any further than I can throw it with day to day stuff since, honestly, it is available at the drop of a hat by any number of bad actors. And I'm not talking about silly government surveillance (also a problem) but I have yet to run across a company that doesn't have some substantial holes in their security policy. So if it's something important enough that I'm considering encrypting my hard drive to protect, it's not going up into the cloud. SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
|
|
|
|
|
12-18-2013, 11:22 AM
|
#14 |
|
lolzcat
Join Date: Oct 2000
Location: sans pants
|
How do you deal with disaster recovery if everything is local?
edit: nevermind. safety deposit box.
__________________
Superman was flying around and saw Wonder Woman getting a tan in the nude on her balcony. Superman said I going to hit that real fast. So he flys down toward Wonder Woman to hit it and their is a loud scream. The Invincible Man scream what just hit me in the ass!!!!! I do shit, I take pictures, I write about it: chrisshue.com Last edited by Subby : 12-18-2013 at 11:23 AM. |
|
|
|
|
12-18-2013, 11:31 AM
|
#15 | |
|
Death Herald
Join Date: Nov 2000
Location: Le stelle la notte sono grandi e luminose nel cuore profondo del Texas
|
Quote:
That's the thing, only the key that you possess can unlock it. It gets encrypted on your computer before it ever leaves. So no man-in-the-middle attack. Even if someone is able to get access to the file in the cloud, they won't be able to unlock it unless they also have the private key that is on your computer (or ideally on a thumb drive or other portable storage that can be removed and locked up when not needed). Our company has no way of viewing the contents. And with a 2048 bit asymmetrical elliptic curve algorithm, it is in the thousands of years of CPU time to break the key. Of course, if there is a keylogger or something like that on your computer, then any encryption is moot. This article from Ars Technica is a high level overview of the kind of encryption we are using, and we were recently issued a couple of patents on the work we've done. A (relatively easy to understand) primer on elliptic curve cryptography | Ars Technica EDIT: We realize we face an uphill battle with the perceptions of no security in "the cloud".
__________________
Thinkin' of a master plan 'Cuz ain't nuthin' but sweat inside my hand So I dig into my pocket, all my money is spent So I dig deeper but still comin' up with lint Last edited by cartman : 12-18-2013 at 11:38 AM. |
|
|
|
|
|
12-18-2013, 12:31 PM
|
#16 | |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Quote:
This is actually my biggest fear, from a security perspective. EDIT: As to the "no security in the cloud" point, you can see where that perception comes from. You issue the key, you issue the space- there is, in theory, a procedural way to crack it from your end if your processes are not ironclad and I have yet to see any that are. It takes a black hat to do it, but lots of places have them SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" Last edited by sterlingice : 12-18-2013 at 12:32 PM. |
|
|
|
|
|
12-18-2013, 08:25 PM
|
#17 |
|
Head Coach
Join Date: Oct 2000
Location: Colorado
|
I, too, would not trust the cloud for anything personal, sensitive or valuable.
SI, been thinking about your list. I know of others as well as personal experience that your name, address, mortgage lender, credit card numbers, phone numbers and social security number are public records - some more readily available than others. |
|
|
|
|
12-18-2013, 09:32 PM
|
#18 | |
|
Death Herald
Join Date: Nov 2000
Location: Le stelle la notte sono grandi e luminose nel cuore profondo del Texas
|
Quote:
No, we don't issue the key, you generate it on your local machine. Yes, we host the space, but without the key you generate the data in the space is useless.
__________________
Thinkin' of a master plan 'Cuz ain't nuthin' but sweat inside my hand So I dig into my pocket, all my money is spent So I dig deeper but still comin' up with lint Last edited by cartman : 12-18-2013 at 09:33 PM. |
|
|
|
|
|
12-18-2013, 11:35 PM
|
#19 | |
|
Coordinator
Join Date: Jul 2003
Location: Here and There
|
Quote:
You guys sound like grandmothers who stuff money in their mattress. You realize the risk of your laptop getting stolen is far greater than some hacker breaking into your google drive account assuming you have a decent password? You need to differentiate between transactional security like banks, retailers, etc., which is constantly getting hacked for a variety of reasons and storage security, which is not. |
|
|
|
|
|
12-19-2013, 11:30 PM
|
#20 |
|
Coordinator
Join Date: Jul 2003
Location: Here and There
|
Well shit. I guess I picked the wrong day to buy some Legos at Target.
|
|
|
|
|
12-19-2013, 11:49 PM
|
#21 |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Back to the mattress with your money?
SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" Last edited by sterlingice : 12-19-2013 at 11:49 PM. |
|
|
|
|
12-20-2013, 12:42 AM
|
#22 |
|
Coordinator
Join Date: Jul 2003
Location: Here and There
|
Yes - but my Excel file tracking it is still in Dropbox!
|
|
|
|
|
12-24-2013, 08:30 PM
|
#23 |
|
Hall Of Famer
Join Date: Apr 2002
Location: Back in Houston!
|
Truecrypt has worked well so far. I get an occasional slowdown from time to time, but, in general- very little performance hit. Fairly idiot-proof, too
SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out! Janos: "Only America could produce an imbecile of your caliber!" Freakazoid: "That's because we make lots of things better than other people!" |
|
|
|
 |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
|
|
