Hands-On With TrueCrypt 5: Open Source System-Wide Encryption - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Enterprise Architecture
Commentary
2/13/2008
12:43 PM
Serdar Yegulalp
Serdar Yegulalp
Commentary
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Hands-On With TrueCrypt 5: Open Source System-Wide Encryption

Scarcely a week goes by these days without word of the theft of a computer with sensitive personal information on it.  It's gotten that much easier to protect such data with whole-drive encryption, but those kinds of solutions have typically been proprietary, like Windows Vista's BitLocker (which isn't available in all versions of Vista, either).  Now comes version 5 of the fre

Scarcely a week goes by these days without word of the theft of a computer with sensitive personal information on it.  It's gotten that much easier to protect such data with whole-drive encryption, but those kinds of solutions have typically been proprietary, like Windows Vista's BitLocker (which isn't available in all versions of Vista, either).  Now comes version 5 of the free and open source encryption system TrueCrypt, which features -- you guessed it -- whole-drive encryption.   My associate George Hulme touched on TrueCrypt before, but I decided to try encrypting my Windows notebook with it and see how it held up.

TrueCrypt itself has been around for some time now, and runs on all major OSes (Win/Lin/Mac).  Instead of encrypting individual files, it lets you create a virtual volume -- either stored in a file or directly on a disk partition -- which is encrypted on the fly as you read from and write to it.  The biggest new feature in TrueCrypt 5 is the ability to encrypt a system's boot volume -- exactly the same feature as Windows Vista's BitLocker, but without the premium cost involved.  And in this case, it doesn't even require Vista.  Windows XP, Windows 2003 Server, and Vista are all supported.

The encryption process for a drive can be done in the background while you work, and even suspended and resumed across multiple user sessions.  This is the slow and boring part; you'll probably want to set this up to run overnight.  You can do work with the system while it's being encrypted, but at a performance penalty.

Another thing I like about TrueCrypt is that there's been some thought lent to disaster recovery.  Any time you encrypt a whole boot volume, you'll also be required (not "allowed," required) to build a rescue disc that can be used to boot or repair the system safely in the event the volume header gets damaged.

When encryption concludes and you reboot the system, you're presented with TrueCrypt's boot loader program, which requires that you supply a volume password before the OS itself can be booted.  (Side note: I confess that I haven't done any direct investigation into how secure this part of the program is, since it seems like one of the first and most likely vectors for attack.)  The boot loader can be multi-OS aware, so if you boot Windows plus something else on the same system you won't be left out in the cold.

If it weren't for the icon in the system tray, I'd scarcely be able to tell a TrueCrypt-encrypted system from an unencrypted one based on performance.  Barring a somewhat slower boot-up, most everything runs with no perceptible performance loss, although I'd hazard a guess you'd see different results depending on the hardware and the encryption standard used.  (I chose AES with a 256-bit key, the fastest-benchmarked algorithm available through TrueCrypt.)

One major drawback for notebook users: Hibernation is not yet supported.  If you attempt to put the system into hibernation mode, it will force a shutdown instead.  Best to disable hibernation entirely on encrypted notebooks until they get this particular feature ironed out.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
AI Regulation: Has the Time Arrived?
John Edwards, Technology Journalist & Author,  2/24/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll