![]() ![]() Rather, it’s a disk encryption tool that can protect an entire hard drive or a specific. IMHO, anything less than that is criminal negligence on a system with important data. Although your files are technically encrypted, BitLocker doesn’t handle them on a file or folder level. Windows encryption tools BitLocker is built into select versions of Windows. ![]() I use full-disk LUKS (including root partition) on my laptop, and it's gone through many fscks without problems.Īt any rate, you are going to perform at least nightly full backups, aren't you? So a crash should not wipe out a lot of work. Here’s a look at a few full disk encryption options that can take the sting out of TrueCrypt’s sudden disappearance. Encryption is always per sector, and disks are written per sector, so usually you'll lose any sectors that weren't written properly, with or without encryption. So I would recommend LUKS (though Truecrypt is a viable option as well).ĭoes TrueCrypt of LUKS offer the best stability / recovery in an event of a crash? At any rate, most Linux FS have no Windows driver anyway. But that is really only relevant for portable drives/media. The only advantage I can see for Truecrypt is that its Windows support is better, so it's easier to mount a Truecrypt partition under Windows. I'm not even sure if TrueCrypt can encrypt the root partition at all. Setting this up by hand can be a bit tricky (though doable), so distro integration helps a lot.Īt least Debian and Ubuntu offer encrypted root via LUKS in the standard installer, so that's a point for LUKS. For security reasons, you almost certainly want to encrypt all partitions (including /), which is called "encrypted root". This is definitely based on emotions and not in fact, so Veracrypt is at no fault.Well, as other have pointed out, LUKS is generally better integrated into current distributions. One fear I have is that since Veracrypt is not built-in, it is much more likely to get corrupted and lead to data-loss. Is this a mistake? Other than being open-source, is Veracrypt better in some way? Performance? Security? I considered using Veracrypt and although I love its container encryption feature, I admittedly did not give its FDE a chance because I figured MS's implemented would be more streamlined, since it was baked directly into the OS. The TrueCrypt standing page has details on how to to that. You create a VHD/VHDX and then use Bitlocker to encrypt that. ![]() I am currently using Bitlocker on Windows 10 Pro to encrypt my system drives. If you used a TrueCrypt Volume to keep your personal files in that you mounted/unmounted on demand, you can do the same with Bitlocker. Also for future consideration - this kind of tech is constantly being updated (TPM 1.2 vs 2.0 for example), so my OCD would go hay-wire if I wasn't running the latest & greatest. I know it's only $15, but honestly it's just one more thing to pay for, do, and install. We decided to compare the features and performance of both solutions. Does having TPM have any other benefits I am not thinking of? TrueCrypt is open source and offers even more flexibility. Is it all that bad if I don't have a TPM installed? I have the recover key(s) locked down in another fashion. TPM basically locks down the encryption if the user is removing the HD from the system. We in the open source community need to devote more resources and money to having this audits done, which is occurring now. I searched Ars, I Googled and wanted to make sure I understood this correctly: While truecrypt has not be audited yet, the fact that is can be makes it 100000000x better than Bitlocker, there is the abilty independently audit, with out the permission or NDA of the project. By chance, I stumbled upon some TPM modules on Amazon and was considering purchasing one. However, the performance penalty is quite acceptable, and. ![]() I used group policy to bypass the TPM requirement and up until now used it without even knowing was TPM was. Bitlocker, unlike TrueCrypt, supports TRIM (leaves empty parts empty and unencrypted). Running real-time encryption on your system drive has a performance impact, whether you're using Microsoft's BitLocker or TrueCrypt 6.3a. It's been a long time and glad to see the Ars Hive Mind™ is still alive and well. ![]()
0 Comments
Leave a Reply. |