Monday, February 12, 2007

TrueCrypt keeps data safe from laptop thieves

TruecryptTrueCrypt is a free utility that keeps data safe from prying eyes. It works invisibly and seamlessly, and it is simple and easy to set up and use.
You create an encrypted "volume", which is basically a large encrypted file. This is made available to Windows as another "drive" with a drive letter, such as M:. You treat the drive as just another drive, and you can create folders, edit files, defragment it, and do anything else you would normally do with a drive. The difference is that the contents of the drive are stored in encrypted form on the actual hard drive, and the only way anyone can see the contents of the M: drive is to open the drive by providing the required passphrase. This is a long password and is generally a sentence or something you can remember.
The encryption is so strong that it could take centuries for a very powerful computer to figure out the password. Basically the only practical way to read the files on the M: drive is to put a gun to the laptop owner's head and tell him to type in the password. For the casual laptop thief the only useful thing to do with the encrypted volume is to delete it or format the entire hard drive. Even the most determined hacker will have to use devious means to get hold of the password, such as bribing someone, blackmailing them or getting them drunk or stoned. Perhaps a surveillance video would give them clues, or using a keylogger. All of these methods rely on the weakest part of computer security: people. The software is basically bulletproof.
Last month a laptop was stolen from a Men's Clinic branch. Because we use Truecrypt on all the laptops, we didn't worry about losing the data. And the least of our problems is that data, sensitive as it is, getting into the wrong hands. If you are using a laptop with sensitive or embarassing data on it, you need to protect it with TrueCrypt.

No comments:


Warning: The NSA and 4 million other sick weirdos with "security clearance" have intercepted this page and know that you are reading it.