Jump to content

Recommended Posts

Posted

Hi guru's.

Just wondering if anyone here can give personal recommendations on encryption software.

I run a small business and deal with from time to time documents which are commerically in confidence from my clients.

I do the normal stuff, password protect word and excel documents, work via VPN most of the time. But I think I'd prefer to have some sort of encryption software as well.

I've read on the net that TrueCrypt was the standout choice, but it seems the developers got sick of maintaing it and it is no longer supported.

So any suggestions would be greatly appricated.

Many thanks in advance.

Posted

Truecrypt version 7.1a is the version of choice for many people.

The devs abandoned the project by the looks of it but 7.1a from a few years back is still widely in use.

  • Like 2
Posted

Thanks very much.

UKrules - was leaning towards 7.1a as many reviews still rate it. I worry about the lack of support however for bug fixes etc.

Daft - thanks also for the link. Lots of ideas there. And yes, been away for a bit. On holiday for a month and not much of an Internet connection. Was lovely!

  • Like 1
Posted (edited)

I use TrueCrypt 7.1a and I sleep well at night. Unfortunately when I switched my laptop to Win8 I was no longer able to encrypt the entire drive with TrueCrypt and so I use BitLocker for that instead. It doesnt contain anything of huge interest to anyone apart from me, and my passwords and other important data are also embedded in a KeePass file on the Bitlocked drive, which should offer more protection.

Everything probably has NSA backdoors anyway, if the truth were known.

Edited by KittenKong
  • Like 1
Posted

I have been using DriveCrypt for years. Never had an issue with it.

I am currently running BestCrypt on my Surface Pro 3 in full disk encryption mode.

I also use TrureCrypt 7.1a for encrypted containers when I need to move files around securely.

All work well, but only TrueCrypt is free.

  • Like 1
Posted

As for truecrypt see below, and yes I do use it still.

Mysterious announcement from Truecrypt declares the project insecure and dead

The abrupt announcement that the widely used, anonymously authored disk-encryption tool Truecrypt is insecure and will no longer be maintained shocked the crypto world--after all, this was the tool Edward Snowden himself lectured on at a Cryptoparty in Hawai'i. Cory Doctorow tries to make sense of it all.

The Sourceforge project page for Truecrypt now sports a cryptographically signed notice that Truecrypt should no longer be used as it is not secure. The news came on the heels of a crowdfunded $70K security audit of the open source, anonymously maintained software giving it a relatively positive initial diagnosis. The announcement -- signed by the same key that has been used to sign previous, legitimate updates -- links Truecrypt's deprecation to Microsoft's decision to cease supporting Windows XP, though no one seems to have a theory about how these two facts relate to one another.

BoingBoing

There is an effort to revive it through a different channel. Forbes article regarding TCnext

  • Like 1
Posted (edited)

As for truecrypt see below, and yes I do use it still.

Mysterious announcement from Truecrypt declares the project insecure and dead

The abrupt announcement that the widely used, anonymously authored disk-encryption tool Truecrypt is insecure and will no longer be maintained shocked the crypto world--after all, this was the tool Edward Snowden himself lectured on at a Cryptoparty in Hawai'i. Cory Doctorow tries to make sense of it all.

The Sourceforge project page for Truecrypt now sports a cryptographically signed notice that Truecrypt should no longer be used as it is not secure. The news came on the heels of a crowdfunded $70K security audit of the open source, anonymously maintained software giving it a relatively positive initial diagnosis. The announcement -- signed by the same key that has been used to sign previous, legitimate updates -- links Truecrypt's deprecation to Microsoft's decision to cease supporting Windows XP, though no one seems to have a theory about how these two facts relate to one another.

BoingBoing

There is an effort to revive it through a different channel. Forbes article regarding TCnext

The relation is that Windows 7 and onward versions already incorporate encrypted virtual drives (bitlocker), making truecrypt redundant.

Bitlocker encryption was good in windows 7 and was then downgraded in Windows 8 for unstated reasons.

Edited by manarak
  • Like 1
Posted

For Internet security, this free browser addon might interest you: https://zenmate.com/

Not only does it encrypt data between your computer and wherever you're surfing to, it also hides your location. There's a mobile version available as well.

You'll need either Firefox, Google Chrome or the Opera browser to use it though. It doesn't work with Internet Explorer since it's a free plugin. Microsoft requires any addon for IE to support ActiveX Controls for which a paid for licence is required.

  • Like 2
Posted (edited)

Seems like there is still a big family of Truecrypt users.

I use it too, Version 7.1a from 2012.

Don't use this 7.2 version!

I am not a friend of conspiracy theories, but I am quite convinced that the developers got pressure from the NSA to quite the Truecrypt project.

http://www.pcworld.com/article/2863972/tor-truecrypt-tails-topped-the-nsas-most-wanted-list-in-2012.html

Edited by KhunBENQ
  • Like 1
Posted (edited)

Sounds interesting. I missed that the Truecrypt source has been taken over after all.

I will try to gather more info about it and give it a try.

You get so paranoid these days...

To come back to the intial question: Truecrypt in its last full version is surely much better than those proprietary document protections etc.

The latter one more or less a joke for the pros.

Edited by KhunBENQ
Posted

Also consider encrypting your e-mail

I run Thunderbird as my e-mail client

with Enigmail to encrypt messages

Just exchange public keys with your trusted customers

and then your messages will be safe

Posted

Also consider encrypting your e-mail

I run Thunderbird as my e-mail client

with Enigmail to encrypt messages

Just exchange public keys with your trusted customers

and then your messages will be safe

Yep, forgot about that. At present, using VPN to communicate who corporate clients on sensitive issues but that assumes their end is secure I guess.

Posted

For Internet security, this free browser addon might interest you: https://zenmate.com/

Not only does it encrypt data between your computer and wherever you're surfing to, it also hides your location. There's a mobile version available as well.

You'll need either Firefox, Google Chrome or the Opera browser to use it though. It doesn't work with Internet Explorer since it's a free plugin. Microsoft requires any addon for IE to support ActiveX Controls for which a paid for licence is required.

Don't get me wrong, I use it all the time, but do you really think they would kindly give away a service like that free without doing at least something with your data?

My guess is it's owned by GCHQ or the NSA.

biggrin.png

Posted

Don't worry about the NSA...worry about your real threats and adversaries. Encryption isn't just about protection from the NSA. Believe me, if your adversary is the NSA, you're going to lose. Encryption is important vs. foreign govts that might not have the resources of the NSA (ie. Thailand), businesses that supply your communications (True, Loxinfo, whoever), and of course criminals.

- You encrypt so that if you don't lose your laptop, or it gets stolen, or you bring it into the shop for a repair, some clown doesn't get all your digital files.

- You encrypt so that Joe Schmo working for XYZ Internet Company doesn't poke onto your connection, or jump on your laptop from the XYZ supplied router and fish for some business documents because you happen to be in competition with his brother, or his wife's father, etc.

- You encrypt so that some govt. official who doesn't like your face decides they're going to start poking through your stuff looking for an excuse to jam you up.

We're all human...and all humans with human jealousies, insecurities, grey motivations are govt. officials, internet company people, etc.

  • Like 2

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...