TrueCrypt: Easily secure your data with encryption!

Technology evolves fast, people become more attached to their devices, which means an increasing amount of sensitive information getting stored as ones and zeros. Unfortunately, the state of security our devices have is often neglected with little to no thought about the possible consequences of losing your iPhone, having your laptop stolen, or having the police knocking on your door confiscating your computer for illegal download & sharing of copyrighted material. Identity theft is unfortunately far from a rare case these days as well.

Today, I want to put a little bit of focus towards data encryption and show you how easy it actually can be to protect your PC data with the same encryption standards that are approved secure and used by many governments. Data-encryption should be easily accessible for anyone, and this is where TrueCrypt comes in and saves the day with their brilliant tool for easily achieving a high-standard of secure, encrypted data. What makes TrueCrypt so easy to work with is that it functions automatically, real-time (on-the-fly) and transparently, and integrates fantastically with Windows. You can couple it up with a dropbox for example, and stay mobile with secure data at the same time.

So lets jump straight into it, here is a link to TrueCrypt’s website where you can download and install the latest version. On their website, you can find all the necessary documentation which will be much more in-depth than this blog-entry, I simply want to provide you with a guide or tutorial if you wish on getting a quick insight into how this works.

The 3 main functionalities TrueCrypt has for providing you with encryption are “encrypted file-container, “encrypted partition/disk”, and “full-disk encryption” as I mentioned earlier. The file container method, which I would recommend for most users, is where you have a single file stored somewhere on your harddrive which is called a “container”. The file could for example be stored on your desktop, in your documents folder, or in my case, a DropBox folder (which is pretty awesome). What this means is that the inside of this file, is fully encrypted, so anyone examining the file will only see gibberish data without the password to decrypt the container. What TrueCrypt does is that it mounts your file-container, once the correct password has been entered, as a Windows partition, for example D:, so that any data stored inside this partition is fully encrypted. If this is hard to understand, let me try and elaborate a bit, your file-container is somewhere on your computer just like a word-document or an MP3 file, TrueCrypt “mounts” the encrypted file as what looks like an additional partition for your computer. The more data you fill inside this virtual partition, the larger the file grows — since in reality, this is where the data is going.

So you can throw all your important documents, install programs there, store music and movies there, whatever; as soon as you reboot your PC or manually unmount the file-container, the data is back to being unaccessible without the password. Secondly, there is encrypted non-system partition/disk, where basically you just encrypt a physical disk or partition, same functionality as a file-container but just for people who prefer not using a file.

If you want to take it a step further, you can utilize “full-disk encryption”, which as you may have guessed, will ensure that your entire disk is secure. This works by TrueCrypt encrypting the entire disk, and replacing the Windows bootloader with it’s own so when you turn on your computer, before Windows starts loading you will be asked for your TrueCrypt-password before you can do anything. This has the benefits of not having to worry about using your mounted encrypted-partition, since every single file including Windows directory, your browsers cache is encrypted — plug the power cable from your PC and as soon as the PC is off, all that precious data is no longer accessible without the password. It also, means that if you take out your harddrive and plug it into another computer, the data will be gibberish. Although there is a caveat, you will have a slight performance hit, my CPU uses about 4–5% more ressources than before, and I get about 7–8% shaved off my read-performance. But this is a small price to pay for the benefits gained. Especially if you have a SSD, you will not notice a difference at all.

There is one last feature I will shortly mention, which might be useful to some, it is called “hidden operating system” or “hidden truecrypt volume”. Basically what this feature is; instead of having one password for your full-disk encryption or your file-container, you have 2 seperate passwords. The one password unlocks your decoy-data and the other one unlocks the very important data. So say you have a gun to your head or the law requires you to reveal the password or your off to jail, you can provide the decoy password which will unlock all the data, and the “hidden volume/system” is impossible to prove exists (provided certain guidelines are followed). Again, this might be a bit extreme, but could be useful to few.

That’s it for now, if you want to get started I suggest reading the beginners tutorial over by TrueCrypts website. And don’t worry, once you get started this is very easy to work with, give it a shot!