Data encryption software

[frankie]

I've been looking into buying encryption software, such as one might use on highly private documents, e.g. a list ones financial account/website user names and passwords. Not just to use for emailing the documents, but for general protection from any hackers that might attack my computer. (I wonder if paranoia is attacking me. )

Usually I can find current & thorough reviews on PC Magazine website, but no luck in this case.

Anyone have experience or recommendations for this type of software?

Thanks.

 

[Andy R]

For encrypting your files, try the free software called TrueCrypt. This is good for files on your hard drive (or even on a portable USB drive) if you change computers often.

If you want to keep your passwords organized and safe try RoboForm. This is a serious time saver and smart tool to allow you to have different long cryptic passwords at different site and it manages them and fills them in when you go to that site. All the data files for RoboForm are encrypted.

 

[BigMoneyJim]

If you have Windows XP Pro (not "Home"), you have encryption capability built-in: http://support.microsoft.com/kb/307877 . I haven't used it.

Some of the zip utilities have password protection and/or encryption. The original zip password is crackable, and last I heard the encryption schemes weren't portable across brands (WinZip vs. PKZip, for example).

I'm sure there are several free open source encryption software packages, but I haven't used them and would venture a guess that they're a bit more complex to use and/or learn than the commercial products.

What I *do* have recent experience in is Utimaco SafeGuard Easy, but that encrypts an entire hard disk and doesn't protect in the event that you are "hacked"--that is if someone can log into your system then they can read your files. The advantage is if the hard drive is lost or stolen then they can't read the data without knowing how to log into your system.

I also have an encrypted USB storage stick. Kingston Dataguard I believe is the one I have. When you put it in you have to enter a password, and then the drive becomes available.

With any encryption method, be aware that if you lose or forget the password/passkey then you file will be unrecoverable. With Windows native encryption you have to be careful in how you change your password, otherwise you may be unable to decrypt your files. And if the system itself is compromised then anything you type could be recorded and your password captured, and in any system if you can currently read the file then a system administrator on the system can, too.

 

[Spanky]

A more secured USB storage that is hardware encrypted: https://www.ironkey.com/.

Software based encryption can be hacked.

I use Truecrypt (AES 256) for most of my files.

 

[Ed_The_Gypsy]

For encrypting your files, try the free software called TrueCrypt.

Free for 30 days.

 

[Coach]

I use PGP and have been very satisfied with it.

Coach

 

[Andy R]

Free for 30 days.

No, it's 100% free. It's an Open Source project so it will stay free too.

Q: Will TrueCrypt be open-source and free forever? A: Yes, it will. We will never create a commercial version of TrueCrypt, as we believe in open-source and free security software.
TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP/2000 and Linux - FAQ

 

[CybrMike]

Use PGP. Most of the PGP stuff is open source and its been tested by many, many people. Also its portable across platforms.

Here is a link for the PGP freeware stuff for windows:

http://www.pgpi.org/products/pgp/versions/freeware/winxp/8.0/

 

[cute fuzzy bunny]

I simplified the process, albeit its a half-way solution.

I keep any sensitive documents, account information and so forth in a password protected zip file on a small SD flash chip that sits in the reader on the side of the laptop but isnt fully snapped in. When I want something off of it, I push it in, type in the password, get the info, and eject it.

Pretty safe. Not too complex. Cheap. I figure the odds that someone will break in at exactly the 5 seconds I've got the chip inserted, or manage to leave some trojan horse on my machine that will grab that data...are pretty small.

By the way, did you know that encrypting data on your computer may be considered incriminating evidence, even if a law enforcement agency cannot determine the actual encrypted content? Seems that the mere matter of hiding something means you're hiding something bad...

Those "secure USB keys" are also fairly hackable. One common one has a 'backdoor password' thats already been published, and several can be physically tweaked to open access to the flash content.

 

[pedorrero]

My reccs....

I used to use Scramdisk but there is not a freeware versiono of this for XP.

I now use Dekart Private Disk Lite (Disk encryption - powerful disk encryption software from Dekart) and it seems to meet all my needs ... I want a utility to encrypt a virtual disk (appears as Z: to my PC). I don't know that this product does individual files. That is more PGP's bag. But it meets my needs -- standalone, disk drive level encryptor.

 

[CybrMike]

Well, good luck charging me on something when they can't even see what it is.

Long as you don't name the encrypted folder "MyEncryptedMurderPlot" or something....

By the way, did you know that encrypting data on your computer may be considered incriminating evidence, even if a law enforcement agency cannot determine the actual encrypted content? Seems that the mere matter of hiding something means you're hiding something bad...

 

[Spanky]

Those "secure USB keys" are also fairly hackable. One common one has a 'backdoor password' thats already been published, and several can be physically tweaked to open access to the flash content.

This is not the case with IronKey (Hardware encryption). After a few failed attempts (incorrect password), the content will be self-destructed and will not be readable. The password, number of attempts, keys are not stored in flash. They are stored in the encryption chip. The drive is encased with a security potting compound (epoxy) that would crack easily during disassembly.

 

[CybrMike]

This is not the case with IronKey (Hardware encryption). After a few failed attempts (incorrect password), the content will be self-destructed and will not be readable. The password, number of attempts, keys are not stored in flash. They are stored in the encryption chip. The drive is encased with a security potting compound (epoxy) that would crack easily during disassembly.

So, this message really will SELF DESTRUCT.

 

[CybrMike]

Problem I have with Secure USB or any other Secure Digital Card is that they are tough to backup. I use a secure image file on my Mac OS X machine that is encrypted to AES-128 with a password. That way you can just back up the entire image file to another hard drive and its still encrypted.

 

[Spanky]

Backing data in a secured USB drive is not that complicated. Copy the content after being mounted to another secured USB drive. If you want to backup the data to a hard drive with encryption, you can always create an encrypted volume in the form of file in the secured USB drive, access your files via the encrypted volume, and copy the encrypted volume (image or file) to your hard disk. This approach may be a hassle since you have mount the drive twice every time you want to access your files -- once to mount the USB drive and another to mount the encrypted volume. You also have to dismount it twice. Nevertheless, the data in the secured USB drive is pretty hard to crack.

 

[NinjaPigeon]

TrueCrypt is pretty awesome. Not only is the encryption in it top notch, but it has some nifty features. You can actually hide your encrypted volume inside another encrypted volume. This way, if you are ever "forced to reveal" your outer volume, the hidden one remains safe.

I keep all my financial data on a TrueCrypt encrypted USB key that I pop out when I'm not using it.

 

[cute fuzzy bunny]

This is not the case with IronKey (Hardware encryption). After a few failed attempts (incorrect password), the content will be self-destructed and will not be readable. The password, number of attempts, keys are not stored in flash. They are stored in the encryption chip. The drive is encased with a security potting compound (epoxy) that would crack easily during disassembly.

Sure. Send me yours and i'll send you back your data in a couple of days...remember, i'm the guy that hacks apart safes in his garage in the middle of the night.

 

[Spanky]

Sure. Send me yours and i'll send you back your data in a couple of days...remember, i'm the guy that hacks apart safes in his garage in the middle of the night.

Nothing is 100% tempered proof, but it will be very difficult to crack the hardware-based encryption protected USB drive such as Iron Key. It is more secured than software-based encryption. Another feature of Iron Key USB drive is that it is waterproof.

 

[cute fuzzy bunny]

I'll take on that challenge. My dog has exceptionally wet lips.

Actually most USB drives are pretty easy to crack. I've seen several "solved" by opening the case and soldering a wire between two points, or cutting a couple of traces.

Certainly encasing it in epoxy creates a small problem for someone without an air compressor, a sand blasting tool and very fine particulate matter.

And you're taking all of this way too seriously...

 

[farmerEd]

Truecrypt...wow, never heard of it, but I downloaded it and took a look. Pretty amazing piece of (free) software. Seems bullet-proof to just about anyones normal privacy concerns (if you are hiding nuclear secrets and the NSA/CIA wants to find out then all bets are off), but for regular folks seems pretty solid; easy to use and very inconspicuous. The fact that it is opensource is good in the sense that there is no "back-door" into the system, unlike (I suspect) almost all commercial stuff.

Of course I suspect that 99.9% of the people that are using it are just hiding porn on their PC......

 

[Spanky]

Truecrypt...wow, never heard of it, but I downloaded it and took a look. Pretty amazing piece of (free) software. Seems bullet-proof to just about anyones normal privacy concerns (if you are hiding nuclear secrets and the NSA/CIA wants to find out then all bets are off), but for regular folks seems pretty solid; easy to use and very inconspicuous. The fact that it is opensource is good in the sense that there is no "back-door" into the system, unlike (I suspect) almost all commercial stuff.

Of course I suspect that 99.9% of the people that are using it are just hiding porn on their PC......

TrueCrypt is good but not bullet-proof since you can hack the password.

 

[ERD50]

Nothing is 100% tempered proof, but it will be very difficult to crack the hardware-based encryption protected USB drive such as Iron Key. It is more secured than software-based encryption. Another feature of Iron Key USB drive is that it is waterproof.

I'll take on that challenge. My dog has exceptionally wet lips.

Actually most USB drives are pretty easy to crack

But Spanky was not talking about 'most USB drives', he was talking about the IronKey.

Anyone see any evidence that Ironkey has been cracked?

At any rate, I doubt any of us has any info that is so important that thieves would go through a lot of effort to obtain it. It's like keeping your car locked, thieves will move to an easier target.

-ERD50