Re: Loss of computer - how much does the password protect?

inquirer tablet pc wrote:
In case of loss/theft of a computer, to what extent does the password (the one when you start the pc and the one when you log onto xp) protect the data? i.e. how difficult is it for someone who does not have the passowrd to access the data on the harddisk?


I've responded to other posts concerning the EFS on Windows which noted the same cautions. You might want to try what I now use on my home and notebook PCs.

I use an encryption application called TrueCrypt, you can get it at truecrypt.org.

It is an open source application and is free.

Its dead simple to setup and use and it does not use
Windows EFS nor rely on any Windows security features
for its encryption. You can copy, email, duplicate etc the virtual volume. Its nice to make small volumes and mail sensitive info without
fear of compromise.

From the True Crypt web site, it has the following features:

* Creates a virtual encrypted disk within a file and mounts it as a real disk.

* Can encrypts an entire hard disk partition or a storage device such as USB flash drive.

* Encryption is automatic, real-time (on-the-fly) and transparent.

* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

1) Hidden volume (steganography –

2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).

* Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: LRW.


First, I created an encrypted virtual volume, and for the applications that have personal data I don't want compromised, I create directories in the virtual volume and edit the application preferences to store my data into these folders.

I do this for all of my applications, including Quicken and Lotus Smartsuite applications.

The application has a feature to mount the drive at system startup and then prompt for the password (defined at volume creation) of the encrypted volume.

Good Luck

Marty
.

Relevant Pages

  • Attack Scenarios against PGPs Whole Disk Encryption (WDE)
    ... Attack Scenarios against PGP's Whole Disk Encryption ... PGP's Whole Disk Encryption for Microsoft Windows encrypts all the ... As long as standard PC hardware and BIOS is used, the boot code of the disk ...
    (comp.security.pgp.tech)
  • RE: [Full-Disclosure] harddisk encryption
    ... If the encryptor encrypts your boot disk, it has to be involved early in the ... boot process and may be broken by anything that changes the system boot sequence. ... normally when the encryption keys had been entered. ... registry controls that allow the swap file to be wiped on shutdown. ...
    (Full-Disclosure)
  • RE: [Full-Disclosure] harddisk encryption
    ... > boot process and may be broken by anything that changes the system boot ... In the event of disk crash or emergency, unless a tool is provided to ... > i'm evaluating a software that performs harddisk encryption for deploying ...
    (Full-Disclosure)
  • Widely Used Security Solutions Unable To Prevent Data Theft
    ... Innersafe Corporation, a data security company. ... a text editor exposed protected data on a PC running disk ... "Data theft from a PC is surprisingly easy. ... Disk encryption scrambles data on the disk so it cannot be unscrambled ...
    (alt.privacy)
  • Re: On the Recent PGP and Truecrypt Posting
    ... changing the passphrase would lock out prior users. ... Clearly a users with a backup copy of an encrypted disk for which they ... clear that real world users actually understand the need to re-encrypt ... You will also also see the architecture extend to some *very* cool storage encryption very soon. ...
    (Bugtraq)