TrueCrypt 5.0 Released, Now Encrypts Entire Drive

A funny little man writes "The popular open source privacy tool, TrueCrypt, has just received a major update. The most exciting new feature provides the ability to encrypt an entire drive, prompting the user for a password during boot up; this makes TrueCrypt the perfect tool for non-technical laptop users (the kind who are likely to lose all of that sensitive customer data). The Linux version receives a GUI and independence from the kernel internals, and a Mac version is at last available too."

Independence from Kernel Internals?

[gweihir]

I do not think that is feasible for what is essentially part of a disk-driver. Marketing-lies now on Linux versions as well? Linux must be going mainstream...

Re:Slashdotted

[apathy maybe]

Actually, I've been having trouble accessing the site all day.

I've been looking forward to the Linux GUI since I read about it, checking back, checking back etc.

Then today, suddenly the entire site is virtually inaccessible.

On the actual release, I think it is going to be good. After all, we see a new MacOS version, a Linux GUI and a few other nice little tools which most people might not even notice.

On the actual software, I love TrueCrypt, I use it both in Windows (where it, simply, is so easy to use), and in Linux (command-line, mehs all around, plus you have to go and delete history if you don't want to save the fact that your using it (or perhaps the fact that a specific file/partition is a container)).

The hidden-partition feature is the bees knees, especially for those extra secret documents, just hide them behind some porn, financial data or something else which you access and make changes to regularly (to hide if you are making changes to the hidden volume).

The ability to back-up headers makes this software great for businesses or governments (can restore a password if a user loses it), and this new encrypt the entire system thing, simply swell (though it doesn't work on Linux/MacOS I don't think).

Anyway, as always, check out the Wikipedia article for more info. http://en.wikipedia.org/wiki/TrueCrypt [wikipedia.org]

Re:The final excuse.

[stevie.f]

Nope, the last excuse for people is "What's encryption?"

Re:One thing annoys me:

[hey!]

That doesn't seem so important to me.

If you want something encrypted, you put it on a truecrypt drive; you can move it from the original drive to the truecrypt drive, then juggle the drive letters if you use windows, the mount points otherwise. The only thing that can't get this treatment is the boot drive, therefore (uniquely) you have an absolute need for a way to encrypt that while it is running.

Re:One thing annoys me:

[waddleman]

Assuming there is free space to move data between and have room for a new partition. While not critical, still an inconvience

Re:The final excuse.

[mi]

A reasonable compromise would be to encrypt only the "interesting" data — such as the /home partition and, maybe, the /var/log (or simply make sure the particular log-files you wish to protect — such as maillog — reside on the encrypted /home).

Whoever tries to crack your laptop is unlikely to be interested in the standard-issue binaries you may have installed...

Re:The final excuse.

[Anonymous Coward]

But DriveLock is Windows-only. End of story.

Re:The final excuse.

[Anonymous Coward]

Ignorance is no excuse; at least, not for government agencies or for corporations.

Re:The final excuse.

[Lord Ender]

The entire point of whole disk encryption is that it is impossible to define where "interesting" data is. Temp files, cache, and swap files can all end up with sensitive data in them. They only way to be sure is to encrypt the whole disk. (or nuke it from orbit)

Re:Independence from Kernel Internals?

[viper66]

Whole disk encryption is meant to avoid the possibility that an application (possibly without your knowledge) could write sensitive data to a location that is not encrypted.

Re:Recovery CD

[Armando_Mcgillicutty]

I'm not sure whether I would like software that claimed to encrypt my drive, but simply allowed anyone with a live CD to boot and access my data. I should hope it's not possible, if it is, they need to go back and start over.

Re:What about wake up?

[ABCC]

But can you unmount the partition windows is installed on when it's in sleep mode??