Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Better Truecrypt Substitute


  • Please log in to reply
15 replies to this topic

#1 bigdog1100

bigdog1100

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 18 November 2014 - 08:15 PM

After TrueCrypt is no longer safe, I installed VeraCrypt. But looking at this http://www.maketecheasier.com/truecrypt-alternatives/ I was wondering, which one is better VeraCrypt or DisckCryptor. Is there anything better for best free, open source encryption software?

 

Thank you.


Motherboard: ASUS P8Z68-V LX; Processor: Intel i5 2500k; RAM 24GB: CORSAIR XMS3 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); CORSAIR Vengeance 16GB (2 x 8GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); Video Card: MSI AMD Radeon RX 470 Gaming X 4G GDDR5; Storage: HDD 2TB Seagate ST2000DM001-9YN164; SSD 500GB Samsung 860 EVO 500GB;Power Supply:  OCZ ZS Series 650W 80PLUS Bronze High Performance Power Supply; Multi-card reader: Nippon Labs Delux 3.5" Internal All In One Card Reader/Writer with USB2.0 & eSATA Ports Model ICR-BB. Optical 1: LG GH22NS90; Optical 2:  ASUS BW-12B1ST; Fans: 3x80mm, CPU Cooling: XIGMATEK LOKI SD963. So there are total of 6 fans.
 


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,907 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:29 PM

Posted 18 November 2014 - 09:37 PM

Five Best File Encryption Tools
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,700 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:29 AM

Posted 18 November 2014 - 09:54 PM


 

After TrueCrypt is no longer safe,

Say's who?

 

A few question's .

Are you just an average home user? Are you using encryption to protect your files in case your PC or other portable storage device is stolen or lost? Are you using encryption to protect your files from being accessed by somebody sitting in front of your PC?

 

If the answer is yes,  Then you have no problem using TrueCrypt, Even if your PC or portable storage device is  stolen, The chances of say a burglar knowing how to decrypt your files are slim at best.

 

I will gladly place $500 AUD in a bank account, then  encrypt my banking details with TrueCrypt, Then randomly select 1000 people off the street let them sit in front of my PC and if they can decrypt the file they get the money. I think my money is safe.

 

I would also feel safe doing the same to a USB stick or LapTop then then leaving it on a table in a caffe or in a bus, Some place where the avarage person could find it.


Edited by NickAu1, 18 November 2014 - 11:37 PM.


#4 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:05:29 AM

Posted 18 November 2014 - 11:02 PM

I also read that article when looking for an alternative to TruCrypt, BigDog1100.

 

What sold VeraCrypt for me is that you can have extensionless files that are your archives, which mount as an additional drive. This and you can choose multiple keyfiles and generate your own encryption on the fly. VeraCrypt doesn't mind working over a network either, I'm not sure if DiskDecryptor is happy with that. The decryption/encryption time can take a minute on 100mb archives, which may seem excessive until you take into account the encryption passes are many thousands of times more than TrueCrypt. That said, if you know TrueCrypt you will instantly know how to use VeraCrypt, it is almost identical in function.

 

I guess either is as good as the other though, for our humble purposes... Even putting a password on a WinZip archive is probably enough.



#5 j4m3s

j4m3s

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 18 November 2014 - 11:07 PM

I still trust TrueCrypt over the other options out there. From what I understand, the developers simply did not want to continue working on it or be responsible for issues in the future, so they announced that it is unsafe because it is no longer supported. GRC has some good details about the whole affair: https://www.grc.com/misc/truecrypt/truecrypt.htm

 

The announcement was alarming but it's hard to trust other solutions that haven't been thoroughly examined. The bigger issue for me is that TrueCrypt doesn't support more recent operating systems.



#6 bigdog1100

bigdog1100
  • Topic Starter

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 19 November 2014 - 08:50 AM

Thank you everyone.

Motherboard: ASUS P8Z68-V LX; Processor: Intel i5 2500k; RAM 24GB: CORSAIR XMS3 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); CORSAIR Vengeance 16GB (2 x 8GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); Video Card: MSI AMD Radeon RX 470 Gaming X 4G GDDR5; Storage: HDD 2TB Seagate ST2000DM001-9YN164; SSD 500GB Samsung 860 EVO 500GB;Power Supply:  OCZ ZS Series 650W 80PLUS Bronze High Performance Power Supply; Multi-card reader: Nippon Labs Delux 3.5" Internal All In One Card Reader/Writer with USB2.0 & eSATA Ports Model ICR-BB. Optical 1: LG GH22NS90; Optical 2:  ASUS BW-12B1ST; Fans: 3x80mm, CPU Cooling: XIGMATEK LOKI SD963. So there are total of 6 fans.
 


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,907 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:29 PM

Posted 19 November 2014 - 08:57 AM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Passcovery

Passcovery

  • Banned Spammer
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 19 November 2014 - 03:13 PM

Yes, our lead developer studied TrueCrypt source code while developing the module for TrueCrypt passwords recovery. His opinion was the same as the opinion of independent auditors - the code has no backdoor and the encryption is one of the best. 
We wrote about it.
The project was closed for any reason but unsafe is perhaps the most unlikely.



#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 19 November 2014 - 03:17 PM

I still use TrueCrypt. It's one of the few disk encryption tools that was independently audited: http://istruecryptauditedyet.com/


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 bigdog1100

bigdog1100
  • Topic Starter

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 19 November 2014 - 06:22 PM

Did anyone study VeraCrypt? I did install it, and it takes somewhat longer to operate it, but overal I have fast and powerful computer so it works and I don't really mind waiting. My concern is security.

 

Thank you.


Edited by bigdog1100, 19 November 2014 - 06:23 PM.

Motherboard: ASUS P8Z68-V LX; Processor: Intel i5 2500k; RAM 24GB: CORSAIR XMS3 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); CORSAIR Vengeance 16GB (2 x 8GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800); Video Card: MSI AMD Radeon RX 470 Gaming X 4G GDDR5; Storage: HDD 2TB Seagate ST2000DM001-9YN164; SSD 500GB Samsung 860 EVO 500GB;Power Supply:  OCZ ZS Series 650W 80PLUS Bronze High Performance Power Supply; Multi-card reader: Nippon Labs Delux 3.5" Internal All In One Card Reader/Writer with USB2.0 & eSATA Ports Model ICR-BB. Optical 1: LG GH22NS90; Optical 2:  ASUS BW-12B1ST; Fans: 3x80mm, CPU Cooling: XIGMATEK LOKI SD963. So there are total of 6 fans.
 


#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 20 November 2014 - 03:01 AM

No, I'm not aware of an independent code audit of VeraCrypt.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#12 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:12:59 AM

Posted 20 November 2014 - 08:26 AM

I've been using diskcryptor for more than two years without any issues. It can use non ascii characters, folder and key files to support more strong encryption.
As the encryption combination goes stronger and depending on size of partition, the time required for initial encryption of drive partition and decryption
of drive partition increases. But it doesnt affect the on the fly encryption and decryption processes.
The disadvantages I find is lack of:
> context menu integration,
> drive hiding,
> more encryption algorithms / techniques and
> individual file encryption (which I dont want to use to be on safe side)
Does anyone know if any of the above can be solved when using DC?
Also I've heard truecrypt allows hidden OS and partition, but dont need that much extreme end and like to have a supported utility, so using DC.

Edited by Nikhil_CV, 20 November 2014 - 08:40 AM.

Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#13 rp88

rp88

  • Members
  • 3,067 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:29 PM

Posted 22 November 2014 - 09:23 PM

I'm no expert in the details of encryption but i find one of the most logicsl things to do for files that need to be private is put them in an encrypted archive, an archive that can be copied, pasted, opened, closed, extracted, transferred or deleted just like any zip file. I use 7z for this, as my windows version doesn't allow users to make password protected zip files, and it works well I don't know how effective it's encryption type is, and i don't know whether it offers any fancy features (7z is primarily a file compression and archiving program) but it does work. 7z is free, and i think open source and unlikely to have a backdoor (but i can't absolutely be sure), it offers several different ways of encrypting files(AES 256 amongst many others) and perhaps the best part is that once encrypted you can treat the encrypted archive like a normal file (you can email it to people, put it on cd-rw's etc). Just to comment on the mention that truecrypt contaiend the abiltity to have hidden operating systems, there is a linux thing called TAILS (the amnesic incognite live system) which can let you have a "secret operating system". It can boot from a USB, you then use the computer, shut down, pull out the USB and no trace is left of what you did whilst you were on there (unless you deliberately saved a file to another USB or external drive). I know truecrypt used to have a thing where you could make a file with two passwords, so if someone used the "wrench technique" (see technical details here http://xkcd.com/538/ )you could give them the "fake" password and they would open the encrypted file with it to see some junk rather than the stuff hidden with your real password. I highly doubt 7z can do this, but maybe with some sneaky naming of files and altering of file extensions you can make the real contents of the encrypted file look like junk to anyone who didn't know some further trick you had hidden.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#14 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 23 November 2014 - 05:24 AM

There are some important difference between TrueCrypt and password protected ZIP files.

 

First of all, if you want to modify a file inside a password protected ZIP file, you need to extract it to your disk, edit it, and store in back in the ZIP file. This leaves your confidential file unencrypted on your disk. Even if you delete it, the content is still on the disk. You would need to perform a secure delete to remove all traces.

 

Second, encrypted ZIP files do not encrypt the file names. So I can see what documents you have in your ZIP file without needing the password.

 

Third, make sure that you use the newest encryption algorithm for ZIP: AES. The older one, ZipCrypto, is weak.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#15 rp88

rp88

  • Members
  • 3,067 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:29 PM

Posted 23 November 2014 - 09:51 AM

Encrypted zip (or 7z) files don't encrypt file names, but if you make a zip or 7z file full of your private files and then put it into another 7z or zip file (this outer one being the encrypted one) then you would not be able to read the file names, or the user could just invent some random file names which would not give a snooper any insight into what was in the encrypted archive. In light of the many ways that a user can make their archive such that file names are no longer an issue i would say the second point isn't a problem, 7z has the ability to encrypt file names as well (normal zip files don't).


I would agree that the first difference is a potential problem unless you can succesfully repeatedly overwrite the place on the disc where your temporary etracted copy was stored.

Edited by rp88, 23 November 2014 - 09:51 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users