I’m a big fan and regular user of TrueCrypt, a completely free and open source program that creates virtual encrypted disks on Windows and Linux volumes. Like a lot of other such programs, however, mounting the encrypted volumes can get a bit tedious.
AllThingsMarked.Com has a nice tutorial on how to create a batch script to make it a lot easier to mount and unmount a TrueCrypt volume.
The one defect of the AllThingsMarked.Com approach is that it doesn’t mask the password during entry, but Peter Hesse has a slightly modified version of the AllThingsMarked.Com method that does mask the password as long as you’re running Windows XP or Windows Server 2003 or later.
I was looking the other day for a good password storage/management solution. — preferably a free, open source application.
KeePass meets my needs at the right cost. It uses TwoFish and AES to encrypt the password database and keeps the passwords encrypted in memory as well. It also allows for the use of key disks by themselves or in combination with a master password. Suffice to say, you can customize the level of encryption and security to match your particular level of paranoia.
TrueCrypt is a free, open source tool for creating encrypted hard drive partitions as well as virtual encrypted disks.
The cool thing about TrueCrypt is it offers tons of options that let you choose your level of paranoia. For example, for the really paranoid, TrueCrypt can create a hidden volume inside an encrypted volume, so even if you’re forced to give up the password to the encrypted volume, the hidden volume is still password protected and undetectable.
You’ve also got your choice of encryption algorithms including, AES-256, Blowfish, CAST5, Serpent, Triple DES, and Twofish.
My kind of software.
TorPark is a Firefox variant that takes the popular web browser and integrates a Tor client so you can do secure, completely anonymous — if a bit slow — web browsing. EFF has an explanation on its web site of how Tor accomplishes that.
Sometimes, you need to make sure that a file you’ve deleted is really gone. I use about 7-8 different computers in a typical week, and on all of them I use utilities that do daily secure wipes of all free space.
Fortunately, there are some very good freeware apps to accomplish this.
For the most part, I use Blowfish Advanced CS, which integrates Bruce Schneier’s famous encryption algorithm (featured once on 24). Fro my experience Blowfish Advance CS has a very small footprint and is very fast.
Recently a friend pointed me to Eraser which does nothing but secure delete. I installed it and tested it out, but it seemed significantly slower than Blowfish Advance CS. On the other hand, it had two features that Blowfish Advance CS doesn’t — a) the option to create a boot disk and securely wipe a boot drive, and b) a built-in scheduler to run unattended secure wipes on a regular basis.
Maybe I’m paranoid, but I don’t want to risk someone recovering deleted data from any of the PCs I use. Neither of these programs really guarantees data cannot be recovered, but regular use certainly raises the cost of recovering any deleted data to prohibitive levels. That’s good enough for me.
I’ve received hundreds of copies of the Klez virus, but a few minutes ago received the cleverest one I’d seen yet — it was an e-mail purporting to contain an attached file from McAfee that would remove any Klez infection from my computer.
Of course the file is in fact the Klez virus itself. Very clever — I know some people who would probably fall for that.
I’m just amazed at how successful the Klez virus has been. I never open attachments from people unless I know them and I’m expecting the attachment. Even then I take a lot of extra steps to make sure I’m not accidentally going to laucn some executable (why do people open JPEG and GIF attachments directly from their e-mail client, for example — just save the damn thing and open it up in a graphics program).