live by the creed!
Assassin's Creed 2 Review
Extract the dual hidden blades of 15th Century assassin Ezio Auditore in Assassin's Creed II, a game that expands upon the original in every way you'd hoped. Click here for our full review!
More Modern Warfare!
Modern Warfare 2 PC Reviewed
The follow-up to Call of Duty 4 does plenty of little things better than its predecessor but is unfortunately marred by one incredibly bad decision. Find out why.
Build your own HD HTPC!
A HD Home Theatre PC for only $500
AusGamers understands the economic woes of our time, but don't want you to miss out on great HD home entertainment either. So check out our 'DYI' HD HTPC guide!
Aussie Game Dev Abroad!
Meet Emily Ridgway From Double Fine
Aussies are responsible for more than you might think in worldwide game development, we aim to introduce you to them. Meet Double Fine's Emily Ridgway!
AusGamers News
RSS
TrueCrypt v6.3 - Protect Your Secret Data!
Post by trog @ 09:08am 03/11/09 | 40 Comments
A new version of TrueCrypt was released recently, bringing this popular encryption/security software to version 6.3. The new version adds full support to Windows 7 and Mac OS 10.6 Snow Leopard, as well as a new feature called 'system favorite volumes'.

If you carry around a USB key with you and want to make sure the contents of that stay secret in case it is lost or stolen, then this is definitely software that you want to have. It is free, open source, and easy to use. And you can download it now for Windows or for Mac OS X from AusGamers - it's only 3mb). We've also got various Linux flavours available.
Tags: truecrypt


Latest Comments
  Link  
natslovR
Posted 09:28am 03/11/09
I've been using it on win7 for a while now, didn't realise it wasn't fully supported

this and keepass, awesome tools.
  Link  
Pinky
Posted 11:50am 03/11/09
+1 for TC, awesome app. Use it every day.
  Link  
Superform
Posted 04:37pm 03/11/09
Note to publishers: If you intend to host our files on your server, please instead consider linking to this page. It will help us prevent spreading of obsolete versions,which we believe is critical when security software is concerned. Thank you.
  Link  
gamer
Posted 10:48pm 03/11/09
What do you guys think about the people who say that volumes created with this tool would be realistically impossible for any authority to break.. aka not worth using a super computer for 10 years to do you for your linux isos?
  Link  
gamer
Posted 10:36am 04/11/09
whats the maximum key size you can use with this tool? 1024/2048 or larger?
  Link  
trog
Posted 10:38am 04/11/09
Note to publishers: If you intend to host our files on your server, please instead consider linking to this page. It will help us prevent spreading of obsolete versions,which we believe is critical when security software is concerned. Thank you.
I considered it; I try to make sure the version we have is always the latest version. Plus our versions are reliable and md5sumed.
What do you guys think about the people who say that volumes created with this tool would be realistically impossible for any authority to break.. aka not worth using a super computer for 10 years to do you for your linux isos?
I think those people are probably right
  Link  
gamer
Posted 10:40am 04/11/09
trog being open source do you think that adds more secuity for the program/algorithms used for us or do you think that could offer smarter people then thsoe that wrote it a chance to find a loophole and break the volume easier then it should be?
  Link  
trog
Posted 10:45am 04/11/09
trog being open source do you think that adds more secuity for the program/algorithms used for us or do you think that could offer smarter people then thsoe that wrote it a chance to find a loophole and break the volume easier then it should be?
It certainly does offer that, but I pretty firmly believe open source is better on the whole for security (especially in crypto) than closed source. With closed source you have no idea who is reading the source and no idea what holes there are.

I wrote an essay on this subject at uni if people want extra reading. My conclusion was a bit watery but these days I put my faith in open source as a general rule. I use mostly open source products for crypto/encryption - the only commercial thing I used is PGP but only because the desktop software is good, and as of a few weeks ago I've started migrating to enigmail which is based on the open source GPG.
  Link  
gamer
Posted 12:16pm 04/11/09
So do you use whatever benchmarks the fastest for you (in terms of method of encryption) or do you have a favorate or know one thats most secure?
  Link  
Dazhel
Posted 01:00pm 04/11/09
whats the maximum key size you can use with this tool? 1024/2048 or larger?


TrueCrypt supported encryption algorithms

To encrypt the contents of the disk TrueCrypt uses your selection from a list of block cipher symmetric key algorithms where the key is typically around 256 bits.

While you can get block ciphers with key sizes of around 1024 or 2048 bits usually you're thinking of asymmetric key algorithms used in PKIs.
  Link  
parabol
Posted 01:01pm 04/11/09
whats the maximum key size you can use with this tool? 1024/2048 or larger?

You can't really compare "maximum key size" without mentioning which crypto algorithm it's going to be applied to. It doesn't really mean much without context.
  Link  
mooby
Posted 08:24pm 04/11/09
bitlocker
  Link  
hast
Posted 09:14pm 04/11/09

What do you guys think about the people who say that volumes created with this tool would be realistically impossible for any authority to break.. aka not worth using a super computer for 10 years to do you for your linux isos?


my understanding is that the authorities can just torture you/imprison you if you fail to give them the key. also, i think hidden volumes are detectable if the attacker can observe the drive multiple times and data is changed between the observations. my understanding is the hidden volume header is in a static position and can change so if you ever see the hidden volume header change then it is definitive proof you have a hidden volume. plus details of the hidden volume can leak out into the non-hidden volume. more info: http://en.wikipedia.org/wiki/TrueCrypt
  Link  
gamer
Posted 09:15pm 04/11/09
daz and para

i thought that the larger the key thingo madooba was the more secure and longer it would take to crack the password/volume/encrypted stuff assuming that it would have to be brute forced and isnt something in a dictionary attack (aka more then 10chars, upper, lower, special car)
  Link  
gamer
Posted 09:18pm 04/11/09
imprison you if you fail to give them the key


not in australia they cant - torture

imprison - not without evidence, which is in the volume...
  Link  
d[o_0]b
Posted 09:28pm 04/11/09
bitlocker

more like

gaylocker

L O L
  Link  
tequila
Posted 09:30pm 04/11/09
i trie to install this, every time i try and create an encrypted drive it gives me some bs about insufficient system resource

its a 500gb drive, 400gb free, 100gb encrypted partition
4gb ram, xp 32bit dual core 3ghz~ etc

  Link  
Dazhel
Posted 09:39pm 04/11/09
i thought that the larger the key thingo madooba was the more secure and longer it would take to crack


In general, yes. Though you can't just compare symmetric key algorithm with asymmetric key algorithms based purely on key size, because they work differently. The asymmetric key algorithms need a comparitively larger key size to be secure.

not in australia they cant - torture
imprison - not without evidence, which is in the volume...


Are you serious?
I'm gonna sound like Faceman here and risk straying off topic, but Australia has a pretty shitty record on human rights and torture. Just because it doesn't happen on your doorstep, doesn't mean that it can't happen in Australia.

- Inhumane conditions in 'Super-maximum' security prisons
- Mandatory indefinite detention for asylum seekers
- David Hicks left to rot in Guantanamo Bay for over 5 years: most of that time without charge

The assumption is also that the cops don't secretly raid your house while you're away and install a key logger to gain information on how to access any encrypted volume before seizing the hardware.
  Link  
parabol
Posted 09:39pm 04/11/09
i thought that the larger the key thingo madooba was the more secure and longer it would take to crack the password/volume/encrypted stuff

Generally, sure.

What I was getting at was, for example, 1024 bits in one crypto algorithm might have the same strength as 256 bits in another, more robust algorithm. It really depends on how the key is used by the algorithm and what shortcomings there are in the crypto scheme.

Hence you can't just rely on a single number (i.e. the bit-length of a key) to determine how strong your encryption method is.
  Link  
tequila
Posted 09:43pm 04/11/09
The assumption is also that the cops don't secretly raid your house while you're away and install a key logger to gain information on how to access any encrypted volume before seizing the hardware.


you're doing it wrong if you don't have 24x7 video surveilance, its so cheap and easy to setup these days
chuck a UPS on your machine and some email alerts to let you know what the fuck is going on = pretty secure
  Link  
gamer
Posted 08:25am 05/11/09
what cameras do you use mate? you using analog or onto the ip based cams?
  Link  
Spook
Posted 08:58am 05/11/09
so, what sort of stuff do you guys need to encrypt?
  Link  
trog
Posted 09:25am 05/11/09
Schneier blogged a few weeks ago about an Australian man who received a reduced sentence because he used encryption and refused to divulge his key - link. Unfortunately it's based on a news.com.au story so all the data might not be available. There's no corresponding ABC article :(

I think though that Australian law is similar to others like UK and US, although after a quick Google I can't find evidence to support that claim.
  Link  
Pinky
Posted 09:29am 05/11/09
so, what sort of stuff do you guys need to encrypt?

I carry pretty much everything around on a portable 350GB drive these days. There is a lot of sensitive business data in there - tables about how much each employee is being paid, accounting/tax, etc, etc. It's not "oh noes the Feds might get me" sensitive - but it's sensitive enough to not want anyone to see it. And if it's enough for me to backup in triplicate, it's enough for me to encrypt. Plus, mounting a TrueCrypt filesystem as a drive is really nice for backup, because I just have a batch file and the drive is always mounted as G:\ so my backup scripts are really simple.
  Link  
Tremble
Posted 09:29am 05/11/09
so, what sort of stuff do you guys need to encrypt?


I use it on my USB for business stuff. If I lose my USB I dont want invoices and customer information available to anyone who picks it up.
  Link  
trog
Posted 09:34am 05/11/09
so, what sort of stuff do you guys need to encrypt?
I encrypt pretty much everything unless it's really big or 100% free/open/redistributable. When I travel I take a USB key which has copies of my passport and various other documents. When I'm at home I often have work stuff on a key, or other personal stuff like photos.
  Link  
Spook
Posted 09:39am 05/11/09
I encrypt pretty much everything unless it's really big or 100% free/open/redistributable

why?
  Link  
Pinky
Posted 09:52am 05/11/09
Yeah I don't go that extreme, but it would be easy to with TrueCrypt - it really doesn't add any hassle to working with a normal drive.

Also, I tried to look up that Wyllie case in the latest QLD court judgments but couldn't find it.
  Link  
Jim
Posted 09:59am 05/11/09
I'm guessing because he believes it to be prudent to protect his data lest it become lost or stolen spook
  Link  
Pinky
Posted 10:02am 05/11/09
Some more info on Wyllie case here.
  Link  
trog
Posted 10:02am 05/11/09
I encrypt pretty much everything unless it's really big or 100% free/open/redistributable
why?
why not, I think is a better question. It costs me nothing except a tiny, tiny fraction of time, and it means if I lose it I don't even have to think about what is on there - the contents are safe.
  Link  
Triamks
Posted 10:06am 05/11/09
Also, I tried to look up that Wyllie case in the latest QLD court judgments but couldn't find it.


Yeah, it's unlikely to be there because it's only a District Court criminal case, which are rarely published because they're not technically judgments and there are too many of them.
  Link  
natslovR
Posted 10:29am 05/11/09
They are getting close to locking up Paul hogans tax man for 12 months for refusing to swear an oath. If a judge rules that you need to handover your key it could be contempt of court if you don't do so. That's incarceration and fines.

I now scan 95% of the mail I keep, store it on truecrypt, and shred the originals. I don't just leave it floating around on my pc unencrypted. It's amazing how little space it takes up. I keep a copy with me on USB too.
  Link  
Pinky
Posted 11:20am 05/11/09
I do similarly natslovR with scanning everything. ADF ftmfw! Staples ftmfl!
  Link  
trog
Posted 01:06pm 05/11/09
I now scan 95% of the mail I keep, store it on truecrypt, and shred the originals. I don't just leave it floating around on my pc unencrypted. It's amazing how little space it takes up. I keep a copy with me on USB too.
Yeh, I am about to start doing that as well, though mostly because I'm sick of trying to deal with paper mail. Man I get a lot of it and so much of it is useless. RACQ feel compelled to mail me a PDS what seems like every month; it must cost them (and by extension, me) a fortune. Give me a digital version and take $1 off my monthly!
  Link  
Pinky
Posted 02:16pm 05/11/09
RACQ feel compelled to mail me a PDS what seems like every month; it must cost them (and by extension, me) a fortune.

Yeah, I can't stand this bullshit.

"Warning: You will be charged you $2.50 for paper bills in the future as part of our Greener Pastures initiative - but here's a FUCKTON OF GLOSSY ADVERTISING MATERIAL ACCOMPANYING THIS POINTLESS LETTER ANYWAY!!! WOOHOOO"

^ not cynical at all...
  Link  
Triamks
Posted 03:08pm 05/11/09
I now scan 95% of the mail I keep, store it on truecrypt, and shred the originals.


I take it you have a scanner with a paper feeder?

If not, I honour your commitment.
  Link  
Dan
Posted 03:42pm 05/11/09
Give me a digital version and take $1 off my monthly!
We know that it never works like that. If anything you'll eventually get to pay the same price, while people that want paper still pay $1 more.

Unless of course, you're a cinema chain, then you charge more for online delivery.
  Link  
Pinky
Posted 03:48pm 05/11/09
I take it you have a scanner with a paper feeder?

ADF = auto document feed

It's pretty common on a fair few multi-function printer/scanner thingies these days.
  Link  
Triamks
Posted 07:22pm 05/11/09
ADF = auto document feed


No, ADF = Australian Defence Force.
You must be logged in to post a comment. Log in now!
40 Comments
Show
 
Poll

What is your preferred gaming platform?






    Discuss this poll!

Log In
User:  
Pass:  



Advertise with Us | Privacy Policy | Contact Us
© Copyright 2001-2009 AusGamers™ Pty Ltd. ACN 093 772 242.
A Mammoth Media web development.