If you have confidential files stored on your PC, it's a good idea to use some form of encryption. This will ensure that, if the computer is lost or stolen, no one can read your private data. This is obviously especially important in the case of laptops, as these are more attractive and available to thieves than normal desktops.
Generally speaking, encrypting your data can be done in one of three ways. The first is to use the facility built into whatever program created the data in the first place, and tick the "add password" box that's normally somewhere on the "save as" menu. However, this means having to type in your password every time you want to access an encrypted document. And not all programs offer the facility anyway.
The second option is to encrypt your entire hard disk, using a proprietary third-party product or perhaps the BitLocker feature which is built into Windows. Personally, I don't recommend BitLocker. I've heard bad reports about it. And the one time I did try to encrypt an entire partition on my PC, it totally corrupted the operating system and I had to wipe and reinstall Windows. And no, it wasn't a decade ago under Windows XP, but a couple of weeks ago with Windows 10.
The best option, in my opinion, is a program that lets you create one or more container files. These represent encrypted disk drives. Until you supply the correct password, a container file (which can be any size you choose) is just a file full of random unintelligible data. But once you enter the correct password, it mounts as a standard drive with its own letter, accessible in Windows just like any other drive. Copy information to and from it, and it's automatically encrypted and decrypted as required. When you're finished working on your private files, unmount the drive and it turns back into a random file again.
Until a year or 2 ago, the best-known program for creating and using encrypted container files was TrueCrypt, which was open source and widely supported with millions of users. Then the project was abruptly shut down. No one quite knows why, but rumours persist that the developers were formally discouraged from maintaining something that could allow law enforcement agencies to intercept information.
Luckily, the project now lives on in the form of VeraCrypt, which is based on the TrueCrypt code. It's still open source and it's still free, and it works just the same. It includes some minor new features, some bug fixes, and ongoing support. And it will work with your existing TrueCrypt container files if you have any.
You'll find VeraCrypt at https://veracrypt.codeplex.com/ and it's a 10 MB download. The program is malware-free according to VirusTotal and Web of Trust.
We are looking for people with skills or interest in the following areas:
Comments
"No one quite knows why, but rumours persist that the developers were formally discouraged from maintaining something that could allow law enforcement agencies to intercept information. "
Don't you mean that the developers were formally discouraged from maintaining something that could effectively block law enforcement agencies from accessing the information?
In any event Truecrypt 7.1a may still be safe to use - see http://www.howtogeek.com/203708/3-alternatives-to-the-now-defunct-truecrypt-for-your-encryption-needs/ it has more info on Veracrypt as well which users should be aware of before using the program.
The rumor I heard about truecrypt was they shut down rather than cave to federal pressure to provide a backdoor to their software. One of their selling points was that not even the USA Feds could crack their vaults. Now you seem to be saying something different. While I'm wondering if the veracrypt is a truecrypt compromise and provides the backdoor the Feds insisted upon? See, where I got that rumor was here on the to gonzo web site. Now you seem to be saying that truecrypt did have a backdoor and veracrypt does not. Confuses me. I still have an truecrypt.exe and I'm thinking I'm safer with it - not because I have something to hide from the Feds but if they have the backdoor key, what stops some other hacker
outfit from getting it?
Too bad VeraCrypt does not yet support system encryption with UEFI boot. Apparently there's no experts on UEFI willing to contribute to this open source project. Support for UEFI has been on VeraCrypt developers' to do list for over a year now, but not much progress.
The audit turned up no backdoor in TrueCrypt, but I have yet to see an independent audit of VeraCrypt. Until then, I'd be a bit wary at trusting VeraCrypt.
Good article Rob. An encryption utility is one worth having even if you don't feel your personal data is as valuable as some of 007s secrets. TrueCrypt shut down shortly after an audit was conducted on it so as you stated there are various rumors about what was really going on there. Fortunately VeraCrypt provides a good alternative.