Kinja reply list

Read More
phrancis5Whitson Gordon
1/27/14 1:26pm
I once had an entire portable hard drive encrypted with TrueCrypt, which got stolen when my car was broken into. It contained sensitive passwords, tax docs, and financial info. I'm gonna assume the typical meth-head car prowler doesn't have a lot of heavy duty encryption cracking resources, but how worried should I be? I believe I used AES blowfish and a strong password and I put a 1 year warning on the 3 credit bureaus...
Reply
- Read More
  Stormdizzlephrancis5
  1/27/14 2:15pm
  I wouldn't be worried...at least not as much. When this thief plugs in the drive...as you know...it'll prompt them to format the drive first. Unless they mount the drive and insert your password correctly, they would take a VERY long time, if even possible depending on your password, to decrypt the drive. I personally think you would be dead before they got into it...and by then...the hard drive would have "gone bad" from age and would be of use to no one. My guess would be...they hook it up...and see it needs to be formatted...so they would format it and either sell it or use it...either way...I congratulate you for at least encrypting it.
  Reply
- Read More
  Jacobm001phrancis5
  1/27/14 3:50pm
  Assuming a reasonable password, I wouldn't worry at all. Most cat thieves will think it's a broken drive in need of formating, if anything.
  There are very few people out there with the hardware to break into your data.
  Reply
Read More
RayneauWhitson Gordon
1/27/14 12:05pm
Of course, you might need to make yourself wrench-proof...
Reply
- Read More
  DefronRayneau
  1/27/14 12:22pm
  I wonder why Randall went with a wrench instead of a rubber hose
  Reply
- Read More
  RayneauDefron
  1/27/14 3:28pm
  Hahaha! That's actually a thing?! In uni I wrote a "comedy" sketch where Sherlock Holmes revealed the secret to his results was beating people with rubber hoses.
  Reply
Read More
doodledeveloperWhitson Gordon
1/27/14 12:07pm
I really, intensely dislike the 'Should I encrypt? In short: yes' stance.
I like many many others, do personal budgeting on my home PC. I, like many others, have sensitive corporate information on my work PC, and on my work laptop (which goes overseas with me). Also, like many others, I get work emails on my personal mobile phone. Same goes for my tablet.
That's saying nothing about passwords/cookies stored within my user environment on each device. My mobile has a lock screen, with a simple slide to unlock - no code to enter.
None of these are encrypted. My son plays with my phone, tablet and home PC (all under my user accounts, which have full admin/root priv's, and UAC is disabled in Windows).
Encryption is good for the paranoid, but there's better methods to prevent ID theft etc.
Don't get me wrong, we have a lot of equipment in the office that uses TruCrypt encrypted volumes - we typically rip the disk out, stick it in a DC machine for a while & 'crack' the encrypted image, clone the decrypted version & re-image without the encryption. Mostly because the amount of time it takes to spin up an encrypted disk repeatedly is a PITA for us.
Reply
- Read More
  Snow Dogdoodledeveloper
  1/27/14 1:05pm
  So, you don't like the "You should encrypt your hard drive" message because you intentionally prefer to not take protecting your personal and professional data seriously? If you want to be indefensibly reckless with your stuff, fine. This attitude probably won't get a very positive response here, on Lifehacker, on an article about encryption.
  Reply
- Read More
  doodledeveloperSnow Dog
  1/27/14 1:23pm
  Please re-read my post properly, especially this:
  "Encryption is good for the paranoid, but there's better methods to prevent ID theft etc."
  Maybe then you'll be able to form an informed opinion about my attitude towards data security. Hell, maybe even browse some of my other comments on recent LH subjects, such as the MD5 cracking one.
  Reply
Read More
macshomeWhitson Gordon
1/27/14 12:16pm
If you need to keep a few files safe from prying eyes, you can encrypt them with the free, open-source, cross-platform TrueCrypt. These steps should work on Windows, OS X, and Linux. Note that if you're encrypting files to send them over the internet, you can also use this previously mentioned 7-Zip method.
On a Mac you can also use encrypted disk images if you are going to be only using them on a Mac.
Reply
- Read More
  Krytonmacshome
  3/02/15 7:20am
  started using this recently, works really well. You can also just mount the disk image and take the files out if you need to transfer them, albeit it unencrypted-ly.
  Reply
Read More
macshomeWhitson Gordon
1/27/14 12:09pm
So, why exactly do you not recommend the FileVault key escrow with Apple?
Reply
- Read More
  Whitson Gordonmacshome
  1/27/14 12:18pm
  Because, as we've seen in the past, that just opens you up to other kinds of attacks. Better to leave the key with someone you trust (you) rather than someone you shouldn't trust (Apple).
  Reply
- Read More
  Whitson GordonWhitson Gordon
  1/27/14 12:38pm
  Ugh, my link disappeared. I was referring to this: http://lifehacker.com/5932501/strong…
  Reply
Read More
Ben_IncaHutzWhitson Gordon
1/27/14 4:22pm
I prefer to use the "Pimp my ride" method of encryption.
I start with a PHP WDE to encrypt the boot disk.
Next I enable bitlocker.Lastly, I use Truecrypt to protect all my "sensitive" files like Bukkake videos.
It takes 20min to boot up and enter all the passwords but its worth it.
Reply
- Read More
  Ben_IncaHutzBen_IncaHutz
  1/27/14 4:23pm
  PGP WDE . .not PHP, typo!
  Reply
Read More
Platypus ManWhitson Gordon
1/27/14 11:17am
I have a small TrueCrypt volume containing my tax documents. Even though I don't really see anyone breaking into my computer (then again, most people don't), it seemed almost irresponsible to just have them sitting around unprotected. Like, I don't really expect someone to steal my car, but it's worth enough to me that I still lock it.
Reply
Read More
SteveWhitson Gordon
1/27/14 12:20pm
I respectively disagree with the author on the priority of file encryption over full disk encryption. I say you NEED both. Full disk encryption is the only way you can achieve "safe harbor" for so many of the data compliance regulations. Let's say you have a notebook PC that's lost or stolen. You're in big trouble unless you can prove it was full disk encrypted. The fines and legal penalties are brutal. Keep in mind that opening files often creates "shadows" so that a single file encrypted often leaves traces.
Reply
- Read More
  macshomeSteve
  1/27/14 12:59pm
  In cases where policy or regulations dictate that FDE be used then there needs to be management policies in place that make sure that it is being used!
  Reply
Read More
macshomeWhitson Gordon
1/27/14 12:14pm
As we mentioned at the beginning, encryption is not 100% foolproof—but it's better than leaving your files out in the open. Remember what encryption can't do—it can't secure your drive if it's infected with malware, if you leave it turned on in public spaces, or if you're using a weak password. Even if you put your computer to sleep, it's possible an experienced hacker could recover sensitive data from your computer's RAM. Don't let encryption lure you into a false sense of security: it's just one layer of the security process.
You can defeat RAM attacks on the Mac by disabling fast user switching, enabling forced hibernation mode (Rather than just sleep), and setting the system to destroy the FV key on sleep.
Not storing the key in RAM is a bit of a pain as you need to authenticate twice when waking from sleep though. Once for the disk and once for your user session.
Reply
Read More
macshomeWhitson Gordon
1/27/14 12:19pm
When you boot back up, OS X will begin encrypting your disk, and your computer will probably run a little slowly while it goes. It could take an hour or more, depending on how big your hard drive is.
You can also encrypt any GUID HFS+J disk on the Mac in Disk Utility, or even in the Finder. Just right click on a disk and select, Encrypt "disk name"…
Reply