LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 03-09-2009, 03:19 PM   #1
baldurpet
Member
 
Registered: Dec 2008
Location: Iceland
Distribution: Ubuntu, freeBSD
Posts: 110

Rep: Reputation: 15
Encrypting your hard drive


Hey, I was thinking about encrypting my hard drive (porn and movies) with something like True Crypt. Is True Crypt the best encrypting software there is? What are it's options?

Also I was wondering, I heard that software like True Crypt doesn't make your files any slower to access but how can that be? If you're going to access your files, which are encrypted you'd have to decipher every file you want to open right? Other wise, why couldn't just anybody access them? (I'm probably misunderstanding something here)
 
Old 03-09-2009, 09:49 PM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,751

Rep: Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610
Quote:
Originally Posted by baldurpet View Post
Hey, I was thinking about encrypting my hard drive (porn and movies) with something like True Crypt. Is True Crypt the best encrypting software there is? What are it's options?

Also I was wondering, I heard that software like True Crypt doesn't make your files any slower to access but how can that be? If you're going to access your files, which are encrypted you'd have to decipher every file you want to open right? Other wise, why couldn't just anybody access them? (I'm probably misunderstanding something here)
Don't know about "best" (that's a relative term, and it depends on what you're trying to do with it), but Truecrypt certainly is robust and very secure.

And as a rule, you encrypt/decrypt a hard drive. You enter the password when you mount the drive (no pun intended, since it's for your pr0n), and decryption takes place then. After that, it's just another drive, that's why it's no slower.
 
Old 03-12-2009, 11:54 AM   #3
baldurpet
Member
 
Registered: Dec 2008
Location: Iceland
Distribution: Ubuntu, freeBSD
Posts: 110

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by TB0ne View Post
And as a rule, you encrypt/decrypt a hard drive. You enter the password when you mount the drive (no pun intended, since it's for your pr0n), and decryption takes place then. After that, it's just another drive, that's why it's no slower.
Well this might be a little stupid but if accessing the files isn't slowed down, that must mean that the files themselves aren't any different from those not encrypted?

I mean, what changes after you've mounted the por.. I mean the drive?
 
Old 03-12-2009, 01:55 PM   #4
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,751

Rep: Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610
Quote:
Originally Posted by baldurpet View Post
Well this might be a little stupid but if accessing the files isn't slowed down, that must mean that the files themselves aren't any different from those not encrypted?

I mean, what changes after you've mounted the por.. I mean the drive?
No changes...the entire partition is encrypted. When you mount it, you provide the password, then decryption takes place, and the volume gets mounted; you access it as normal. If you don't provide the right password, the data on it remains secret, and the partition is un-mountable.
 
Old 03-12-2009, 05:36 PM   #5
openSauce
Member
 
Registered: Oct 2007
Distribution: Fedora, openSUSE
Posts: 252

Rep: Reputation: 39
I guess there must be some small performance overhead in principle, but it's not noticeable.

I feel compelled to quote Randall Munroe:
http://www.xkcd.com/538/
 
Old 03-13-2009, 09:57 AM   #6
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,751

Rep: Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610Reputation: 2610
Quote:
Originally Posted by openSauce View Post
I guess there must be some small performance overhead in principle, but it's not noticeable.

I feel compelled to quote Randall Munroe:
http://www.xkcd.com/538/
Well said!
 
Old 03-28-2009, 11:09 PM   #7
MrJoshua
Member
 
Registered: Apr 2002
Location: Houston Texas
Distribution: Debian / Gentoo / RHEL
Posts: 209

Rep: Reputation: 31
Talking

Quote:
Originally Posted by openSauce View Post
I guess there must be some small performance overhead in principle, but it's not noticeable.

I feel compelled to quote Randall Munroe:
http://www.xkcd.com/538/
AES has over 230 MB/s throughput and SATA 3.0 at its peak load can barely reach 290~300MB/s so no there is no performance hit to speak of for gamers and home users. Trust me gaming and desktop usage does NOT peak a drive!

Also with Truecrypt, Gaurdian Edge, etc... it does not matter, as the other user above stated, the drive is mounted with the password which performs the decryption. This is not on the fly encryption, decryption for every single file you touch. That would be ridiculous! Whole disk encryption of this kind encrypts the FILESYSTEM information and I am not speaking of your porn. I am speaking of the superblocks, pointers, FAT, etc...

As a person that does Digital Forensics for a living I am telling you any Hacker, Porn collector, Gamer NEEDS to encrypt their drives. And generally anyone who uses their PC to file tax returns, buy items online, or even just general personal usage you NEED to encrypt. I can tell you and I mean for a fact 2 hours with your PC hard drive Linux, Windows, Mac, Unix, and I promise you there is some conversation, email, document, or silly picture that you deleted over a year ago still on there that you do not Identity thieves or authorities. You can even Zero your HD and I can find it. I am telling you all, please encrypt your data, Identity thieves and Forensic Professionals will get through your "Security Through Obscurity" like it was butter. Trust me if we can find information purposefully stored in bad blocks via a Hex editor and reformatted MBRs we can find your secrets. And I would not worry about the guy with the 5 dollar wrench as that is about .00001% of the people that will ever have a need to decrypt your drive. Worry about the people that show up on Saturday morning at 6am with a warrant.

Cover your butt. You would never leave your wallet on your dash with the doors unlocked. Especially if you have items in it that you do not want others to find. Just my 2 cents.

And if you want even the 3 and 4 letter acronym agencies to keep out, Steg your data with Blowfish.

Last edited by MrJoshua; 03-28-2009 at 11:24 PM.
 
1 members found this post helpful.
Old 03-29-2009, 09:19 AM   #8
openSauce
Member
 
Registered: Oct 2007
Distribution: Fedora, openSUSE
Posts: 252

Rep: Reputation: 39
The cartoon was just there to be funny, I'm not particularly trying to make a point.

However, this is interesting:
Quote:
Originally Posted by MrJoshua View Post
You can even Zero your HD and I can find it.
If that's true, fancy making yourself an easy $500?
 
Old 03-29-2009, 09:45 AM   #9
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by MrJoshua View Post
And if you want even the 3 and 4 letter acronym agencies to keep out, Steg your data with Blowfish.
If you've got three-letter agencies out to get you, they will get a hold of your plaintext regardless of what you do. They wouldn't need to waste time figuring out your steganography or cracking your ciphertext, they'd have a gazillion ways to get the key from you if they really wanted to.
 
Old 03-29-2009, 10:05 AM   #10
akuthia
Member
 
Registered: Oct 2007
Location: triad, nc, usa
Distribution: Ubuntu
Posts: 222

Rep: Reputation: 29
arent those 3-4 letter agencies just going to crack our encrpytion anyways? arent they the ones (generally) coming up with the algorithms in the first place?
 
Old 03-29-2009, 05:11 PM   #11
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by akuthia View Post
arent those 3-4 letter agencies just going to crack our encrpytion anyways? arent they the ones (generally) coming up with the algorithms in the first place?
Assuming that cracking decent encryption would be feasible to them (which wouldn't make too much sense, since that would make it feasible for the enemy too), why would they waste time trying to do that when they can just get the key from you? As for the other question, I don't know if they are generally the ones coming up with the algorithms. It would seem to me that they aren't, though. Take the current US government standard, for example (AES), which was originally developed by two Belgians.

Last edited by win32sux; 03-29-2009 at 05:16 PM.
 
Old 03-29-2009, 05:21 PM   #12
akuthia
Member
 
Registered: Oct 2007
Location: triad, nc, usa
Distribution: Ubuntu
Posts: 222

Rep: Reputation: 29
well, that doesnt make much of an arguement for using encryption, if the feds are your primary concern... "encrypt your info, and they'll get the key from you, or else, they'll just look at it if its unencrypted"..?
 
Old 03-29-2009, 05:31 PM   #13
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by akuthia View Post
well, that doesnt make much of an arguement for using encryption, if the feds are your primary concern... "encrypt your info, and they'll get the key from you, or else, they'll just look at it if its unencrypted"..?
The point is that if the feds are determined to get your plaintext, you'd be fooling yourself if you believed they wouldn't be able to. They simply have way too many resources they can use against you. I'm not saying "don't use encryption", I'm saying "use encryption, but understand its limitations".

Last edited by win32sux; 03-29-2009 at 05:39 PM.
 
Old 03-29-2009, 06:08 PM   #14
manwithaplan
Member
 
Registered: Nov 2008
Location: ~/
Distribution: Arch || Sidux
Posts: 393

Rep: Reputation: 45
Very true... if the 3 and 4 letter agencies wanted to look at your computer, and they can. No computer is fool proof. They hire the same people that break there own codes.

Even if I hardened my kernel even more, and steg my passwords and oversea's acct numbers... It can all be found. Either through brute force, or tactical coercion. Meaning they'll break your legs... imprison you under the Patriot act and call you a Talib, then ship you to Algeria where they specialize in making you hurt for a very long time... Until you forget even your own name...

Maybe they even send you to there underground Disney facilities and r*pe you. LOL
 
Old 03-30-2009, 12:29 PM   #15
MrJoshua
Member
 
Registered: Apr 2002
Location: Houston Texas
Distribution: Debian / Gentoo / RHEL
Posts: 209

Rep: Reputation: 31
Ok, if they need your data they must get a warrant stating what they are looking for and where. And if you refuse to turn over your key or password. Then you will probably get other crimes obstruction of justice, contempt of court etc... They do not make a habit of using super computers to decrypt your AES256bit HD unless it is crazy important.


Anyway that is kind of a digression and not the point of my post at all. I was just trying let everyone know the importance of protection. Like I said just because for 10 years no one has walked into your house does not mean you should leave the windows and doors unlocked while you are on vacation.

Anyway, move along nothing to see here.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Encrypting the usb flash drive vijaush Linux - Kernel 9 12-16-2011 04:32 AM
Ubuntu: Installed to external hard drive; boot to primary hard drive gives error 22 dcorb62 Linux - General 7 09-04-2007 11:28 PM
Encrypting hard drives? Zmyrgel Slackware 8 02-03-2007 07:54 PM
encrypting hard drive Murdock1979 Linux - Security 2 08-18-2006 06:56 AM
encrypting the hard drive ? memo007 Linux - Security 4 06-06-2005 05:11 PM


All times are GMT -5. The time now is 03:41 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration