Yes, finally
TrueCrypt offers you encryption of your whole hard drives. That feature I was looking for for ages. I was noticed about the
new TrueCrypt-Version by Thomas from Glorf-IT, later on I read the article on
heise.
I
immediately downloaded the new version and started installing it. On my
laptop. Not on my PC. On my laptop is only data that is stored on my
pc's drives so there is no actual loss if something is messed up up
afterwards.
The Installation process starts as usual, installing
the new TrueCrypt on your computer. Then after starting I recognized
this nice menu entry
Encrypt System Partition/Drive... Well, that's is the killer feature.
Now,
guess, what the first action was I did with the new version. I just
clicked on it. In the following process TrueCrypt asks you for several
things; do you want to encrypt only the windows system partition or the
whole disk drive? Is it a single boot or multi boot-system? Next
question is: What encryption algorithm do you want? If you cannot
decide, you can benchmark your system and select the fastest one. After
choosing one you have to specify the password. And this password should
a a) safe (letters, numbers, special characters, randomly mixed) and b)
unique (don't use a password you used anywhere else).
After that
you find yourself inside the matrix. TrueCrypt pops up a dialog that
tracks your mouse movement above this dialogue. The generated data are
used for encryption. So, the longer and the more randomly you move, the
better the encryption will be.
After
this, the actual keys are calculated. The next step convinced me that
everything I'm doing is well planned and even for common users no big
deal at all. TrueCrypt wants me to save a
TrueCrypt Rescue Disc.
What
is a True Crypt Rescue Disc? Quite simple. It is a disk with three
parts that will help regain your data if anything goes wrong during the
encryption process or later on using your encrypted drive. With the TRD
four things can be done. These are:
- Information is stored to restore your TrueCrypt boot loader, your master key, or other critical data.
- The TRD itself is bootable and loads afterwards the system that is stored inside your encrypted volume.
- If your system gets damaged, the TRD can decrypt the volume for external access.
- The
TRD contains a backup of the first drive cylinder. That cylinder
usually contains the system boot loader., so the original statecan be
restored.
After saving this ISO-file, you have to burn it.
TrueCrypt stops working until it has verified the data on the CD. That
means, you are forced to burn the CD. Well, from my point of view this
is a very smart way to prevent data loss. And TrueCrypt also provides
you two tools for burning it. What a service. Kudos to the
TrueCrypt-Team. This is just a amazing piece of software with many
detailed thoughts went into.
So, next step. When the CD is
verified, you can choose if and how often your hard drive shall be
wiped before the actual encrypted data is stored. Because of the time
consumption and the data I have on my laptop, I decided not to wipe my
drive. While nearing completion TrueCrypt now does a testboot with the
boot loader installed and where you have to enter your password. If
this test boot is ok, you can press the red button and start encrypting
your drive.
In résumé there is just to say that TrueCrypt 5 is a
leap forward in free cryptography and personal securirty. And this
whole thing is presented in an easy to use way. Everyone out there who
never thought about personally securing his data, just give it a try.
And wish me luck. 49 minutes remianing until my drive is finished :)