Log in

View Full Version : Encrypting files: How to use them and keep them updated.


FailedArtifact
2008-12-02, 12:12
Problem is that I need to secure some files and folders which total to around 40gb. Though I need to have access to them to either use or add to. However I can't see an easy way to have them encrypted 24/7.

Things I have thought about:
1.)Putting them in an achieve, where i can put an AES-256 encryption on them. However it takes about 20 hours to encrypt them in to the achieve. And then I believe there will be several problems of using the files, as they are in the achieve. It would mean ill have to move specific files out of the achieve, modify, then move them back (all of which is too time consuming to do every day)

2.)Don't use Windows and use Linux (I have Ubuntu on same hard drive), and use password to get into the system in the first place. However I am not sure how easy it is to get into Linux via back-doors. Or if you can easily access files from another computer with current hard drive as slave.

Idea '2.)' Doesn't also work, because The file names are also ones which could get me in trouble, even if 'they' can't actually access the file due to user restrictions. You could say to me that i could just change the folder/file names to something which i can remember, but that's just getting a bit too silly when it comes to renaming 40 files to something anonymous.

Any idea's on how I can keep files in an strong encryption as well as using/modifying them on a weekly bases easily?

Thanks for future comments.

dfgremnantsunleashed
2008-12-02, 17:56
Try TrueCrypt.
It can encrypt partitions and its way easier to use and update.

And it's free.

Prometheum
2008-12-02, 21:13
If you're up for reinstalling Ubuntu, you can just use the "alternative" CD and set up Full-Disk Encryption from there. You put in a password for the encryption every time you boot up, and then the system transparently accesses the drive through a crypto loop in the kernel. When viewed offline (i.e. not unlocked by you) the drive will look like it contains random data.

This is probably the most secure method, as Windows is non-free and could easily be sending your cleartexts to the NSA.

dfgremnantsunleashed
2008-12-02, 21:26
If you're up for reinstalling Ubuntu, you can just use the "alternative" CD and set up Full-Disk Encryption from there. You put in a password for the encryption every time you boot up, and then the system transparently accesses the drive through a crypto loop in the kernel. When viewed offline (i.e. not unlocked by you) the drive will look like it contains random data.

This is probably the most secure method, as Windows is non-free and could easily be sending your cleartexts to the NSA.

Normally, i would bitch about Windows not being a bot etc but since i am neutral in this regard (Open to all OS's platforms) i wont bitch about it. However, i did like your idea of Full Disk encryption, but if the OP desires to use Windows (because he thinks it might suit him (although Linux is still better) or some other posters wants to try it) Truecrypt does offer encryption of your Windows (install) partition.


Keep, in mind. Although encryption is good in your Internal HDD i would suggest you to get a portable HDD and encrypt it just in case your Internal HDD dies.

I have one small question for Prometheum, if for some reason my HDD dies/fails/or gets fucked up. What are the chances of me recovering my encrypted data from that HDD.

enkrypt0r
2008-12-02, 23:39
40 gigs of pr0n? Wow, dude.

Also, TrueCrypt.

Prometheum
2008-12-03, 00:45
Normally, i would bitch about Windows not being a bot etc but since i am neutral in this regard (Open to all OS's platforms) i wont bitch about it. However, i did like your idea of Full Disk encryption, but if the OP desires to use Windows (because he thinks it might suit him (although Linux is still better) or some other posters wants to try it) Truecrypt does offer encryption of your Windows (install) partition.


Keep, in mind. Although encryption is good in your Internal HDD i would suggest you to get a portable HDD and encrypt it just in case your Internal HDD dies.

I have one small question for Prometheum, if for some reason my HDD dies/fails/or gets fucked up. What are the chances of me recovering my encrypted data from that HDD.

As to the question addressed to me: Not very good. For one, if the drive is damaged, the likelihood wouldn't have been good anyways, but a lot of crypto stuff has the effect of spreading the data out and making it more reliant on pieces being there. It can be somewhat fragile. Use a RAID if you're uncomfortable with that. I'm not, because I trust my drives not to fail (I take very good care of my hardware and put it out to pasture when it starts getting old).

Windows is fundamentally insecure and should never be used. It just cannot be trusted.

MaddMan
2008-12-03, 07:38
Idea '2.)' Doesn't also work, because The file names are also ones which could get me in trouble, even if 'they' can't actually access the file due to user restrictions

Srsly, just put your CP on an external HDD.

FailedArtifact
2008-12-03, 18:50
Thanks for the messages, and it seems that you lot have come up with what Im looking for. Im only using windows still becuase I needed to bridge 2 connections into my internet, and didn't have enough experiance to do it in linux. Though i do not need to do that anymore.

But ill try reinstalling linux (is Ubuntu a good one to use? Or is there a distro more on the encrypto scene?) with the full partition encryption. However i don't remember seeing an option for 'Full-Disk Encryption'.

dfgremnantsunleashed: What do you mean 'alternative CD'?

dfgremnantsunleashed
2008-12-03, 19:22
Thanks for the messages, and it seems that you lot have come up with what Im looking for. Im only using windows still becuase I needed to bridge 2 connections into my internet, and didn't have enough experiance to do it in linux. Though i do not need to do that anymore.

But ill try reinstalling linux (is Ubuntu a good one to use? Or is there a distro more on the encrypto scene?) with the full partition encryption. However i don't remember seeing an option for 'Full-Disk Encryption'.

dfgremnantsunleashed: What do you mean 'alternative CD'?

I didn't use the term Alternative CD in my posts, however Prometheum used that concept. He can explain it better then me.
Sorry, but he is really good with Linux :).

FailedArtifact
2008-12-03, 21:48
I didn't use the term Alternative CD in my posts, however Prometheum used that concept. He can explain it better then me.
Sorry, but he is really good with Linux :).

Ah! sorry, i misread.

EDIT:

I guess the alternative install is the one with out the graphical user interface.. well thats the only type of distro i can find which has the words alternative.

13579
2008-12-04, 07:13
Flashdrive + truecrypt

FailedArtifact
2008-12-04, 08:09
40+gb Flashdrive! you mean solid state harddrives?

oddballz194
2008-12-04, 11:17
40+gb Flashdrive! you mean solid state harddrives?

If you use keyfiles instead of passwords, 1GB of space can provide a lot of keyspace to search to open your (regular) harddrive.

t0p
2008-12-04, 22:04
If you use the ubuntu alternate install cd to create an encrypted disk, you need to remember that when you're logged in, the disk will be unencrypted. So if you're worried about the five-oh or whoever coming for you while you're sitting at the computer, full disk encryption isn't the solution for you.

Trucrypt is good, and it comes in a windoze flavour. Truecrypt isn't in the ubuntu repositories, but you can get a .deb at http://www.truecrypt.org.

Personally, I like getting down and dirty on the command line in linux, so I use cfs (Crypto File System). It fulfills all my encryption needs, and as it's just a tiny command-line utility, no one need even know I have an encryption tool on my machine. cfs is in the ubuntu repos.

FailedArtifact
2008-12-04, 23:30
Cheers t0p. I have downloaded the ubuntu alternative cd, though your right, i don't think ill go with a full disk encryption for your reasons. I have truecrypt running, though im reading up some tutorials on which algorithm i should use and which hash algorithm.

Prometheum
2008-12-05, 00:04
The drive is never "unencrypted". However, the key is in memory when the volume is mounted. This is true for absolutely every single encryption program.

Full-disk crypto is the most secure. Period.