Home

Best Free Drive Encryption Utility

Sun, 06/15/2008 - 06:00 — philip

There are two main classes of encryption software:

1. Software capable of encrypting some combination of files (multiple), folders, and partitions. Included is software that can encrypt entire disks, but not drives that contain an active operating system.

2. Full drive encryption software used to encrypt drives (partitions or full disks) that contain active operating systems. This is the category of programs that are reviewed on this page.

Note: Full drive encryption software modifies the boot sector of the active drive. On boot, the first step is to start a micro-system that can decrypt the drive so that the operating system can be booted. You may not be able to use full drive encryption, and also dual-boot your computer.

Cautions:

1. Data security is harder than you may think. There are many pitfalls that even experienced computer users face when it comes to keeping personal data private, particularly when using a mobile computer (e.g., laptop).

2. Operating systems are messy. They leave behind all sorts of echos of the data they access or process -- swap files, temp files, hibernation files, erased files, browser artifacts, etc. You need full disk/drive encryption software to protect the data on your laptop. [personal encryption programs]

3. Encryption programs that create encrypted "volumes" (files that contain encrypted files) do not change the size of the volume file, and may not change it's "date modified" even though content in the file has been changed or modified.  The purpose is to maintain "plausable deniability", but the result can be that your backup software does not recognize that the file has changed, and skips backing it up.

The top [free] product in this category is TrueCrypt, an open-source utility which enables you to create encrypted "virtual" drives of almost unlimited size, and in which you can securely store files and keep them away from prying eyes. As of version 5.0, TrueCrypt can encrypt Windows boot partitions or entire boot disks, and includes support for secure hibernation.

TrueCrypt offers a wide range of encryption algorithms, including the option to encrypt with multiple algorithms, as well as "plausible deniability" for the benefit of the truly paranoid. The program is very stable (although backups before applying encryption are obviously recommended).

Newbies might find TrueCrypt a bit daunting at first; however, more experienced users who want serious virtual drive encryption would be hard-put to find a better program.

TrueCrypt is great for protecting your data on USB flash drives too, though make sure you copy truecrypt.exe and truecrypt.sys onto the drive as unencrypted files. Note that you will need admin privileges on the host computer.

BitLocker, encryption that is built-in to Windows Vista's (Enterprise and Ultimate versions), also allows user to encrypt their Windows disk/partition as well as other disks or partions. While it's a solid solution, it may not be easy to deploy it on your computer.

TrueCrypt
Website: http://www.truecrypt.org/
Author: Open-source
Current version: 6.0a
Version date: July 7, 2008
License: Open-source (freeware)
Download File size: 2.85 MB
Operating Systems Supported: Windows Vista/XP/2000; Mac OS X; Linux
64 version available: No
Portable version available: Yes, traveler-mode
Non-English languages supported: n/a
Other relevant information: As of version 5.0, TrueCrypt can encrypt the Windows boot partition or entire boot disk.

Microsoft BitLocker
Website: Learn about the features.
Author: Microsoft
License: This software is part of Vista
Operating Systems Supported: Windows Vista's (Enterprise and Ultimate versions)
Non-English languages supported: The same as Vista
Other relevant information: Wiki page on Microsoft BitLocker

Related Topics

1. Best Free File Encryption Utility

This software category is maintained by volunteer editor Philip Spohn.

Bookmark/Search this post with:
#1Submitted by scribbler on Tue, 04/22/2008 - 00:50.

While I agree TrueCrypt is a great bit of kit to have on your PC/USB, I found another one recently which is so simply and easy to use, as well as small in size, that I really am impressed by it no end!  It comes from "Jetico", who's stable includes the following..

..all of which have been around for some time, and come in various different versions.  But the program I want to bring to your attention here is called "BestCrypt Traveller"..which is a small freeware version of it's big brother.  It comes in a single small .exe file, that will allow you to store it on a USB or your PC/LapTop and, once there, it can be used to set up and use a virtual drive, complete with drive letter, which is password protected and holds any number of files, folders..or both, as long as their total combined size is not greater than the size of the drive you originally created.

The program, when in use, sits in your system tray in the form of a little icon that, when clicked on, offers a pop-up menu from which you creat/mount/dismount the drive in question.  When not in use, the drive and the files/folders it containes, like all virtual drives, still resides on your system or USB, but is invisible to both you and other parties until it is mounted..at which time it appears in the lists of drives on your system.

Overall..for design, ease of use and usefulness, I give it "10 out of 10"

 

#2Submitted by Anonymous on Sat, 05/17/2008 - 18:34.

It's an elegant little program but it should not be named "Traveller" because you can only mount the encrypted container if you have administrator privilege on the host computer. The only truly portable encryption program that I have found is Remora USB Guard, but it encrypts and decrypts on a file-by-file basis (even if you choose to encrypt a whole folder) and is too painfully slow to use as protection for a whole USB flash drive.

If anyone knows of a utility like BC Traveller or Portable Vault that doesn't require administrator privilege on the host, I would love to know about it.

#3Submitted by Anonymous on Sun, 05/18/2008 - 17:20.

You can use TrueCypt in combination with TCExplorer.
http://www.codeproject.com/KB/files/TCExplorer.aspx
It will allow you to mount truecrypt volums (fat formated) without administrator privileges.

#4Submitted by Anonymous on Sat, 04/19/2008 - 16:58.

Wonderful program. 5 stars

#5Submitted by Anonymous on Wed, 04/16/2008 - 09:39.

A worthy alternative to TrueCrypt is Free Compusec, a product from German security specialist CE Infosys.
Free Compusec is a complete security suite including drive encryption,file encryption, secure VOIP and more. It is the full product and is completeley free (even for business use!). Only support and global deployment and administration software (for companies) is not free.

http://www.ce-infosys.com/english/downloads/free_compusec/index.html

#6Submitted by Anonymous on Tue, 06/17/2008 - 19:26.

I would agree that Compusec is is quite worthy of mention... while I have been a TrueCrypt user for a while I wanted something that would encrypt my system drive as well. It does mean that I can't multiboot from my laptop drive but if [or possibly when] it gets ripped off I will have little concern for the "unwanted recovery" of any data that is on it.

#7Submitted by Anonymous on Sun, 04/20/2008 - 00:57.

My main objection to CompuSec is its statement that you can't use other boot loaders or partitioning software with it. Otherwise, its ability to encrypt the entire system disk is indeed attractive (especially for a laptop).

- bill

#8Submitted by Anonymous on Fri, 06/06/2008 - 20:40.

This objection is only valid for system drive encryption. The same goes for all the other programs (including Truecrypt), as the encryption/decryption program must start before the OS, i.e. in the bootloader part of the hard drive. That's why you cannot have both system drive encryption and third-party bootlader. They would use same place on the hard drive...