Encryption is a process of encoding information so that it cannot be accessed by others unless they have the key needed to decode it. Encryption is usually used to protect highly sensitive documents, but it's also a good way to stop people from looking at your personal stuff.
Products reviewed in this article—Best Free Encrypted Virtual Drive Utility—fall in the second item of Primary Encryption Utility Categories. Some products, e.g., TrueCrypt, fall in multiple categories.
Read also Cautionary Notes at the end of this article.
A free disk encryption software based on TrueCrypt.
Platforms/Download: Linux | Mac OS | Windows (Desktop) |
Version reviewed: n/a
|Our Rating: 5/5
TrueCrypt is the seasoned but abandoned predecessor to VeraCrypt. It once met my criteria for selecting encryption software. The developers of TrueCrypt dropped a bombshell though. It's complicated.... TrueCrypt did pass a preliminary independent audit in 2015, but the dereliction of TrueCrypt now changes everything. For example, recent (September, 2015) vulnerabilities (which will never be patched) have been discovered in TrueCrypt.
Bizarre story behind TrueCrypt: The Atavist Magazine ran a special 7 episode series, The Mastermind, on the backstory of TrueCrypt and it's demise. [Index at Longform.org] It's a great read. Certainly more surprising than fiction. You can deduce a more plausible truth about the origins and demise of TrueCrypt from that series than from any of the many other stories on the internet. Scroll down to the bottom of each page to find the link to each next episode.
- CipherShed (not a typo) is another fork of TrueCrypt that holds promise. CipherShed development started later than VeraCrypt, and has not moved as fast. As of Oct. 2015 there are some impediments, and CipherShed is quite a ways from release.
- LibreCrypt (formerly DoxBox) is based on the venerable, but abandoned OpenOTFE by Sarah Dean. It is very similar to TrueCrypt. As of Oct. 2015 LibreCrypt is in beta, also has some impediments, and is quite a ways from release.
- Rohos Mini Drive is a "portable" program that creates a hidden, encrypted partition on USB flash drives.
- Pismo File Mount Audit Package is a file system extension that provides Windows Explorer context menu access to special encrypted files that open to encrypted folders. Applications can write directly to these encrypted folders, which helps assure that plain-text copies of the original document are not left behind on your hard drive.
- Best Free File Encryption Utility has reviews of programs used to encrypt files and/or folders directly.
- Best Free Drive Encryption Utility has reviews of programs used to encrypt entire drives, including partitions and removable storage media like USB drives.
- Best Free Encryption Utility for Cloud Storage reviews programs for client-side encryption.
- Best Free Encryption Utility for Personal Use at Work reviews alternative encryption programs that you can use in portable mode.
- Encryption is Not Enough offers further cautions on encryption, and on what you need to do beyond encryption to be sure your private data is not lost or exposed.
Primary Encryption Utility Categories
Why use categories here? To bring a little order to the large catalog of encryption utility reviews at this site. This particular review article is limited to "encrypted virtual drive" utilities in the second item below. Other utilites are reviewed accordingly in Related Articles.
- Encryption utilities that encrypt files/folders directly: These utilities encrypt discrete files and/or folders directly, in contrast to utilities that encrypt and store files in volumes (archives, i.e., container files). File-based utilities may operate in batch mode or in on-the-fly mode.
- Virtual-drive encryption utilities - the utilities reviewed in this article: These utilities create volumes (encrypted containers/archives) which are mounted in the file-system as virtual drives, complete with drive letters, e.g. "V:". These drives can contain both files and folders. The computer's file system can read, write and create documents in real time, directly in cleartext. Many of the products in this category can also be used for full-drive encryption. Virtual-drive utilities operate in what's called OTFE (on-the-fly encryption) mode.
- Full-drive encryption utilities are specialized for encrypting entire storage devices, e.g., hard-drives, drive partitions and USB drives. Some utilities in this category can also encrypt drives that operating system are installed on.
- Client-side encryption utilities for the cloud: A newly emerged category. These utilities encrypt files before they are uploaded to cloud sync/storage locations. The files are encrypted in transit and while at rest in the cloud. Cloud encryption utilities employ various forms of virtualization to present cleartext client-side, and they operate in on-the-fly mode.
Operating systems are messy: Echos of your personal data—swap files, temp files, hibernation files, erased files, browser artifacts, etc.—are likely to remain on any computer that you use to access the data. It is a trivial task to extract those echos.
For example, when you encrypt and compress files, clear-text versions that existed before you compress/encrypt the file or clear-text copies that are created after you decrypt/decompress it remain on your hard drive. Unless you purge—not just delete—those clear-text files. :-(
The fact that an encryption program "works" does not mean that it is secure. New encryption utilities often appear after someone reads up on applied cryptography, selects or devises an algorithm - maybe even a reliable open source one - implements a user interface, tests the program to make sure it works, and thinks he's done. He's not. Such a program is almost certain to harbor fatal flaws.
Functionality does not equal quality, and no amount of beta testing will ever reveal a security flaw. Too many products are merely buzzword compliant; they use secure cryptography, but they are not secure." --Bruce Schneier, in Security Pitfalls in Cryptography.
- Further advice about how to use encryption are discussed in Encryption is Not Enough, including what you need to do beyond encryption to be sure your private data is not lost or exposed.
This category is maintained by volunteer editor philip. Registered members can contact the editor with any comments or suggestions they might have by clicking here.
Please rate this article: