Sign in with
Sign up | Sign in

TrueCrypt 6.3a On Windows 7 Ultimate x64

System Encryption: BitLocker And TrueCrypt Compared
By

TrueCrypt's site claims the software has been downloaded more than 13 million times. This has to be put into perspective. Compression tools like WinZip are mainstream and universal. They get massive download rates because everybody uses them. Encryption is still in the outer orbit of mainstream awareness. Relatively few people use encryption. It's one of those things that most folks don't seriously consider until they've been burnt by not employing it. So, 13 million TrueCrypt downloads is really a telling sign of this software's popularity.

TrueCrypt is much more flexible than BitLocker. For example, you can create encrypted containers. These containers have to be set to a fixed size, and they can be mounted as individual drives to your system. The system isn't confined to Vista or Windows 7, as with BitLocker. Windows XP, Mac OS X, and Linux are also supported. TrueCrypt actually originated on these non-Windows platforms, so be sure to use version 6 if you want to add encryption to an existing Windows installation.

There are a few things to consider before deploying TrueCrypt. First, TrueCrypt doesn't offer any way to recover your encrypted partition if you lose your passphrase. The only option would be a brute force or side channel attack, but if all the governments of the world can't crack AES-256, your odds are pretty slim. TrueCrypt also allows for the creation of hidden partitions and even denying their existance. You could create two encrypted system partitons and hide one of them. The visible one works as a decoy, which you could use regularly to give off the impression that it's your active system. Whether you boot the hidden system or the decoy is decided by the passphrase you type at startup. TrueCrypt offers comprehensive information on running hidden operating systems.

Select whether you want to create a normally encrypted system or an hidden installation.

TrueCrypt can also handle multi-boot environments with multiple operating systems installed in parallel.

You can choose between several encryption algorithms and hash algorithms.

This section is really important, as there is no backdoor to recover forgotten passwords!

Ask a Category Expert

Create a new thread in the Reviews comments forum about this subject

Example: Notebook, Android, SSD hard drive

Display all 54 comments.
This thread is closed for comments
Top Comments
  • 16 Hide
    Anonymous , April 28, 2010 6:19 AM
    TrueCrypt is
    1-open source
    2-multipe OS
    3-free
    there for its the best chose for every one.
  • 12 Hide
    palladin9479 , April 28, 2010 7:35 AM
    Ohhh kay ..... their acting like hardware based encryption is new or something Intel invented / pioneered. Via was doing it for years before Intel, they even have hardware based random number generation and SHA hashing.
Other Comments
  • 16 Hide
    Anonymous , April 28, 2010 6:19 AM
    TrueCrypt is
    1-open source
    2-multipe OS
    3-free
    there for its the best chose for every one.
  • 12 Hide
    palladin9479 , April 28, 2010 7:35 AM
    Ohhh kay ..... their acting like hardware based encryption is new or something Intel invented / pioneered. Via was doing it for years before Intel, they even have hardware based random number generation and SHA hashing.
  • 5 Hide
    amnotanoobie , April 28, 2010 8:21 AM
    palladin9479Ohhh kay ..... their acting like hardware based encryption is new or something Intel invented / pioneered. Via was doing it for years before Intel, they even have hardware based random number generation and SHA hashing.


    Though VIA technically doesn't really have a large enough market share to push trends with software makers. Once Intel does include a feature (unique or other-wise), it usually makes people pay attention just simply due to their size and reach.
  • 0 Hide
    Anonymous , April 28, 2010 8:33 AM
    Honestly if you are in a situation that Truecrypt is the only option and you need that functionality, go for it. But IMHO if you can use BitLocker I would choose that over TC since, contrary to popular belief, I'd think MS has it engineered fairly well to work without stuff breaking all over the place. And I'm sure they've documented it well enough to cover all caveats and pros/cons of its usage.

    Though, personally, I love TC from the drive-inside-a-drive encryption standpoint. Just makes sense.
  • 5 Hide
    martel80 , April 28, 2010 8:43 AM
    What about testing slowdown of a SSD-equipped computer? (Drive benchmarks comparing throughput with/without encryption)
  • 1 Hide
    Anonymous , April 28, 2010 8:55 AM
    "AES-NI is included on all Core i5 desktop processors"

    Not all desktop i5 processors have AES. The quad cores do not.
  • 2 Hide
    DSpider , April 28, 2010 9:26 AM
    Full encryption is only "needed" if you use a laptop with sensitive material on it. And I'm not talking about porn here... Bussiness stuff. Patents, ideas, MacDonalds recepies. Other uses imply a USB stick and external HDDs.

    The simple fact that you can run TrueCrypt from Linux and OS X (especially if you have a MacBook) makes it a very good choice. Also, for this type of security I think open source is better because closed sources may have developer "backdoors" built-in.
  • 0 Hide
    DSpider , April 28, 2010 9:30 AM
    Oh, and I would suggest you stick to containers instead of full drive encryption. Why ? Because if you have a 500 GB drive fully encrypted and there's a problem with it (bad sectors for instance) you basically loose everything on it.
  • 3 Hide
    WR , April 28, 2010 12:08 PM
    Not true. These are block-based encryption algorithms. If you have a bad sector all you'd lose is that block. The TC driver processes 512 bytes at a time, which means you'd lose one sector.
  • 1 Hide
    nukemaster , April 28, 2010 12:36 PM
    I am not paranoid enough about my files yet.
  • -2 Hide
    tommysch , April 28, 2010 1:13 PM
    TrueCrypt is by far superior.
  • -3 Hide
    gogogadgetliver , April 28, 2010 2:06 PM
    I don't think they're giving Microsoft enough credit here.

    Some of us could care less about features. I want my data to be safe and I want whatever is doing that to GTF out of my way. The only feature I really care about is the "on" switch. That said I think
    Microsoft's slightly better performance lands the deal.

    Your talking MSFT vs an Opensource solution though so the Fanboyism is probably going to run rampant. I'll give my Kudos: Trucrypt is a solid product. I'm just choosing the competitor.
  • 3 Hide
    dman3k , April 28, 2010 2:28 PM
    AnonymousTrueCrypt is1-open source2-multipe OS3-freethere for its the best chose for every one.
    open source not not mean better - plenty of bad open source stuff out there; multiple oses depends on your network... most companies choose to have everyone using the same OS for security update purposes; bitlocker comes included in business tier/ultimate editions of the most popular OS in the world.

    Your points are completely invalid.

    I chose bitlocker because I was told it was way faster, and apparently that's not true. Seeing that TrueCrypt can do hidden partitions, I'm going to ask the IT team to look into switching. This feature is excellent for a cost of few more processing power.

    Don't be a fanboy.

    Excellent article. Thank you, Tom's.
  • 1 Hide
    killerclick , April 28, 2010 3:05 PM
    TrueCrypt is better, that's why I use it.
  • -2 Hide
    CChick , April 28, 2010 3:05 PM
    I loled so hard at the Secret Partition part.

    I was told by my professor that when Government throw their "used to be top secret" stuff away (say, a HDD), they usually re-write it 7 times with other data, then they will burn it. cuz this almost guarantees that nothing can be recovered.

    I guess I will rewrite my drive 10 times with the TrueCyrpt :) , Cuz I dont really like the idea of other people reading my data, even my drive has nothing important.
  • -5 Hide
    htoonthura , April 28, 2010 4:16 PM
    One thing i do not like about truecrypt is : it asks password to load windows. because of that, truecrypt is only suitable for personal use.
  • 1 Hide
    Skippy27 , April 28, 2010 4:55 PM
    CChick I think you misunderstood it. First off, he made clear that there is not a government in the world that can crack the 256-bit encryption so anything in there is safe anyway. Secondly, what you are speaking of is a drive "wiping" to make anything on there none recoverable. DOD standards require 7 passes if I am not mistaken.

    If you are getting rid of a none encrypted drive I would certainly recommend you get a produce like KillDisk and use the DOD wipe on it. At work, we use an encrypted drive so we only use the 1 pass wipe of the drive. If a drive is not encrypted for some reason (server drives) we are required to use the DOD approach.
  • 0 Hide
    douglaskuntz , April 28, 2010 5:40 PM
    htoonthuraOne thing i do not like about truecrypt is : it asks password to load windows. because of that, truecrypt is only suitable for personal use.


    Because business users are unable to type in passwords?

    Though one thing they forgot to mention: You can not do WDE on OS X yet, with True Crypt... You can with PGP WDE, though.
  • 3 Hide
    jasperjones , April 28, 2010 5:48 PM
    Truecrypt is NOT open-source software in the conventional sense. Yes, the source code (of the latest version only) is available. But the license they use does not meet the open source definition and hence is not recognized by the Open Source Initiative.

    Virtually all major Linux distros consider Truecrypt not free as well.
  • 0 Hide
    dreamer77dd , April 28, 2010 6:42 PM
    is their any plans to make these software be hardware accelerated, use multi cores like 8 because we know thats coming around the corner? any news or knowledge about this? the future is always interesting
Display more comments