Protect Your Data! TrueCrypt 7.0a's Performance, Analyzed

A Performance Check Using TrueCrypt 7.0a

Payment slips saved in PDF format, e-mail correspondence with the top brass, and your personal log-in info for a number of Web-based services: those are but a few example of information you wouldn't want to give up to any stranger. However, it can be quite easy for unauthorized third parties to get their hands on that information is if it is stored on an external hard drive, laptop, or USB stick without proper protection. Shoot, even a massive corporation like Sony can't keep its customers safeguarded in its own data center. If someone wants it bad enough, you can consider your machine, accessible through an always-on Internet connection, as good as compromised. And if your mobile hardware is stolen or accidentally misplaced, the economical hit of replacing it is probably going to be the least of your worries. 

Obviously, losing data doesn't automatically mean that someone is going to take advantage of it or you. But in a worst-case scenario, less-savory personalities can use it to cause harm. For example, the new owner of your notebook might very well get access to your Facebook or eBay accounts and cause some havoc. And losing work-related hardware with sensitive information on it not only puts your company at a competitive disadvantage, but can also sink it outright.

Convenience Beats Concern About Personal Data

Recent studies show that while users do indeed care about their personal data, they do not put much effort into protecting it. IT service provider Unisys found the following: while 72% of the people asked feared the possibility of identity theft, only 37% of them used strong passwords and changed them regularly. In plain English, in the face of a vague threat, people prefer taking a risk over making an effort. Clearly, this is a true revelation of human nature (Ed.: that's just dripping with sarcasm).

Simple security measures like using a Windows password do not constitute a serious barrier to data thieves. All they have to do is to connect the hard drive to another machine in order to gain access to the data. The only really safe way to protect data is using modern encryption solutions in combination with secure passwords, something that actually does not require as much effort as people think.

Microsoft, aware of the lack of security in our modern IT-oriented society, offers its own encryption software for the Enterprise and Ultimate versions of Windows 7 called BitLocker. The open source tool TrueCrypt is a safe and effective alternative to BitLocker. It enjoys the benefit of being available to everyone, while at the same time offering more data encryption options and support for more operating systems. TrueCrypt is easy to install on existing Windows configurations and, just like BitLocker, it offers real-time encryption. You can read our step-by-step instructions on how to install TrueCrypt 6.1 with a few mouse clicks. You might also find our BitLocker and TrueCrypt performance comparison interesting.

No Access without a Password

There's no question about it. With more than 16 million downloads just from its official site, TrueCrypt is very popular. Before you start using the program, you should be aware that there is no way to access an encrypted partition if you forget your password. Brute force is as good as futile, given the 256-bit-strong AES encryption algorithm.

TrueCrypt creates a recovery CD/DVD (rescue disc) during the installation, but this is only intended for restoring the system in case of critical errors, such as a damaged boot loader. You still need your password. Authenticated users can reverse a TrueCrypt encryption back into an unencrypted one at any time, if they want to.

  • truchonic
    can we send this to sony?
  • eddieroolz
    I like the jab at Sony in the opening page!

    Anyhow. I've used TrueCrypt 7.0a for about a year now to secure my sensitive information. I've only encrypted a non-system partition as of now, but for the purpose of storing sensitive files the performance hit is unnoticeable. Took a bit of time to set up, but in the end, all worth it.
  • kikireeki
    TrueCrypt is the best, but anyone who uses it should keep in mind that the data encrypted by it is not meant to be recoverable.
  • I encrypted my HP dm1z "netbook" system partition with Truecrypt. Even without AES-NI support by AMD E-350 the computer is still very responsive for non-gaming tasks. Thanks to Truecrypt for their great encryption utility and also to AMD for making a decent low-end APU.
  • jrnyfan
    True Crypt pwns. fin.
  • alidan
    a strong password and change it often...
    yea thats so not happening.

    i could make my password look like that,
    but it would be REALY HARD to remember, and changeing it on a, lets say, monthly basis.... who are you kidding.

    i have a 5 letter password
    i have an 8 letter password
    and i have a 6 letter password for when places force me to use a number, but at the same time, wont let me have 2 letters that are the same in a password.

    i find it agonizingly annoying that i cant use a 5 letter password for everything, because i despise having more than 1. its my account, i will make it as secure as i want. i pay 10$ a month for id theft protection, is an account is lost because of "hacker" i tell someone about it and the account is dead to me.

    i have only had 1 hacker in my life go for any one of my 100's of accounts (i mean 100's literally) and that is my gaia account that i made when gaia was new, and someone tried to brute force the account, 5 times back in 2008 (i have the emails in a special folder labeled F@$#ING BRUTEFORCER, without the censoring) and not a f@#$ was given by gaia (i didn't care, i stopped using it years before, i just informed them that some a$$hole was hacking my account to hopefully ban them, but they told me to p!SS off in almost those exact words). honestly security is overrated, yea id theft is bad, if you are parinoid, get protection and stop worrying, get a password that is 10 letters and number long, as no one is bruteforceing that, refuardless of where the account it, as long as they don't have your info or actually hacked the service.
  • memadmax
    hackers use bruteforce as last resort as it takes so long.
    Now they do the sneaky worm into your keyboard with a keylogger most times. Or if they are really targeting you, or want you bad, they will dig in your garbage....
    Net Security 101...
  • sudeshc
    You want best encryption deal with the drawbacks as you find them or else write your own encryption logic.
  • alidan
    memadmaxalidan,hackers use bruteforce as last resort as it takes so long.Now they do the sneaky worm into your keyboard with a keylogger most times. Or if they are really targeting you, or want you bad, they will dig in your garbage....Net Security 101...
    not realy, what they do first and formost, is check any online foot mark you have. usualy your password is something you know, such as mothers maden name or a birthday. i use to use my birthday completely spelt out, but that is to long for MANY passwords, and, as you can see, my spelling is atrocious, so i spell it wrong 9 times out of 10.

    but its my point exactly, they will get the info weather you want them to or not, and odds are, they will dumpser dive a hospital, dentist office, or doctors to get the info before they will ever go online.
  • Wamphryi
    I think that some may be missing the point about the benefits of encryption. For data on more portable media Truecrypt is most excellent. Also to be considered is that the data thief you should worry most about is not the Super Hacker on line but the opportunist thief who happens to steal your laptop. Your mail and photos etc in the hands of some petty thief?