Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Do you encrypt your laptop's hard disk?
60 points by nonane on Sept 12, 2010 | hide | past | favorite | 133 comments
I have a lot of personal and company information on 2 of my laptops (Windows 7 and a MacBook). This includes bank account information, private keys, passwords and proprietary source code. I'm always paranoid about my laptops being physically stolen while I'm traveling or if my office is robbed. To help put my mind at ease (somewhat), I've been looking into whole-drive encryption. Incase my laptop does get stolen, I can be sure the thief does not get my data.

It looks like there are 2 solutions out there for Windows - TrueCrypt and Microsoft's Bitlocker. I can't use Bitlocker because my laptop doesn't have a TPM chip, which I'm told is required to encrypt the boot volume. TrueCrypt looks like the only option available right now for Windows.

Also, it looks OS X does not have built-in whole-drive encryption like Window's Bitlocker. Luckily TrueCrypt also has support for OS X.

What do you use to protect your data? Are there any pitfalls that I need to be aware of (besides loosing your password)?




As a semi-professional nude photographer I have encrypted every hard disk I own, including my laptop's. It's part of my promise to the customers to keep their photos really safe. I am using Ubuntu and LuKs on all my machines because I find it very convenient to have a superb encryption mechanism built in.

As a side note, I do all my picture editing in Gimp. While this is not commom among professional photographers, it contributes in some ways to my landmark style.


Is there a significant style difference between using Gimp and Photoshop? I only know Photoshop, but I've always thought of Gimp as just program for doing basically the same work. I wouldn't think there'd be a difference in the final product.


The most common complaints I've seen are that Gimp isn't Photoshop - meaning PS users who move to it dislike it due to the multi-window UI, 'wrong' key combinations.

I actually used Gimp before PS and from my perspective the only things it really misses are layer groups and layer styles. For PS users there is Gimp Shop[1] which attempts to "deweirdify" the UI to something more reminiscent of PS.

[1]: http://gimpshop.com


Sadly, this is the reality of OSS, layer groups were first proposed (and accepted as a "good idea") as early as 2002, but actually are supposed to come out in Gimp 2.8, which I think is coming out in 2011?

Meanwhile, one can run the external plugins such as this: http://registry.gimp.org/node/16563

For a programmer, GIMP is fine for an occasional photo editing job. Just wish, it could do a better job of importing Photoshop files. I know it is more of PS fault not GIMP's, but still.


I'm intrigued. Do you have some examples of your work?


I am too, not sure why you are being downvoted. I'm interested in finding out what a "landmark style" influenced by using gimp instead of photoshop looks like exactly.


He is being down voted because the first comment of this throwaway account is a boorish redditism asked to someone who just said they value client confidentiality.


Didn't realize the account was made only a few hours ago, so I guess that's not a great sign. I was giving him the benefit of the doubt that he was asking for non-confidential examples of the work out of genuine interest, but maybe that's a little naive on my part.


I'm sure there's a portfolio that we could see.


First off, I'd like to throw Bitlocker back in the ring and tell you that boot volume encryption is relatively unimportant for the threat model you propose, specifically untargeted data at rest.

Boot volume encryption/verification is designed to protect you against attackers who would replace your boot image with a one that contains a rootkit or keylogger. This threat model requires serious forethought and planning on the part of the attacker. He is likely targeting you or your company and he wants to do it steathily. Under this kind of threat, you really need the entire company to adopt an extremely high level of operational security. (Remember your security is only as strong as the weakest link in the chain.) Usually, this kind of paranoia is reserved for three letter agencies.

I should mention that Truecrypt doesn't protect against this threat either. At some point, there needs to be an unencrypted bootloader, which can be attacked. Hardware boot volume verification would verify that the bootloader has not been modified, which is what TPM tries to do.

Unless the encryption is implemented poorly (which in Truecrypt and Bitlocker is not) an attacker with access to your boot partition cannot attack your data partition without additional information (like your password).

On OS X, I've heard good things about PGP Whole Disk Encryption. I don't know if Truecrypt can handle Boot Camp (PGP WDE can), if you care about that at all. On Linux, I use dm-crypt + luks


I use PGP WDE on OSX. It is easy to use and doesn't seem to slow it down much.

I have however ran into one problem: The licensing app somehow "forgot" that it was registered (something to do with changing active directory binding). I would not have noticed except I went looking for why the computer was so slow.

I opened the PGP app and it said it wasn't licensed and the disk was "decrypting" itself.

I had to wait for basically 3 hours for it to decrypt the disk, re-enter my registration information, and re-encrypt the disk.


I don't agree with the above.

If we're talking about Windows, it's not "boot volume encryption" but the "C: disk encryption" that you have to worry about even if the attack scenario is data at rest. If you don't encrypt C: disk every forensic worker will trivially recover a lot of material that you'd believe was encrypted on another partition.

If we're talking about Linux where you configured /boot unencrypted and everything else encrypted, only then it's about the attack scenario that parent mentions.


Bitlocker, Truecrypt, dm-crypt, PGP WDE will encrypt your data but leave something unencrypted in order to boot from it.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.


Okay, seems a lot of people misunderstood what I meant.

There is no such thing as full disk encryption, at least in the "full" sense of the term. There will be some unencrypted partition somewhere that boots the OS. TPM is designed to verify that this partition has not changed from a trusted configuration. I wanted to say that OP does not need this level of security, which is why Bitlocker is a viable and free and fast solution for him to use. (And the security current implementations of TPM provide are questionable right now.)

Applications should not be allowed to write to this partition without elevated privileges. The OS shouldn't be writing to this during normal operation either. Sensitive data should not be put on this partition, and as far as I have heard, Windows has not done anything like this.

When I say "data", what I refer to is the C: drive. With Bitlocker and Truecrypt, the C: drive is encrypted. The Users folder should be encrypted. All the bazillions of temp directories should be encrypted. The hibernation file is encrypted. Even Program Files is encrypted.


Assuming of course that all the data that you wish to protect is on your data partition, and that no protected data is, was, or ever will be on any other partition. Full disk encryption removes the possibility of exposure of protected data showing up on non-encrypted partitions.

With most operating systems, I don't think that there is a way to ensure that no protected data will ever end up on a non-protected partition. Presumably - if there is any writable directory on an unencrypted partition, there is a reasonable chance that protected data will end up on that partition.


I highly doubt an OS or an application would be writing to the unencrypted boot sector or an unencrypted boot partition. First off, the OS should disallow that operation without elevated privileges. I don't know if Windows or OSX follow that guidance.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.


> boot volume encryption is relatively unimportant for the threat model you propose, specifically untargeted data at rest.

I'll have to respectfully disagree here. Windows has heaps of different ways of caching all kinds of information outside of your home folder. Individual applications can also cache stuff wherever permissions allow (and often do). Realistically with Windows if you're going to encrypt you want to encrypt your C: drive.

PGP WDE works, it's 'good enough' to be a PITA for any authorities and you can use the same software on PC and Mac, but be warned - PGP broke Snow Leopard upgrades from Leopard when it came out and every major PGP upgrade I've ever done on Windows has resulted in a reinstall (but then again, 9.x was really, really bad).

If you're using a non-administrator account for your day to day on OSX you can use FileVault - just watch your /tmp folder.


I highly doubt an OS or an application would be writing to the unencrypted boot sector or an unencrypted boot partition.

At some point, some partition somewhere will need to be unencrypted, otherwise the system cannot boot, since the decryption programs are typically too large for a single boot sector.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.


Excellent points. I said earlier that I wanted a no-brainer solution where I don't want to think / worry about where my applications or, even the OS decides to store my personal data - this is why whole-drive encryption looked attractive. However, an attacker would need some planning to get to that sort of data out - a common thief would probably not have that kind of skill anyway.


No, it's more the question of the goal of the "attacker" when you don't do the whole-drive encryption. If you have the data on the notebook that are worth a lot of money and you can imagine that somebody would be interested at that then you should encrypt the OS partition. Ever heard about page file? It's on the OS partition, unencrypted. Temporary files? There, unencrypted. Even if the temporary files are deleted, the content of them remains on the hard disk. Unencrypted.


Before you dive too far into full-disk encryption, you might want to contemplate the consequences of this research:

http://news.cnet.com/8301-13578_3-9876060-38.html

The paper referenced is available at:

http://citp.princeton.edu/pub/coldboot.pdf

From that paper, the most salient sentence for this discussion is:

"On all of our sample DRAMs, the decay rates were low enough that an attacker who cut power for 60 seconds would recover 99.9% of bits correctly."

The long and short is that your password has to be in RAM at some point in order to be matched against what is typed in. RAM decays slowly after a machine has been switched off. As the research shows, one can use a widely-available can of air to make that decay happen even slower. In the process, one can pull the value out of RAM.

Note that this is a hardware problem that no software on the market has been able to address. To do so, you would have to be able to validate x against y without having the value of y ever enter RAM.

Consequently, a reasonably good tech thief can read the password out of RAM. For the not-so-good tech thief, using passwords and social engineering tricks like being nice to someone and then asking them to watch your stuff for a moment will probably do the trick. I tend to see the various implementations of full-disk encryption as more for peace of mind and mitigation of liability than real security.


Remanence isn't a realistic attack in his threat model; attackers have mere minutes to get the RAM out of his system, cool it, and siphon the data off. If he's worried about losing the Plans to the Empire when his ship is captured, sure. But if he leaves his bag in the back of a cab, he'll be fine.

The notion that any "reasonably good tech thief" could pull this off is also hard to take seriously. So far as I know, there are zero (0) remanence key extractor tools in circulation. Highly skilled attackers --- many apparently in the employ of foreign governments --- have a hard enough time writing tools to extract keys from live memory.


The threat is not against the Plans to the Empire but the password for the encryption system. That, as the video shows, can be done and without any particular haste. As the article suggests, freezing the RAM lengthens the decay process. The method is likely to have been known by three-letter agencies for some time now. The good guys are seldom, if ever, ahead of the bad guys, so it seems likely that the latter know it, too.

But, for the sake of argument, let's say that they don't crack it on the first go. So what? The password has to be in RAM every time the machine starts. AFAIK (and I would be pleased to be wrong about this), nobody shreds data on the hard drive because the user gets their password wrong. So, said bad guys can try to their heart's content.

As far as I'm concerned, it is a major hole in any argument for full-disk encryption.


You're looking at a different threat model. Hard drive encryption isn't there to stop the government, the police, or the Girl Scouts.

It's there so that when the Pink Panther walks away with your laptop, he doesn't get instant access to to all of your data. If Mr. Laptop Thief wants your home directory, he's going to need to do a hell of a lot more work than reinstalling the OS and throwing the machine up on eBay.

If your drive isn't encrypted, I'll wager that a laptop thief would take a few minutes to poke around and look for something interesting, like that file 'Corporate Strategy 2010.doc', or "My Affair With The Underaged Intern, Oh God I Hope This Doesn't Get Leaked Onto The Pirate Bay.avi".


I think you're misunderstanding both the attack and full-disk encryption. The decryption key is not in RAM every time the machine starts; you have to enter material to derive the key at bootup. And the attacker does in fact have minutes to recover whatever's in RAM once the machine shuts down --- which means that if you shut your machine down before leaving the office (which you have to do), remanence simply isn't a threat at all.

Everyone "shreds" their hard disk if they lose the password. That is the point.

Also, the Plans are to the Death Star, not the whole Empire.


Rarely does one shutdown a laptop anymore. Usually people just close the lid and the computer is put to sleep. In sleep state the contents of RAM is preserved AFAIK and should give the attacker more time to think their plan through.


The rules are different when you use full-disk encryption. You shut your machine down. PGP WDE actually prevents "sleep" from working, but regardless, you still need to be vigilant.


PGP WDE doesn't prevent sleep from working on my MacBook. It disables hibernation, but that's not a security choice. It's just a limitation of the implementation.

What you say is the right policy to maximize security, but PGP WDE doesn't enforce it.


You're right. Sorry, I misspoke.


isn't a realistic attack in his threat model

Under different circumstances your solution would be 100% correct, however, in this situation we are worried about "everyday" type criminals. These are the guys/girls that find a laptop in an unlocked locker and snatch it; small window of opportunity. In your analogy the description of the criminals is much more sophisticated; Oceans 11 types.

Stealing RAM can potentially tip someone off to a threat, a better solution IMO is the Stone-Cold Bootkit[1]. The bootkit can hook into Windows in order to gain unrestricted access. It does this by writing to the MBR unrestricted; haven't we seen this before[2]? Once installed it will log your decryption password and do what ever with it.

A BIOS password(windows) and HHD encryption will be enough to keep the NSA out for a while, and a normal criminal out indefinitely.

It would be nice to have a mobo with some type of secure memory encryption programs could write to- digitally signed. Of course that could be owned too, but it's a start. In the words of Bruce Schneier, "[sic] it is very difficult to secure data when the attacker has physical control of the machine the data is stored on."[3]

Now I am thinking about the /boot partition in linux; where GRUB is stored.

[1] http://www.stoned-vienna.com/

[2] http://news.ycombinator.com/item?id=1643451

[3] http://www.schneier.com/blog/archives/2008/02/cold_boot_atta...

[4] PSA: http://zedomax.com/blog/2009/02/23/linux-boot-hack-how-to-pa...


You've cited Schneier citing the same Felton paper that 'all cited. This research, while interesting, does not mean what 'all think it means. It is simply not the case that an attacker who captures your powered-down machine is going to be able to use remanence attacks to recover your encryption key.

The real-world attack Felton's paper implicates is this: an attacker captures your powered-on laptop, because you left it sleeping in your bag and your full-disk encryption software can't reliably wipe keys when it wakes from sleep. The attacker restarts the system and uses remanence to dd the previous RAM contents into a drive for analysis.

This very well may be an attack that government agencies are prepared to use against laptops, but since it's not going to work against anyone who knows how full-disk encryption works, it's simply not going to be in the arsenal of someone who steals your bag out of a bar.


The OP is worried about thieves, not three-letter-agencies.


True, but the point of the article is that both now have this level of know-how. So all bets are again off once physical security is compromised - regardless of whether its a farmboy from Langley or Nebraska.


There are always way to hack a computer: but we're just asked to take reasonable steps toward making it harder.


Yes, but that's exactly why it's important to realize this only gives you some protection. The OP asked for his personal needs, not because of some company policy, which means he/she should know whether it really is effective.


The poster mentions they wish to defend against theft and lost.

The attacks you cite are more applicable if he were worried about intelligence agencies intercepting his data. And with rumored incestuous relationships with the corporate world, that might not be a bad idea, if he has valuable IP.


A bit off topic, but making it less likely you'll lose your laptop to begin with is important. Here are some ideas.

Most laptop have a special slot that accepts a cable lock. I make use of it whenever I'm in a coffee shop and have to leave the machine for more than a moment. I loop it through bag straps and my jacket too. You want to look hard to deal with.

Its also a good idea to make sure your laptop requires a password after closing the lid or whatever it is that you do when you walk away from your machine. And say hello to people around you and be helpful. They'll more likely to watch your back.

And as always, make sure no one can see what your keying in. To that end, it may help to use characters that are close together.

And yes, I know I'm a bit paranoid :-)


In some cases you can use a pair of pruning shears to cut the plastic on the kensington lock slot, then take the laptop. It's usually plastic (although some laptops do use high tension steel these days)


I don't think anyone expects the lock to thwart a dedicated attacker. But the most common case of laptop stealing is someone wanting a new laptop, not your specifically. Your laptop just has to look harder to steal.


exactly. You just need to change getaway time from 5 seconds to 20 and the thief looks for an easier target. Like running from the bear a little faster than your fellow campers.


Plastic MacBooks have the k-lock reinforced by metal, not exactly sure what part they connect to but it's solid. MBPs are metal, hence a stronger k-lock. So a thief would have to mess up the computer pretty badly to steal it.


On my macbook, it was actually possible to insert the cable into the lock and rotate it so its only under the plastic, which makes it very easy to break, I imagine.

One needs to be careful to go all the way in. like so many things in life :-)


I would be much more concerned about laptop being arbitrarily seized at an airport by customs or TSA personnel, or by law enforcement otherwise, than it being stolen per se.

e.g.

http://www.daniweb.com/news/story218174.html

http://ezinearticles.com/?Business-Travel-Tip---Avoid-Having...

http://www.businesstravelnews.com/Business-Travel/Travel-Man...

You can lose a lot to thieves, but you can lose even more to state thuggery backed by the force of "law."


You know, if you disagree, you can reply instead of downvoting.


I agree with your political point, and I downvoted it, because it injects an unnecessary political element to the thread. The OP is worried about thieves and hasn't mentioned cross-border travel. The best comments will be directly responsive to that request, rather than inject another tangentially-related politically-charged sentiment into the thread.

Your comment was ranking above other comments that were more helpful to the original poster -- and was at +3 when I voted. (I wouldn't have voted your comment down to 0 -- it wasn't inappropriate -- just less-appropriate than other better comments lagging below it.)

I've often suggested comments should have two rating dimensions -- up-promote/down-demote and left-agree/right-disagree -- and some people have said the agree+demote combination would never be used. Well, I would have used it here.


Upvoted only because I agree with your comment about down-voting. I do wish PG would separately display up-votes and down-votes.


That's not the Hacker News way.


I use TrueCrypt to protect my laptop. No chances in speed that I've noticed and as far as I understand it, it's quite secure. 30+ randomly generated password gets me in and it's a lot easier than you think to memorize and type quickly. I always feel like I must have made a mistake but can't remember the last time my fingers got it wrong. To me, it's kind of a no brainer. 3 extra seconds before boot is the only thing it takes to make sure my stolen laptop couldn't lead to stolen credit card numbers, accounts, business docs etc.

I've got no experience with Bitlocker, but I'm a huge fan of TrueCrypt.


+1 Truecrypt. However my fingers get the password wrong regularly, today for instance! The reassurance it provides is very valuable, I have PCs laptop, netbook, ext HDD, and memory sticks all encrypted as confidential client data could be on any of them. Prior to this I used regularly get in a funk whenever I couldn't locate a memory stick


Linux - dm-crypt. If I could, I'd make full-disk encryption mandatory for all business use laptops. I work for a smaller shop, so a developer or two usually ends up going to a trade show.

With full source and a build environment for our product on their laptop. That makes me paranoid about loosing a laptop in the chaos of a trade show, while our booth is surrounded by our competitors.


OS X has FileVault which encrypts the home folder. I don't think I have any personal data outside of it. But I do use TrueCrypt too.


My biggest gripe with FileVault is that it doesn't fully support Time Machine backups. Online backups (hourly) are completely disabled. To perform a backup you need to shutdown/restart, and then sit waiting for it to finish. Annoying if you're a laptop user ready to travel elsewhere with your laptop.

Also it breaks the Time Machine browser. If you want to do a restore, you must mount the data backup manually and find the file(s) you want to restore through Finder. Definately not elegant or very user friendly.

Some apps do have minor glitches with FileVault. IIRC, Firefox wouldn't remember certain settings if you used it with a FileVault-enabled account (not sure if this has changed in recent versions).


Check /tmp - it's not uncommon for things to end up there. The important thing to remember is that when /tmp is deleted if it's on disk then it's not really deleted until it's overwritten.


Does a TrueCrypted home directory get backed up by Time Machine? That's my biggest woe about FileVault - your home dir only gets backed up when you're logged out. Also, have you been able to run TrueCrypt as a non-admin user?


I must clarify there: I use FileVault to encrypt my home directory and besides that I keep some more sensitive data in TrueCrypt volumes.


I am using Espionage (http://www.taoeffect.com/espionage/) on my Mac. Working great, I wanted to avoid whole-drive encryption for performance reasons and only encrypt what is necessary (my work related files, pictures, videos, etc).


I don't encrypt my laptop's hard drive. Most of the files on my laptop are mundane: Photos, music, some documents. Everything on my laptop is important enough to back up, but not important enough that I'd care if they were published on the Internet, far and wide, much less if some attacker happened to get access to them. I don't store my passwords in my web browser, I don't click the "remember me" checkboxes when logging in to web sites. There really is nothing on my hard drive worth fretting over, and I go through great pains to keep it that way.

For stuff I consider sensitive -- medical documents, password lists, financials and the like, I store on a truecrypt partition of the external drive that I use for backups. Since I use OS X most often, this drive is a Time Machine drive, but with a chunk of space partitioned off for TrueCrypt. I opted to use a partition because it's less obvious than a container on the filesystem. I use TC's deniable filesystem trick as well, and padded the "duress volume" with things like "hacking" documents that might be plausible.

I also have an old 80GB laptop hard drive, which is fully-encrypted with a truecrypt volume, which I occasionally back up to from my primary TC volume. This drive is stored in a secure location off-site, in the hands of a trusted individual. They do not, however, have the passphrase to the volume.

The goal in all of this is so that I don't carry sensitive data with me. None of the encrypted stuff is anything I could possibly need RIGHT THIS SECOND. This means that my sensitive information is only at risk of being exposed when I'm at home and when I actually am accessing it.


I don't encrypt a bit — I even got no login password. I've got all my stuff on a 50GB Dropbox, so if I lose my MBP I'll just sync a new machine. Don't have anything of particular importance on my drive: design PSDs (could be secret), stock resources (icon packs, graphical elements), my music and a inspirational folder.


I do the same (happy 50GB Dropbox user).

I haven't researched this, but is it possible to remotely delete a Dropbox drive? I.e. if my laptop is stolen, to use the site to wipe the data from the laptop? I assume it's possible.


Not against a capable attacker (who prevents your laptop from getting on the internet).


Nope, you can only make sure they do not get new data.

From https://www.dropbox.com/account#manage (pressing "unlink"): "[The unlinked] computer will no longer stay in sync, but it will keep a copy of any file it currently has."


Yeah it is


Yeah, I think so – but don't know for sure.


Do you work with clients ?


In house, interaction designer for our products.


Since most of my life exists in one way or another on my hard disk, I consider it to be an absolute must to encrypt the drives.

I’m using PGP Whole Disk Encryption http://www.pgp.com/products/wholediskencryption/index.html, which works perfectly. I prefer it over OS X’s FileVault feature since it just protects everything and is completely transparent to the system and the user.

And, btw, I’m still hoping for a mobile OS besides BlackBerry’s that provides a reasonable secure encryption option.


Correct me if I'm wrong, but it looks like PGP Whole Disk Encryption is the only product on the that supports whole-disk encryption for OS X. TrueCrypt on OS X and FileVault can only encrypt directory trees.


I'm weighing up going down this route - what kind of performance hit do you experience form using PGP WDE on your Mac? Thanks


During normal use, the performance degradation is barely noticeable, it _feels_ like 10%–15%. Things become a bit more critical when working with larger files or during heavy I/O.

One thing to consider, however, are SSDs. To my knowledge, encrypted data is only written to blocks that already contain random data. You therefore might want to look for disks whose performance does not degrade that much when free blocks are no longer available.


Frankly, I've never noticed it being there other than when I do some extremely IO expensive operations like data processing. When I do that on my MPB though, I'm just testing it. That work belongs on a server anyway if you want it to be fast.


If the attack vector is petty theft the following would be more than sufficient:

* Encrypt the user data portion of the hd.

* Password protect the bios, hard drive (if it has that capability in the bios.), and the OS accounts.

* Keep account passwords and account information in an additional password protected store (such as 1password).

* Don't save sensitive data in web browsers or other autocomplete programs.

Encrypting the whole hard drive, in my experience, is a huge pain in the ass; particularly for disaster recovery. For non-IT department systems it's not worth it.


I'd use Bitlocker for your Windows 7 laptop, as a previous commenter noted it has a mode to work via a USB key inserted at boot time. In my experience it's been fast and unobtrusive. I've never used TrueCrypt, though I've looked into it several times and remembered thinking that it looked just as good (or better) technically as Bitlocker, but the UI is really horrid and overly complicated if you're looking for something that's a "no-brainer": http://www.truecrypt.org/screenshots

Bitlocker Tips:

1. You might have to enable it in your group policy (see http://www.sevenforums.com/tutorials/4681-bitlocker-drive-en...) for the option to use a USB key to show up.

2. You'll need the USB key inserted to power on the laptop or resume from hibernate, but not for waking it from sleep. That helps with convenience since you won't have to use the key to unlock it from sleep.

3. Make sure to back up the Bitlocker Recovery Key saved to the USB drive. It's saved as a hidden file, just put it somewhere safe online in case you lose the USB key.

4. Don't lose the USB key along with your laptop! Since that sort of defeats the point of encrypting the drive in the first place...


Question: for developers out there, what is the overhead of full encryption on your hard drive for a development laptop?

I'd love to just go the whole hog and encrypt the whole drive, but as a developer I jealously guard performance as I feel it links directly to my productivity. So I just have an encrypted Truecrypt volume where really sensitive stuff goes. But I hear everyone recommending against that.


I use whole disk encryption since around 2005 and didn't have any performance problem.

The latest Truecrypt 7.0 uses AES-NI instructions in the i5 and i7 processors, which allegedly have 8x speed http://www.truecrypt.org/docs/?s=hardware-acceleration

Go ahead and encrypt your whole drive, if there performance problems, you can easily de-encrypt it.


There are several factors involved. A lot depends on the encryption software you use, the cryptographic algorithms and key lengths come into play as well and how the cryptographic engine works (e.g. kernel driver vs. userland crypto).

On Windows, PGP gives me no real difference in anything that isn't I/O bound, although I did notice that Fallout 3 went from fine to unplayable at the same settings - I've noticed that anything that makes extensive use of sound (presumably streamed off disk) has an impact.

On Linux I did some tests a while back with luks and found that there was about a 5% overhead on i/o operations for a luks partition with ext3 vs straight ext3.

I haven't had any figures for Mac but PGP is a bit of a memory hog on Leopard. The Mac Mini server we have at work isn't something you'd want to use for day to day activities, certainly nothing intensive, but is fine as an office file server.

At the end of the day, what you're looking at is a minor memory impact (for most cases) and a minor to noticeable impact on i/o performance in exchange for a significant improvement in confidentiality for data at rest. That's the call you need to make. If your code and other files are sufficiently sensitive for you not to want random thieves to be able to look at your laptop if they steal it, encrypt. If you have sensitive information that requires protection for legal purposes, encrypt. If it's not an issue for you, then don't.


I keep my /home partition encrypted with LUKS, which is where all my source, binaries I have had to compile myself, and even virtual machines live. I have found the overhead to be negligible for the most part and have only really noticed kcryptd using lots of cycles when doing extremely intensive operations on files. Even moving files between one encrypted volume to another over a LAN has not been cumbersome.


I mostly use portable apps on a TrueCrypt partition and haven't noticed any particular performance problems. Even when I moved the partition to an external 5400rpm USB drive.

I'm sure there's more overheard with full disk encryption and I might just be used to the lower performance of my portable apps. I'd say it's worth it.


Truecrypt is awesome, great performance (especially if it can use your hardware is compatible with its optimization) and free. Really easy to use and supports come cool features like a hidden operating system (for if you get held and gun point and asked for your password)

You can also configure Truecrypt to work with multiboot - so if you have Ubuntu, Chromium OS and Windows 7 for example it will still work


"On computers without a compatible TPM, BitLocker can provide encryption, but not the added security of locking keys with the TPM. In this case, the user is required to create a startup key that is stored on a USB flash drive."

http://windows.microsoft.com/en-US/windows-vista/BitLocker-D...


I just keep sensitive data on an encrypted volume and use soft links. Last year I wrote up how I do this for OS X: http://markwatson.com/blog/2009/10/securing-your-mac-laptop.... Really simple idea, works for me, and the relative amount of data I need encrypted is small.


Generally not a great strategy (far better than nothing, though).

It's hard to predict what data is going to end up being sensitive, and it's hard to predict where that data is going to end up being stored. By way of example, you haven't protected any of the session cookies stored in your browser; another user, following your advice, could lose their Google Mail account and then quickly thereafter the accounts of anything with an email password reset.

If you (a) don't keep a lot of sensitive information around and (b) are prepared to be extremely careful on a daily basis about keeping your laptop clean, yours is a workable strategy. If, like some of us, your desktop tends to get cluttered or your mail spool tends to grow without bound or your hard drive tends to mysteriously fill up over the year, you're better off with full-disk encryption.


Thank you - very good advice.


I started using ecryptfs on my /home partition when my last laptop got stolen. I suspect there's some potential for leakage through /tmp and swap, but I suspect most likely attackers aren't that sophisticated. Should I be concerned? Are there easy ways to plug the gaps?


Ecryptfs is a fantastic solution. If you're using the passphrase-wrapped-by-login-password method (convenient, I think Ubuntu implements this method) then security is not that great - because it's ultimately limited by the strength of your login password: if an attacker gets his hands on the wrapped passphrase, such as is the case when your laptop gets nicked, brute-force methods will suffice.

As for /tmp and swap: those are not required to be persistent over reboots. So you can regenerate those with a random key on every boot. <a href="http://paste.pocoo.org/show/260932/>Here are some pointers to help you do that with dm-crypt</a> for a swap device backed by a loopback device.


Yes I do (since a few months):

- http://agilewebsolutions.com/knox (one vault per client) on Mac OS X, including all db data if any

- http://agilewebsolutions.com/products/1Password for all small-sized sensitive data (eg: production access, passwords etc), with an automated crypted backup

I'm looking for a reliable and as seamless solution for Windows at my pace (not a big need).

Something I'm also looking at is a way to securely erase all the free space on Mac OS X (to remove past data), as well as something that really works to find sensitive data (where I could define what sensitive means).


There's a "securely erase free space" feature in Disk Utility, which does crash on me when I use it though, making a reboot necessary. Otherwise, you might simply use a one-liner like

dd if=/dev/zero of=/tmp/free_space_eater; rm /tmp/free_space_eater

This overwrites all unused space on the disk with zeroes. You'll temporarily run out of free diskspace with either option, so it's a good idea to do this when you're not working on your computer.


Looking at it again, it's probably a good idea to extend that one-liner a little bit by throwing in a sync command, just to make sure that all zeroes get written to disk before deleting the fill-up file:

dd if=/dev/zero of=/tmp/free_space_eater; sync; rm /tmp/free_space_eater


Thanks for both tips. I didn't even think it could be built in! Mac OS kind of amazes me on a regular basis.


I like Knox (which is just a wrapper around OS X's encrypted DMG functionality --- but a really good wrapper), but Knox isn't a full-disk encryption solution. The point of full-disk encryption is not having to constantly inventory your files and remember which ones need to be protected, and Knox doesn't save you from that.

Knox is handy if you already do full-disk encryption, because it lets you segregate data further (personal financials, client work, etc), so that even if you lose your computer while it's (say) on, an attacker will still need the key to yet another encrypted volume to get that data. I find it extremely useful for things I know I'm not going to need to access often; I also use it for my mail spool.


With truecrypt you can also create file containers, which you can easily backup as a whole by copying them to another disk. In some situations, this has certain advantages e.g. when upgrading your hard disk. It also provides a way to allow access only to certain parts by distributing your documents over several containers. I use truecrypt on my netbook and haven't had any problems with it in years and found it a convenient way to securely share files between computers with different OSes. Truecrypt is also available for linux but unfortunately there doesn't seem to be an ARM/android version available. On linux, I use encryptfs though.


To those who use single folder encryption or recommend it you at serious risk. Applications leak data, they write temporary files in places you never expect etc.

Folder based encryption will not provide protection, only whole disk encryption.


I don't have to worry about proprietary source code working for Mozilla, but since I work in metrics, I have access to data that could potentially risk user privacy if it were stolen, so I keep my laptop locked down pretty tight.

I run PGP Whole Disk Encryption and am very happy with it. I also use Super Duper for backing up to two different external drives. One is unencrypted which I keep in the firesafe at home, and the other is also encrypted with PGP WDE which I take with me when traveling. That way, if my laptop were stolen, I can pick up a new one and restore the drive to it.


I use Truecrypt but there's also FreeOTFE, which is supposed to be "more" open source than TC.

I don't use whole-disk encryption but I have almost all my applications on the encrypted partition, thanks to PortableApps (http://portableapps.com/). As a bonus it's very easy to backup all my PortableApps data, as well as take everything on an external drive and start working on a different computer (provided it has Truecrypt).

Edit: link to FreeOTFE: http://www.freeotfe.org/


yes .. because I can. My macbook was stolen out of my flat this year and it was a good feeling not to have to worry about the data.

don't get why you would encrypt your whole disk though. the home is all I need encrypted.


Good point. On Windows I have my data lying around in a few places (including a separate partition). I guess I want total peace of mind - for example, I don't want to worry about any data lying around in the hibernation files, crash dumps, /tmp etc.


I use encrypted DMGs on osx, with specific folders symlinked to be inside the DMG, for example:

  /Users/chip/work/company -> /Volumes/enc-base/work/company
  /Users/chip/.subversion -> /Volumes/enc-base/dotfiles/subversion
  /Users/chip/.ssh -> /Volumes/enc-base/dotfiles/ssh
  /Users/chip/Library -> /Volumes/enc-base/Library
  /usr/local/mysql/current/data -> /Volumes/enc-base/mysql-data
I don't imagine its perfect, but I know most of my important and confidential things are encrypted.


You may need to ensure your databases (eg mysql) don't have data that require attention, too.

That's why I'm slowly moving from a general mysql/mongo/redis instance toward a per-folder instance that I run when I need it.


- have to do full disk encryption - must have a great passphrase (according to NIST avg 8 char password has 2^18 bits of entropy, which compared to the keyspace of a 256 bit AES key is so very small...) the strength of the encryption is really based on the strength of the password - must also encrypt backups - what if you forget your password? (say at the border when they order you to decrypt it) - what if the license runs out? - if it's for work there needs to be another key to unlock it. - 2 factor auth would be great.


We use Jetico Bestcrypt VE. It's extremely secure and flexible.

http://www.jetico.com/encryption-bestcrypt-volume-encryption...

You do not require a TPM chip to use BitLocker, although it's better if you have one as the TPM makes it very difficult to tamper the boot code.

Use full volume encryption products (like BitLocker or Bestcrypt VE). There's always useful data in temporary files and it protects against leaving a sensitive file out of an encrypted volume.


A related tip: I use a True Crypt (file) volume to store all my personal stuff, in particular a scanned version of everything ever sent to me in the post (tax stuff, bank stuff). I highly recommend this practice (scanning everything to an encrypted volume). The files stay organised - unlike my paper records ever did. It's trivial to have a complete copy of you're personal files at work... which can come in remarkably handy and of course it's secure and backing up is easy (just copy the file).


Anyone who thinks that thieves want the contents of their hard drive, rather than the machine itself has an awfully high opinion of his own self-worth. Most thefts off that type are all about the hardware. We use whole-drive encryption because the pain surrounding the accidental disclosure of client data is so great. (I work for a bank.)

The biggest problem? If certain system files become corrupt you lose the whole disk. It's not a decision to be taken lightly.


Since I use Ubuntu, I'm using encfs to encrypt single folders. You just have to mount the encrypted folder into a visible how. There is a how-to: https://help.ubuntu.com/community/FolderEncryption

There you can find a method to also encrypt your whole home folder. Maybe it might work for you macbook.


Out of curiosity: If the FBI or NSA REALLY wanted to get the data on your hard drive, is Truecrypt enough to keep them out?


Regarding the NSA, "who knows", it's not worth any time to speculate. I tend to think the answer here is "no", but not because of any fundamental problem with the algorithms TC uses; rather, I assume there's a small battery of implementation errors NSA can exploit that private industry hasn't yet independently discovered.

Fortunately for our collective sanity, if it is the case that NSA has (several times over) the moral equivalent of the "stack overflow" for cryptosystems, there is nothing we can do about it, and there's no point wanking over alternatives that might foil them.

Regarding the FBI, "almost certainly yes", assuming you use it properly (in particular, by using strong secrets). Consider that any vulnerability in the crypto stack Truecrypt uses would have far too much value to be wasted on conventional domestic law enforcement. Consider also that unlike state secrets, domestic law enforcement uses a crypto stack that is the same or strictly weaker than Truecrypt.


Regarding the FBI, "almost certainly yes"

You need to add "assuming you are willing to go to jail" because a warrant can compel you to disclose your password, and if you refuse you'll be jailed for contempt of court.


That'd be thrown out of courts as a violation of your 5th Amend. rights. At least here in the states, in the UK crypto keys can be requisitioned with the penalty of jail time if refused.


I believe some rulings support that view, but others have disagreed. It might depend on the judge/district and I don't think it's ever been considered by the Supreme Court.


Probably. As far as anybody knows, the FBI and NSA are on the same level of cryptography technology as the rest of the world is. AES and SHA-1 are currently the national standards for encryption and secure hashing. AES is what TrueCrypt uses (as do most SSL connections and WPA/WPA2 connections).

There are some things to keep in mind though:

Fine print: As others have pointed out elsewhere in the thread, it's possible to extract encryption keys from RAM even if the computer has been (very... within several minutes) recently shut down.

More fine print: Pick a weak passphrase, and you may be shit-outta-luck. Also, brute forcing for passphrases up to a certain complexity is viable.

Tin foil hat: A conspiracy theorist may assert that the feds are far ahead of academia when it comes to cryptography, as was likely the case several decades ago (see the history of DES). I'm not sure that I believe that, because cryptography has a huge place in academia now, worldwide. It's possible, but I doubt they've broken AES.


The FBI and NSA are two very, very different organizations. NSA is a feeder for software security talent in private industry. I have never even heard of someone coming out of the FBI knowing how to break into a computer. NSA people want to leave the agency to write a string of journal articles or to make a couple million bucks. FBI people want to leave the bureau to become Assistant District Attorneys. Infosec literacy in the FBI boils down to knowing how to use EnCase.

I responded to this same comment with more details that I won't repeat, but, with respect, I'd suggest not taking seriously the crypto insights of someone who equates these two agencies.

The fact that only one organization in the US Government is likely to be able to break your disk encryption isn't a moot point, because that one organization is extremely unlikely to harass a US citizen; forget the law, the simple incentives are all wrong.


Earlier this summer, there was news that the FBI was trying to help the Brazilian government access data related to a financial crime of some sort. TrueCrypt was the method used and it (supposedly) thwarted the FBI's efforts. Just google "fbi truecrypt" for the sources.

But here's the thing... I'm not paranoid in the style of "The Lone Gunmen," but this news never quite passed the sniff test. I find it difficult to believe that if the FBI was unable to crack a TrueCrypt volume that they'd let that particular cat out of the bag.

I conclude two possible motives: 1) Subterfuge to get people feeling "safe" with a method that can be broken; or 2) Demonization of strong crypto in the media as a prelude to criminalizing its use (or at least the refusal to hand over keys, as in the UK).


Honestly, TrueCrypt will stop all but the most determined and sophisticated criminals. So unless you have state secrets on your laptop, TC should be sufficient. Unless they have a wrench: http://xkcd.com/538/


I keep all of my passwords encrypted in 1Password, and I have one encrypted folder on my Mac with all of my sensitive documents in it. I didn't want to encrypt my entire hard drive or even my entire home directory because of the performance hit.


I do the same thing, but in GNU/Linux, using pwsafe for passwords and dm-crypt for disk encryption. IMO the one downside is that I have to remember to put stuff in the right place, e.g. moving dotfiles with sensitive data into the encrypted directory and creating a symlink back to ~.


I also have a password manager (KeePass) but I'm not as disciplined about keeping all my files in one place. Also, as I said in my earlier comment, I want to make sure everything on the hard disk is secure, include any system temp directories.


(I'm still confused - what are the good all-disk encryption options for OS X, please?)

Thanks


I simply don't keep any information on my laptop hard drive. Everything valuable is at home or in the cloud. I assume that at any moment my laptop hard drive will crash or be stolen.


http://www.sophos.de/products/enterprise/encryption/disk-enc...


I use encrypted LVM on linux which works great. I've used TrueCrypt in the past and that works too, although I had some stability problems with the software in Windows.


I hear good things about TrueCrypt, but you have many more options than these on Windows; PGP Whole Disk Encryption is another one. We use PGP WDE on our Macs.


I use truecrypt for my Mac and Windows machine and share the truecrypt file via Dropbox. Can't live without it anylonger ;-)


Yes, true-crypt. Not perfect (See many critiques here) but great especially for worrying if my computer got stolen.


Nope. I use a company-provided Macbook and don't have much of anything on it that is of any particular value to me.


can't you just set your BIOS to only boot from HD and then password protect the BIOS - password protect the hard-drive - THEN encrypt the HD. Next add a user password and if you use Firefox have a master password and you should be good to go...That's what I do with my netbook.


i use filevault on osx. just remember that timemachine & filevault don't play along well. you will have to log out of your account to backup your home directory, defeating the whole timemachine purpose. i'd recommend crashplan.com in this case.


i use pgp whole disk encryption on my macs and softraid encrypted disks on my openbsd laptop and backup server.


I have an encrypted image, personally.


Not meaning to be a jackass but realize that maybe if you downloaded (and maybe already deleted!) that porn video with that girl that might or not might be 18 you could be in big troubles if you don't have your full disk encrypted.

Edit: or other things that would be ok but can be used against you by law enforcement, for example what about your collection of pirated MP3s or DivX?

Is this more acceptable than accidentally downloading porn with someone that might look underage? (Or having looked at it because some trolled linked it to you)


Also, I remember I have read an article about some guy that had some pics of their little childrens sometimes naked in an "innocent" way on a trip.

They had their children taken away because they went to a photo shop to have the film developed and the clerk called the police.


You're probably thinking of this incident:

http://www.salon.com/life/feature/2006/07/18/photos/index.ht...

I recall other vaguely-similar cases reported in less detail in earlier years. The clerks may not have good judgment, and the incentives for the clerks and many of the agencies involved are to err on the side of assuming-the-worst.

The stigma of even having been accused may make people in such a situation unwilling to talk about it even after being cleared afterwards. After all, many will assume law enforcement would only get involved if "the pictures weren't so 'innocent'".


Smells like an urban legend. Either it didn't happen or the pictures weren't so "innocent".


An encrypted disk could also get you in a position where you have to give up your password. Be careful with your porn-filled encrypted hard drive.


Not in every country, not in Italy for sure. Anyway truecrypt-like systems gives you plausible deniability since you can have a "decoy" system.

Fortunately that is not my case but I can't say I don't have any MP3s of DivXs that aren't, err, properly licensed.

Edit: or cracked software, we have very high fines in Italy for using softwares without a license.

I'm just saying that in case the police have a look to your laptop and they WANT you to charge with something, they will.


Do you really believe in the plausible deniability thing? It might fool someone doing a routine check, but not someone willing to really find out what's going on.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: