|
Hey guys, I use Bitlocker on windows to secure my files, and from what I've Google Bitlocker is virtually uncrackable (save for Microsoft lying their asses off and that Bitlocker actually has a built-in backdoor).
However, it's not like I could just snail mail my secure hard drive to someone. So hypothetically speaking, if I need to send a sensitive file to someone else, what is the best method of encryption, balancing convenience and security strength?
I was thinking of just using Winrar to rar files with a password, which provides 128-bit encryption (pretty much impossible to brute-force), but after a quick google there appear to be successful attacks against winrar encryption in the past with various ingenious methods.
Moreover, I read that in court you could be forced to provide the password to your encrypted files, or face an additional prison sentence for not complying. Personally I find that absolutely ridiculous - how could anyone definitively prove that you actually know the password; what if someone else changed it or you genuinely forgot because you change it so often? Whatever happened to innocent before proven guilty in this case?
Lastly, I HOPE no one gets flagged by the NSA for reading this purely academic thread. Oh who am I kidding, I should just apologize.
|
What you probably want is TrueCrypt -- but see below.
Bitlocker is probably secure against anyone other than the NSA, but whatever back door Microsoft put in for them is probably also exploitable by others. Also, it's Microsoft, and they are evil. But Bitlocker is probably good enough to hide your stuff from anyone other than the government. If you want to do that, you need something else.
Truecrypt is an open-source software package that supports whole-filesystem encryption, and additionally supports hidden volumes: if you have a 2 TB drive, it's possible to have it appear as a 2 TB filesystem with 1 TB of free space. Entering one password might reveal that the free space is actually an encrypted filesystem containing 500 GB of stuff with 500 GB of space leftover ... which in turn might host another encrypted filesystem with a different password.
Recently Truecrypt shut down under very suspicious circumstances and posted only "You should use Bitlocker instead." The suspiciousness of the circumstances has led most observers to conclude that the NSA had likely demanded that they shut down or insert a backdoor.
Regardless, a team of professionals was hired to do an audit of a ~year-old version of the Truecrypt source code. It is unlikely they will discover any major holes, and if the NSA exerted legal pressure on the developers it's a pretty good guess that they couldn't circumvent it by technical means.
|
err where to get it from? The website doesn't look like a proper place to get it.
|
Ty for the reply, so technically to be as safe as one can be... use as many open-source encryption software to encrypt your shit as many times as resource constraints allow, and hope that at least one method hasn't been backdoored.
|
|
|
|