Archive for the 'encryption' Category


Thursday, February 21st, 2008

So encryption is good - mostly. In every case where you want to prevent people from getting at your data, it’s awesome. Problem is that for average Joe user, it’s pretty dang easy for them to be prevented from accessing their own data. Microsoft has done the world an injustice by implementing their lame password “protection” in things like Word. Now, most normal people expect that any computer nerd can retrieve their stuff for them if they lose the means of accessing it themselves. I’ve seen some pretty good expressions after explaining to people that it was statistically impossible (future quantum computers aside) for me to retrieve their data after they forgot their password to an encrypted volume. In steps TrueCrypt 5.0 with full disk encryption. Since you can create a backup of the original header file that was used to encrypt the disk the first time ’round, it’s a pretty simple task to restore it later if the user loses access. This is a wonderful turn for the practical implementation of full disk encryption with only three drawbacks.
1) No hibernation. (sucks, but sleep should be fine)
2) No automated installs that require reboot.
3) Performance.

On this note, I decided to perform a few tests to see just how much of a performance hit FDE causes. The full results are available, but the quick summary is that FDE causes an overall drop in performance of about 10 percent. Not bad considering what you’re getting out of the deal.