Advice Request About full disk encryption | What to do?

Please provide comments and solutions that are helpful to the author of this topic.

RoboMan

RoboMan

Level 35
Thread author
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,400
Hello everybody. I want to encrypt my whole drive, so in case anybody wants to access my information by, for example, removing my drive and connecting it somewhere else, they cannot.

My question is: which software do you recommend to do this?

My first obvious choice was: VeraCrypt, the true descendant of TrueCrypt and software I use daily for encrypting virtual drives to secure my sensitive data. Now, I tried this software, and despite it works, my booting is painfully slow (no encryption, 5 seconds, encryption, 90 seconds)

So I'm considering BitLocker since it's built in, but now again: is it really secure? There have been leaks that Microsoft has no worries in working along NSA and similar to unlock your data.

I beg you avoid comments such as "if you have nothing to hide you shouldn't worry about NSA". Of course I'm clean but that doesn't mean I wanna give up my information. If NSA can do it, cybercriminals can too, and as far as it goes, NSA tools have been leaked in the past, and huge mess was made. So you get my point.

Recommendations?
 
  • Like
Reactions: [correlate] and Protomartyr
F

ForgottenSeer 85179

RoboMan said:
My question is: which software do you recommend to do this?
Click to expand...
Bitlocker with TPM.

RoboMan said:
So I'm considering BitLocker since it's built in, but now again: is it really secure?
Click to expand...
Yes.

RoboMan said:
NSA
Click to expand...
Encryption protect against locally attacks and NSA has nothing to do with local attacks.

RoboMan said:
Recommendations?
Click to expand...
Bitlocker, but harden the cipher settings in Group Policy before encryption as default isn't maximum possible.
 
  • Like
Reactions: [correlate], Protomartyr and Kermit80
B

brigantes

Level 1
Jun 22, 2020
40
RoboMan said:
Hello everybody. I want to encrypt my whole drive, so in case anybody wants to access my information by, for example, removing my drive and connecting it somewhere else, they cannot.

My question is: which software do you recommend to do this?

My first obvious choice was: VeraCrypt, the true descendant of TrueCrypt and software I use daily for encrypting virtual drives to secure my sensitive data. Now, I tried this software, and despite it works, my booting is painfully slow (no encryption, 5 seconds, encryption, 90 seconds)

So I'm considering BitLocker since it's built in, but now again: is it really secure? There have been leaks that Microsoft has no worries in working along NSA and similar to unlock your data.

I beg you avoid comments such as "if you have nothing to hide you shouldn't worry about NSA". Of course I'm clean but that doesn't mean I wanna give up my information. If NSA can do it, cybercriminals can too, and as far as it goes, NSA tools have been leaked in the past, and huge mess was made. So you get my point.

Recommendations?
Click to expand...

"The truth of the matter is that if you encrypt your entire C drive using BitLocker or a third party utility, it's going to slow your system down quite a bit. The reason for this is because every single file written to the drive must be encrypted, and then decrypted when read - including your operating system files."

If you are using HDD the slowdown will be compounded.
 
  • Like
Reactions: Protomartyr, RoboMan and [correlate]
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,765
brigantes said:
"The truth of the matter is that if you encrypt your entire C drive using BitLocker or a third party utility, it's going to slow your system down quite a bit. The reason for this is because every single file written to the drive must be encrypted, and then decrypted when read - including your operating system files."

If you are using HDD the slowdown will be compounded.
Click to expand...
You really don't like HDD do you?
 
  • Like
  • HaHa
Reactions: RoboMan, [correlate], oldschool and 1 other person
B

brigantes

Level 1
Jun 22, 2020
40
security123 said:
nowadays hardware has AES support so the encryption isn't noticeable :)
Click to expand...

If you have SSD from certain manufacturers, and set BitLocker to AES, then the SSD firmware will not even encrypt the drive. AES has been proven time-and-again to pose problems of non-encryption because the hardware manufacturers keep making mistakes. Researchers have been reporting this for years.

The only way to prevent this is to use software encryption, which will result in slowdowns.


blackice said:
You really don't like HDD do you?
Click to expand...

I own 32 HDDs. So I hardly dislike them. I am just a realist about about the technology and its limitations. In matters of speed and diminished speeds the type of drive being used is usually the most central issue. Everything on an HDD is going to be very noticeably slower to the extent in some cases system boot might take up to 5 minutes or longer.
 
  • Like
Reactions: RoboMan and [correlate]
Azmawee

Azmawee

New Member
Jul 12, 2020
1
Full disk encryption will slowdown your machine no matter what, and it's vary between solutions. Another workaround is to create a VHDx image (virtual harddisk) and encrypt that image using Bitlocker (Veracrypt had this feature without using VHDx). This will create a new drive or you can mount that VHDx to any folder anywhere in C: drive. Then put all of your sensitive data inside the drive. Yeah, not a total full disk encryption, but its still encrypted and you can easily move the VHDx image around anywhere you want.
 
  • Like
Reactions: Protomartyr and RoboMan

Similar threads

CyberTech
    • Like
    • Applause
    • +Reputation
Serious Discussion How to enable 256-bit Bitlocker encryption on Windows
Replies
0
Views
560
Cloud storage, file sharing and encryption
CyberTech
CyberTech
Block_shield
    • Like
Question USB stick with hardware or software encryption?
Replies
4
Views
479
Cloud storage, file sharing and encryption
Bot
Bot
Victor M
    • Like
Hot Take Win 11 Home User Beware - BitLocker Disk Encryption is Turned On Without Notifying You
Replies
11
Views
557
Windows 11
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top