Veracrypt V. Microsoft Bitlocker

[sk3llgamerZDay]

What is veracrypt?
Veracrypt is a encryption tool for mac os windows and linux. It is a oss encryption software that is used to lock down hdd's with two partition wizards such as full disk and container. You can choose it to be hidden or one. I personally have used Veracrypt in the past although I think a vpn is enough as of now.

Bitlocker:
A encryption tool for all "Enterprise" level graded Windows OS variants. It is property and known to only support Windows 10 through Vista. It is not cross platform but it is a good choice for businesses however if you are concerned about privacy the code is not readable.


Hi. I want to know what your thoughts on Veracrypt or Bitlocker is yours. Here are the questions:

1: Do you use Bitlocker or Veracrypt (OR N/A or both) (Supply information)
2: Do you prefer oss encryption or proprietary?
3: If you had to chose one which one would you use on all machines?
4: What advantages do you think each have?
5: What disadvantages do you think each have?
6: How long have you have been using the encryption tool
7: Would you recommend it to someone?
------------------------
You may answer in the posts below I would love to hear all of your feedback.​

 

[HarborFront]

You can read this

https://lifehacker.com/windows-encryption-showdown-veracrypt-vs-bitlocker-1777855025

and the performance numbers here

VeraCrypt / Forums / General Discussion:VeraCrypt VS BitLocker performance stats

 

[Robert Smith]

1. Both. For generic machines in enterprise its easier to set up Bitlocker, we have over 10,000 boxes and encrypted as well as associated servers.
For my personal machines, VC on Win10 Home saves you $50-100 to upgrade to professional. Its not easy to warez Win10 because it talks to mama often. However its not fire and forget like BL, and for non-technical end users, BL is a simple answer to encryption.
2. OSS. If you know code, you can audit it yourself. But we cannot all know the code, so its open to others to confirm. OSS allows the world community to vet the quality of the end product, rather than the whim of Microsoft, or Apple or whomever. OSS is vetting by third parties or even end users, whether its Veracrypt or Firefox.
3,4,5. Veracrypt once stable for enterprise, if ever. Truecrypt was never stable for enterprise, its too big a job. You have to install it as individual boxes which is very difficult in large settings. Even deployed images do not work because of how the keys are generated, every one is individual.
Veracrypt is openly a work in progress, that is main flaw, it doesn't have the resources to find all possible bugs as new technology or exploits occur, in a shorter time frame, Microsoft does. Bitlocker code is not public and its controlled by a single entity whose main interest is itself and or its shareholders, that is the key flaw.
6. 8 years BL. 1 for VC, 11 for Truecrypt.

Long term solution is self encrypting drives which exists today, then BL and VC are redundant and encryption is transparent. But they are as of this post, still expensive per TByte vs standard drives, and unclear if the manufacturers firmware will cause problems with OS, just as early versions of VC did [ or may continue to do so with major updates to Win10] or if exploitable at the bootkit level. If such an event occurs, DIY repair may be impossile and you are locked out of your data. So need time to mature, but such drives are available now. With Intel-AMD CPU support for AES code, throughput of software based encryption is nearly transparent to disk i/o, so at this time is not a limiting factor compared to when CPU did not support AES code, but you will get hit with delays if you use any other cipher.

NB: BL and VC even TC can encrypt external media too fairly automatically, but only VC or TC can create "file containers" with wholly separate ciphers and passwords which was the original way TC started encryption; in BL external media are tied to the main PW and use only AES. You can easily make file-level encryption using BL, VC to upload to cloud storage or simple make a 7-zip AES file of your file and upload but the container method is more transparent, once the file sync problems of the vendors are settled; I get too many corruption issues to use it be it Google, OneDrive, Dropbox etc.,

1: Do you use Bitlocker or Veracrypt (OR N/A or both) (Supply information)
2: Do you prefer oss encryption or proprietary?
3: If you had to chose one which one would you use on all machines?
4: What advantages do you think each have?
5: What disadvantages do you think each have?
6: How long have you have been using the encryption tool
7: Would you recommend it to someone?
------------------------
You may answer in the posts below I would love to hear all of your feedback.​

 

[Node]

I think if you're part of a business or something of the sort then BitLocker would essentially be the way to go since it would be easier to get support from IT technicians and such and is generally more for end-user use. VeraCrypt on the other hand is likely better for security profession use.