02-07-2008, 04:53 AM
|
#1 (permalink)
|
|
has a plan
Location: middle of Whywouldanyonebethere
|
Complete System Encryption through TrueCrypt?
You can encrypt your entire system partition, i.e. where Windows is installed, without destroying the data laying on it. Your Windows machines will operate exactly as before (depending on hardware, possible a bit slower due to decryption speeds and encryption method). And now one can even create a [anchorlink=Hidden Operating System]hidden operation system[/anchorlink].
original post click to show I really do not believe I am reading this correctly. I can encrypt my Windows partition while it is running... thus fulfilling my paranoid need for safety without special hardware? Link quoted below.
Quote:
|
System Encryption
TrueCrypt can on-the-fly encrypt a system partition or entire system drive, i.e. a partition or drive where Windows is installed and from which it boots (a TrueCrypt-encrypted system drive may also contain non-system partitions, which are encrypted as well).
System encryption provides the highest level of security and privacy, because all files, including any temporary files that Windows and applications create on the system partition (typically, without your knowledge or consent), swap files, etc., are permanently encrypted. Windows also records large amounts of potentially sensitive data, such as the names and locations of files you open, applications you run, etc. All such log files and registry entries are always permanently encrypted as well.
System encryption involves pre-boot authentication, which means that anyone who wants to gain access and use the encrypted system, read and write files stored on the system drive, etc., will need to enter the correct password each time before Windows boots (starts). Pre-boot authentication is handled by the TrueCrypt Boot Loader, which resides in the first cylinder of the boot drive.
Note that TrueCrypt can encrypt an existing unencrypted system partition/drive in-place while the operating system is running (while the system is being encrypted, you can use your computer as usual without any restrictions). Likewise, a TrueCrypt-encrypted system partition/drive can be decrypted in-place while the operating system is running. You can interrupt the process of encryption or decryption anytime, leave the partition/drive partially unencrypted, restart or shut down the computer, and then resume the process, which will continue from the point it was stopped.
To encrypt a system partition or entire system drive, select System > Encrypt System Partition/Drive and then follow the instructions of the wizard. To decrypt a system partition/drive, select System > Permanently Decrypt System Partition/Drive.
The mode of operation used for system encryption is XTS (see the section Modes of Operation). For further technical details of system encryption, see the section Encryption Scheme in the chapter Technical Details.
|
Last edited by Hain; 07-05-2008 at 10:01 AM..
|
|
|