Thursday, September 27, 2007

Time to Encrypt

when i consulted my local, excellent tech support i found out that IT in fact had access to my drive through a share (my tech support explained why and how it stunk). legit in the sense of if they want to update something related to my being able to log in or something, but i was disturbed that they had access to my other files. grr. so my tech support suggested TrueCrypt.

i dl it and followed the very helpful directions for first time users. thus far it they couldn't be better directions. in the instructions it also has this awesome sentence.

Move your mouse as randomly as possible within the Volume Creation Wizard window at least for 30 seconds. The longer you move the mouse, the better. This is important for the quality of the encryption key.

5 comments:

forkev said...

i've been using truecrypt on my primary work machine for at least 5 months and absolutely love it. I'm sure someone can crack in, but short of a keylogger, i'm not sure how they'd do it.

Keith said...

how can we get around the keylogger problem?

forkev said...

find a way to read the 'key' from some external media, or find a program like onscreen keyboard to enter your passcode with the mouse. ideally this keyboard would randomize the layout, so mouselogger would end up with crap info.

winxp: start > accessories > accessibilty > windows on screen keyboard

Keith said...

i'd thought about onscreen keyboard (windnows key+U starts disasbility options by the way) but wasn't entirely happy with that.

i'm trying to figure out how to feed it a stengoraphic file for the PW. that would allow starting without typing. it'd be cool do drag and drop a stenograph file onto the program to provide the PW

k2h said...

b-con gives a good intro to truecrypt. to get around keylogging, a good keyfile is used in conjuction so that even if the keystrokes are logged, they arn't worth anything without knowing what it is and being in possession of the keyfile.