I appreciate your reply!
I wasn’t thinking of using Veracrypt/Truecrypt to encrypt my Windows drive, but external USB drives that are plugged into my Windows PC’s USB ports.
1 Like
1 Like
I’ve used Linux in the past. I’m wanting to make the switch to a Nix, particularly Linux, but it’s taking me time to transition.
I’m trying to choose which Linux distro I should go with. I wish there was a company similar to Apple, who sell both hardware and software together just to make sure the hardware and software are 100% compatible.
system76.
1 Like
Still, it ensures that the OS is fully compatible with the hardware and that everything will work as expected out of the box
1 Like
I’ve been researching System76 so thanks for all the recommendations!
It’s a shame they’re not based locally.
I can’t find much discussion on System76 on PrivacyGuides though?
Maybe because their gear can get pricey and escape most people’s budgets. But it’s good hardware nonetheless.
1 Like
Veracrypt is gold standard for encryption. I think they even offer disk encryption for Windows users (they use to anyways). I would opt for that every time. And even for Linux, it offers a user friendly (you don’t have to learn cryptsetup commands) way for encrypting folders and USB’s. Their hidden volume option can even allow you to open encrypted partitions without compromising yourself.
I’m not some expert in cryptography, far from it. But I don’t see how you can do better unless you start talking about advanced setups, like using encrypted keyfiles to prevent your operating system from mounting for unauthorized individuals.
I think the only reason why people still proclaim Truecrypt is superior is because of those alleged reports of the FBI failing to open a Truecrypt partition. Those are very old reports now, lol. And in truth, using an outdated encryption program is never good practice.
1 Like
It doesn’t make sense to use anything else than Bitlocker for a Windows boot drive.
Sure it does. For one, Bitlocker is only available for Pro and Enterprise editions of Windows. So technically, not even all Windows users have access to Windows encryption. Whereas all Windows users have access to encrypt their system with Veracrypt. Also Bitlocker is proprietary, and, by definition, less trustworthy. Its like the debate yesterday with WA messaging. Why should we trust the code when it’s not made available to us? And perhaps most importantly, it doesn’t make good sense for someone to endorse Truecrypt as “the best” and not give that same extension to Veracrypt when the developers of Veracrypt actually took Truecrypt’s security audits into account to improve their own product. Just because you’re already trusting Microsoft, that doesn’t lend credence to trust them even further. Go with the FOSS alternative.
2 Likes
Just because something is proprietary doesn’t mean that it’s a black box that can’t be audited or pen tested.
There are some valid reasons to use BitLocker over VeraCrypt.
I guess if someone wanted to upload their keys to Microsoft or use TPM then Windows encryption would better suit their needs. But these are more “anti-features” than features in my opinion, lol. Making data recovery easier is not the purpose of encryption software, and against the right type of adversary, might just mean it’s less secure. If I get locked out of my own drive, I take full responsibility for such carelessness.
1 Like
I have a very strong preference for open source encryption and security tools generally. But I’d apply the same reasoning to using Bitlocker or Windows defender on Windows, as I apply to using Safari on iOS.
That is, if you’ve already committed to using an entire closed source operating system from Microsoft, its not a very significant extension of trust to also trust Microsoft to handle Encryption and Anti-Malware.
- Users that deeply distrust Microsoft or closed source software shouldn’t be using their proprietary OS in the first place,
- And users who don’t deeply distrust Microsoft or their closed source operating system, don’t really have a reason to be any more concerned about bitlocker or windows defender unless they have specific articulatable concerns.
(this is not an argument against Veracrypt, which I think very highly of)
1 Like
What about for external HDDs or SSD’s that are connected via USB? Surely VeraCrypt would always be the best choice?
Yes.
Why do you prefer Veracrypt?
I was thinking of buying a tiny new mini PC with a small inbuilt SSD and then use an external USB dock that’s AC powered by the wall so that devices like USB SSD’s or external USB-C/Thunderbolt etc SSD’s will have enough power.
I think this thread has run it’s course.
There is no reason to use Truecrypt, it’s unmaintained. Use Veracrypt, or better yet, if you’re on Linux use LUKS. Bitlocker has some advantages on Windows, for the C:\ due to hardware backing and TPM usage.
5 Likes