TrueCrypt is an essential drive encryption application for Windows, Mac OS X, Linux users who want to encrypt real or virtual drive partitions. It’s free, easy to use, and it even runs on Windows Vista 32/64 bit. The 5.0 release allows you to encrypt the boot drive partition in Windows, so if your server or laptop falls into the wrong hands, no data whatsoever can be gleamed from it.
An interesting feature of TrueCrypt is the “plausible deniability” option, which allows you to encrypt any number of hidden partitions in the empty space of an outer partition, so even if you are forced to reveal the outer partition, you can plausible deny the existence of inner partitions. Get it now!
How many of the 79 million personal records compromised in 2007 could have been avoided simply by installing this program?
Various tech bloggers are
reporting that Microsoft will
include the NSA-recommended random algorithm suspected of containing
a backdoor vulnerability in the upcoming Windows Vista service pack.
According to Microsoft, the “Dual Elliptical Curve (Dual EC) PRNG from SP
800-90 is also available for customers who prefer to use it,” so this
algorithm is an option, not the default. Why would Microsoft
intentionally include an inefficient and unsecure algorithm? Very likely, because it will eventually be
required in governments contracts.
It is hard to blame Microsoft for not wanting to lose government contracts,
or to alienate customers who depend on them.
The real danger is the (inevitable?) attempts by the state to force this
algorithm on everyone else, including requirements that make it mandatory for
government contracts, and thus attempt to influence the default configuration
by virtue of the state’s dominant market share.