For some time now, I have been using a piece of software called TrueCrypt. It is free, open source disk encryption software for Windows XP/2000/2003 and Linux. Its key features (from the TrueCrypt website) are:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire hard disk partition or a storage device such as USB flash drive.
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
- Hidden volume (steganography – more information may be found here).
- No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
- Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish.
Mode of operation: LRW (CBC supported as legacy).
In short, it enables you to protect your data from prying eyes. I find this especially valuable when it comes to removable storage such as USB flash drives. In this area, TrueCrypt shines because it has a ‘Traveller mode’ designed for just this situation. If someone gets a hold of my USB drive, I can lose the data, but nobody else can ever see the data. Therefore, combined with a suitable backup regime, I can carry around my data with confidence.
Another area where it would do well is if you let your kids use your computer. Put all your important documents in an encrypted partition and it will take them a long time to figure out how to destroy them! You could even just stick a file container deep in some system folder to hide it.
Currently available for Windows and Linux, a Mac version is planned.