Skip to content

Disk encryption

I’ve written number of articles in the past about ways to protect your privacy on the Internet. I’d like to add a another layer that should be found on the well-defended computer: disk encryption.

Disk encryption is easy. Whether you’re running Windows or a Macintosh, you probably want to do it with TrueCrypt, which is open source and free. With TrueCrypt, you assign a chunk of space on your hard drive to be an encrypted virtual disk. You assign a password that must be used to mount the disk. After the disk is mounted, it’s just like any other disk.

Those who make it their business to snoop on us don’t like disk encryption. At all. Because it’s very hard to break. The Wikipedia article on TrueCrypt describes a case in which the FBI spent 12 months trying to decrypt a disk and failed.

Do law-abiding citizens need things like disk encryption? You decide. I’d argue that now, in the digital era, using technologies that protect our privacy looks a lot like firearms looked to the founding fathers — concerns that led to the Second Amendment. And then there’s the Fourth Amendment with its protections against unreasonable search and seizure. These rights are so important that they’re written into the Constitution. Let’s exercise those rights.

Here’s a basic list of protections that any well-defended computer ought to have. I’ve written about most of these in previous posts:

1. The ability to send encrypted email.

2. A well-defended browser with extensions that block ads, scripts and Flash, and which let you easily control cache and cookies.

3. A proxy system to encrypt all your traffic, prevent your ISP from collecting data on you, and keep your IP address private.

4. Encrypted disk volumes.

5. A secure WIFI network, especially in densely populated places.

All those things can be accomplished with free, open source software.

By the way, a new app for iPad and iPhone was recently released that lets you browse securely through the Tor system. It’s called Covert Browser and costs $2.99.

For my other articles on Internet security, see the “Internet Privacy” category in the column on the right.


  1. xwordy wrote:

    I have to wonder why you wouldn’t, on a Mac, just use FileVault (or better, FileVault 2 if you have Lion).

    Sunday, November 20, 2011 at 7:50 pm | Permalink
  2. admin wrote:

    That’s a good question. I was reluctant to experiment with FileVault because it’s entangled with the operating system and because it wants to encrypt the entire home directory. I’d prefer not to put the operating system at risk and not to encrypt my entire home directory. I use my Mac to make some extra money (publishing) using the Adobe Creative Suite, so my risk tolerance is close to zero for that. TrueCrypt does what I want to do — sets up an encrypted volume so that I can choose what I want to put into it.

    I also prefer open-source, rather than corporate, solutions for this kind of thing. Symantec, for example, makes disk encryption products that I wouldn’t touch with a snake-handler’s tool. Symantec is a crummy company, and I’d be surprised if they aren’t under pressure to create back doors into their systems. I trust Apple far more than Symantec, of course. But when it comes to personal security, all my instincts are toward open source.

    Monday, November 21, 2011 at 9:14 am | Permalink

Post a Comment

Your email is never published nor shared. Required fields are marked *