this post was submitted on 29 Aug 2024
62 points (98.4% liked)
Privacy
32165 readers
214 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The best option is going to be a USB drive that has an external key entry feature. Kingston IronKey has these and its as simple as enter a key and plug in. I use them at work and it works on all the major OSes. They're not cheap though so if you want or are looking for a free solution then something like VeraCrypt portable and an encrypted container will be your next best option.
Ooff, terrible advise
How about you tell me why instead of just saying "TeRribLe AdViSe."
Because historically when FDE is done in hardware there's been massive compromises. FDE is better done in software. Its more secure.
But, sure, there's no shortage of companies trying to sell you shitty hardware thats "100% secure" (which is a major red flag)
Nothing is 100% fool proof. Hardware or software encryption both have their issues. Case in point, Truecrypt (on which VeraCrypt is based) had a few issues that ultimately led to its demise. Hardware devices (I saw mention of one SSD maker) a few or years ago would store keys on the device that could be read off. So you're going to have to give me a source for "FDE is better done in software. It's more secure" beyond "just trust me bro."
Lol wut. What was the issue with TrueCrypt? I don't think we ever found out. The anon dev just bailed and hilariously told people to use bitlocker. Personally I think they were just trying to be funny. Fortunately veracrypt took over development.
I'm not sure what the original issues were either but I do remember the message on the TrueCrypt site that said something like "warning, do not use. Contains unfixed security issues." The only thing that might explain that is this line from Wikipedia: "TrueCrypt includes two vulnerabilities in the driver that TrueCrypt installs on Windows systems allowing an attacker arbitrary code execution and privilege escalation via DLL hijacking" Personally I believe the guy just didn't want to maintain the thing anymore and abandoned it with no notice. Either way. Good thing VeraCrypt took over and fixed all those issues.