Hints about Truecrypt
(maybe someone corrects my ugly english and extend this small documentation, tnx) +
Where to get Truecrypt: http://www.truecrypt.org/downloads
If you need secure passwords and (for future use) additional features; get OpenSSL, too
Preferred algo: Serpent-Twofish-AES – never use AES alone If you encrypt data, always use 2 Keyfiles and a password Never ignore this – dont risk yourself
Rule 1: The enemy is already on your system and captures your keyboard and your screen. Now its up to you to defend yourself and to protect your privacy.
Rule 2: Disable any kind of Windows-Update, because its possible to plant a backdoor into your os by this way using a special windows-software.
Rule 3: Isolate your software by virtualizing single processes on your computer to prevent browser-updates or plugin-updates spying your machine and to prevent specific applications accessing several areas on your harddisk. Use something like „Sandboxie“ for this http://www.sandboxie.com/
Rule 4: If you erease something, use „Eraser“ Software (free): http://eraser.heidi.ie/
Rule 5: Disable defragmentation to prevent writing duplicate data across your harddrive.
Rule 6: Disable hibernate to prevent your computer writing decryption-keys on harddrive.
Rule 7: You need a professional hardware-firewall to prevent outgoing, unwanted traffic and to protect yourself against illegal incoming traffic. A real firewall differs a lot against a standard router with „integrated firewall nonsense“. Recommended: Watchguard Firewall – not cheap, but very secure.
Hints generating secure passwords – u can use this to improve your security
U may think its easy to create a password – or a random phrase – but it’s not.
A computer does not know anything about real random numbers, except you write a very complex engine doing so. I won’t get into detail at this stage. We use a special software to create random passwords in a secure way: OpenSSL
Trust me there are a lot of crazy things possible using OpenSSL u would never beleave (specially encrypting data). At this point, we just try to create secure passwords.
Btw, the well known „Wikileaks Insurance DVD“ is encrypted with OpenSSL!
Ok, lets create a password. Its up to you how you store the pass.
Download & install openssl based on your OS. Linux, OSX and others have this already buildin.
Btw, there are some very special features available on OpenSSL, for example special encryption routines not available/enabled in public version. if you know how to enable them (by uncommenting a header file). In this case you need to compile OpenSSL by yourself to get that crap working, but thats just a notice (ECC!!!!)
Ok lets go
Enter this on your command-line:
openssl rand 30 -base64
…creates a random password of 30 characters using a well known very strong random generator.
openssl rand 99 -base64
If you need more.
Use these passwords to protect your data. Its up to you how u do that. Security is not an easy task, there is no 5 minute easy click and go. Your security is hard to gain, its a complex thing because a lot of groups trying a lot against your personal security everywhere worldwide.
How to create long passwords
Lets create an interesting password on the fly, the most intersting aspect on this method is that we do not type the password we generate, and if you combine this method with a shell script its impossible to get the pass with a keylogger. Details later.
echo „Test“|openssl dgst -sha1
With the command openssl dgst -sha1 we make a very long password from a small word.
Lets create a longer pass:
The Password is „Test“ and „Test“ and „Test“ 3 times just as an example:
A very long password – the rest is up to you with your imagination.
Updates of this Tutor use this Link: http://www.anonpad.org/truecrypt
- How To Add a Second Layer of Encryption to Dropbox [Updated] [Security] (lifehacker.com)
- Encrypted Flash Drives In Linux (brighthub.com)
- How to Password Protect Your Files And Folders In Windows (maketecheasier.com)