Sponsored links:
ScrewedUs.com
yourblog.in
scanners-on-linux.com
mapyourfamily.name
passive12.net
valg29.com
microsoftinside.com
Want your link here?



This website is developed and hosted by KF Webs




Donations

USD:

Securing the data

Securing your data is of vital importance. In the case of a stolen or lost computer it can be the difference between a monumentum problem and a minor itch.

There are several ways to secure your data. You don't even have to pay anything for the necessary software, but invest a small amount of time, that you can be sure you will be glad you did if it ever should be necessary. We will discuss a couple of the approaches to encrypt data.

TrueCrypt

TrueCrypt is an application that can be found at truecrypt.org. It is an Open Source application and can be obtained for free. It can be used on Windows XP/2000/2003 and GNU/Linux.

As an example we're going to use a computer running Microsoft Windows. One of the methods you can use TrueCrypt is creating an encrypted volume, also known as container. Say you create a 500 megabyte container called c:\documents.vol that you in TrueCrypt mount as z: . From now on, after you have typed your pass-phrase you can access the documents as an ordinary drive, although the data is stored encrypted in the file documents.vol that can be easily backed up on CD.

For more information, visit the truecrypt website.

GNU Privacy Guard

This is discussed in more details at www.secure-my-email.com. A short summary however is that you can encrypt a file from the command-line, or if you opt to use a graphical user interface. In the latter case, you can right click on a file and select “encrypt file”, and get a resulting file that is encrypted. Then you delete the source file.

This is a good method if you want to store a sensitive file on e.g. an USB storage key, but not if you want to secure all your documents.

7-Zip

7-Zip is licensed under the GNU LGPL. It is known for good compression and enables you to use the Advanced Encryption Standard (AES / Rjindael) to encrypt the content. This allow you to create an encrypted, compressed container of multiple files.

FileVault

Apple's OS X is shipping with a feature called FileVault. This is a very nice and easy to use method of securing your system, using a similar approach as other solutions mentioned here. One drawback to this method is that it won't allow you to define which encryption algorithm to use, but it uses the Advanced Encryption Standard (rijndael) with a symmetrical key size of 128 bits. Users that already have filled up the harddrive will have some trouble with converting to this method, but if you have just purchased a new computer, or have just re-installed OS X you really have no choice but enabling it, although maybe not on the primary drive if your occupation is movie editing.

CompuSec

CompuSec can be found at ce-infosys.com.sg. It provide access to features such as

• Pre boot access control
• Encryption for Hard disk using fast AES algorithm and in hibernation mode
• Encryption for CD / DVD for secure publishing and sharing of CD data using CDCrypt
• Encryption for Diskettes and Removable Media Devices such as ZIP drives, USB thumb drives or Memory sticks
• Encryption of Individual Files or data transmitted via Email and FTP using DataCrypt

CompuSec is available for NT based systems (NT,2000,XP) as well as the GNU/Linux operating system and is free for both Professional Business use as well as Personal use.

Encrypted FileSystem

Encrypted FileSystem is a feature of the Windows Operating system. You can read more about this feature at iopus.com/guides/efs.htm .

As opposed to TrueCrypt this will however reveal all the name of the files, although the content itself should be secure. That Microsoft have to operate within the bounds of US export laws on Cryptography and speculations of the existence of a so-called NSA-key I would recommend using TrueCrypt instead.

Cryptoloop and dm-crypt

These are native kernel modules for the Linux kernel to encrypt data. Dm-crypt deprecating cryptoloop somewhere in the 2.6.x series.

Device-mapper is a new infrastructure in the Linux 2.6 kernel that provides a generic way to create virtual layers of block devices that can do different things on top of real block devices like striping, concatenation, mirroring, snapshotting, etc... The device-mapper is used by the LVM2 and EVMS 2.x tools.

dm-crypt is such a device-mapper target that provides transparent encryption of block devices using the new Linux 2.6 cryptoapi. The user can basically specify one of the symmetric ciphers, a key (of any allowed size), an iv generation mode and then he can create a new block device in /dev. Writes to this device will be encrypted and reads decrypted. You can mount your filesystem on it as usual. But without the key you can't access your data. It does basically the same as cryptoloop only that it's a much cleaner code and better suits the need of a block device and has a more flexible configuration interface. The on-disk format is also compatible. In the future you will be able to specify other iv generation modes for enhanced security (you'll have to reencrypt your filesystem though).

NOTE: Although cryptoloop is considered safe to protect files you create yourself, it is vulnerable to a crafted watermark attack. Read more about that at governmentsecurity.org and securityteam.com

Loop-AES

Another very popular way to encrypt your data on a GNU/Linux system is using Loop-AES. This will however require that you patch the kernel. The loop-aes website is at sourceforge. You can read more about configuring loop-AES at deb.riseup.net

Anonymous web browsing »