TrueCrypt or AxCrypt?

[MinPins]

I am planning to encrypt the data on my new laptop to keep it safe in case of theft.

Found these two free encryption utilities; TrueCrypt and AxCrypt. Both have good reviews.

Anyone have experience using either or both who could offer any advice?

Thanks.

 

[jiminator]

truecrypt has been around for years and has been solid forever. I have never heard of axcrypt, but looks interesting

 

[KarsusTG]

To my knowledge Truecrypt has never been broken. I use Truecrypt FDE on my laptop and my external hdd & thumb sticks when I travel. Twice I have had the airport want to browse my files and I have been able to give them the proverbial finger.

 

[SpaceHonkey]

To my knowledge Truecrypt has never been broken.

I remember reading a story about a group that was able to use firewire (thanks DMA) to dump the entire contents of memory and then pluck out the encryption keys. Using them, it it was trivial to get past the encryption as they literally had the keys.

They also even did another attack where they used a can of compressed air upside down and 'cooled' the memory before pulling the plug on the PC, very quickly swapping the memory into another (was a laptop) and then booting into their utility and doing an immediate memory dump.

Two perfect examples of the side-channel attack.

Bottom line is that any software based encryption is still possible to get around, although much more difficult. Furthermore, the computer had to be on, and authenticated before it was susceptible to attack. Not to mention you have to be near the thing.

Hardware based encryption like Ironkeys and Fujitsu+Wave encrypted hard drives are practically impossible to get around. I don't think anyone has demonstrated a successful attack against them.


Edit:
Found the youtube link - http://www.youtube.com/watch?v=JDaicPIgn9U

 

[AMD_Gamer]

TrueCrypt is great but many people believe it is a CIA/NSA project.

 

[MinPins]

Cool, so's the chip in my brain! ;-)

Thanks for the help guys, I think I will give TrueCrypt a try.

 

[Valnar]

I have been using TrueCrypt for years. I've never had a bit of trouble.

 

[Chilly]

TrueCrypt is great but many people believe it is a CIA/NSA project.

Even if it was(which I doubt, but then again, who knows), the source code is open and free for anyone to view. Furthermore for that exact same reason, if you don't trust that something wasn't "added" to the compiled binaries(which again, is doubtful, but admittedly possible), you can compile it your self.

Beyond that... Well, I leave you with this. XKCD comic.

 

[nitrobass24]

http://www.lostpassword.com/hdd-decryption.htm

I would get something else if you are really worried about someone decrypting it.
McAffee Enpoint Protection comes to mind.

 

[Poplap]

http://www.lostpassword.com/hdd-decryption.htm

I would get something else if you are really worried about someone decrypting it.
McAffee Enpoint Protection comes to mind.

That still uses the memory trick mentioned earlier which AFAIK truecrypt fixed