Truecrypt Whole Drive Encryption Question

[pcarbon02]

I have a question about TrueCrypt if anyone knows the answer...

If you only use encrypted containers (as opposed to whole drive encryption), what do you do about paging files, memory dumps, temporary files, etc?

I am using an HP laptop that I plan on using for school. However I keep everything on my laptop (including all my financial info and passwords to all my financial websites). Wouldn't the best safeguard be to just encrypt the entire system?

Maybe it takes a lot of know-how to find information in temporary files and that sort of thing... I have read that the con to this method is that a corrupt sector on the drive or boot sector could bring down the whole system.

However, I dont want to leave any *significant* chance that I might have to scramble to change every credit and bank account I have if my laptop were to be stolen.

I am running Vista Home Premium SP2 RC1 64 Bit. System is a P7450 Core 2 Duo 2.13 Ghz, 4GB RAM, 250GB HD NVidia 9200M

 

[Fullmetal Chocobo]

Well, I think the con in the situation you advise could bring down any system, so it is important to have your data backed up in case the drive kicks the bucket. That is no different than if you were using encrypted containers or no encryption at all. I would get an external USB or even a thumb drive, encrypt that as well, and just encrypt your entire system.

 

[sourceninja]

First, anytime you do any encryption you are going to need regular consistent backups of your encrypted data. Otherwise you WILL lose it.

Now that I have said that. My work uses truecrypt on all of our notebooks. We have had no issues with it. When you do full drive encryption it will burn a boot disk that has the files needed should your boot sector become corrupt or your header files get corrupt. You can also use this disk to do a full decrypt should the need arise. But yes it is possible to have a problem that destroys the entire drive. We have one notebook that had a bad drive in it that would not encrypt. Every-time we attempted to encrypt it it would fail. It never broke the machine, it just did not encrypt. Imaging that to a new hard disk solved our problem.

I say go ahead and use full drive encryption. It is rock solid. Just keep good backups.

 

[pcarbon02]

That is good to hear that the boot disc takes care of a corrupted boot sector!

I do have the desktop around still that I converted from so I could use that or a thumb drive to back things up. The desktop is all encrypted using XP Pro's EFS.

That is cool that work places use Truecrypt as well. Everything I have read and hear seems to say good things about Truecrypt. Beats paying Microsoft more $$

 

[thegpfury]

I use truecrypt for all my systems, using the full drive encryption option. It seems to run great, haven't run into any glitches. Well, not entirely true, I had one of them get corrupted, but the boot cd it forces you to make at encryption fixed it.

I second the backup, I'm guessing it'd be pretty difficult to recover individual files if the drive ever died. I use allway sync to synchronize all my important files between the systems.