Open-source legend TrueCrypt may be gone, but the usefulness of full disk encryption carries on. So what’s a crypto fan to do now for their encryption needs?
Well, you could continue to use older versions of TrueCrypt if you already have it installed. While the security community was shocked earlier this week when the anonymous team behind the open source encryption tool seemingly shut down the project, leaving a neutered version 7.2 build of the tool that’s only good for decrypting existing TrueCrypt volumes, a public audit of the TrueCrypt source code for version 7.1 was already underway and that effort will continue, according to the Open Crypto Audit Project.
The first phase of the TrueCrypt audit found no serious problems with the Windows build of TrueCrypt. If TrueCrypt 7.1 gets a clean bill of health it would continue to be a viable encryption option, though it’s not clear if the encryption tool’s development can or will continue under new management.
But if the brouhaha has you feeling skittish, or if you want to move on to encryption software that’s actively being developed, options abound. As popular as it is (was?), TrueCrypt is far from the only encryption tool around. In fact, many mainstream operating systems already come with an encryption tool built-in.
Here’s a look at a few full disk encryption options that can take the sting out of TrueCrypt’s sudden disappearance.
Windows encryption tools
The most obvious alternative for Windows users is Microsoft’s built-in utility, BitLocker. The encryption program is included in Windows 8 and 8.1 Pro editions, which means anyone who switched to Windows 8 during the $40 upgrade deal has BitLocker on their PC. BitLocker is also available on Windows Vista and 7 PCs running the Ultimate or Enterprise editions.
Check out our tutorial on BitLocker to get started with Microsoft’s encryption tool.
If you don’t have the right flavor of Windows, another choice is Symantec Drive Encryption. While this program is just as closed-source as BitLocker, it implements PGP, a well known encryption method.
If you need further reassurances, security expert Bruce Schneier recently told The Register that Symantec’s tool is what he’s going to use post-TrueCrypt. That’s good enough for me. SDE costs $110 for a single user license.
TrueCrypt was free and worked with all flavors of Windows, though. If you’re looking for an encryption tool that can match those prerequisites, check out DiskCryptor. We have a review of the free software and a guide to locking down your files with DiskCryptor available, as well.
Mac encryption options
OS X also has its own built-in encryption tool called FileVault 2 for users of OS X 10.7 (Lion) or later. Apple’s solution is another closed source program, but we do know it uses the XTS-AES 128-bit cipher—and the National Security Agency recommends using it for their own employees using Macs. So unless you’re really into conspiracy theories, FileVault is probably a good choice.
For more tips on how the NSA locks down its OS X machines check out “How the NSA snoop-proofs its Macs.”
Linux encryption options
For Linux users, the best choice is to use a distribution with a built-in Linux Unified Key Setup (LUKS) implementation. Ubuntu uses LUKS, and the various distributions based on Ubuntu should all have full disk encryption options available during installation. Here’s how to get started with Ubuntu’s full-disk encryption, courtesy of Ubuntu’s community help documentation.
It’s a sad day if TrueCrypt has truly disappeared, but at least there are a number of alternatives open to users who need or want to continue encrypting their stuff.