Best approach in random noise generation
May 24, 2015 6:58 PM   Subscribe

So my go to encryption product used to be truecrypt but Drama! So what is the go to, cross platform agnostic, encryption program that can mount encrypted containers as a drive letter?

Question spawned by new laptop acquisition so it would be nice but not vital if the new program could read existing truecrypt files. I've tentatively settled on Veracrypt as meeting my needs. I'm hoping for either affirmation that it'll do the job or a pointer to a superior product. Or thoughts on drawbacks of my choice.
posted by Mitheral to Computers & Internet (4 answers total) 4 users marked this as a favorite
The answer is still Truecrypt. The "drama" doesn't detract from it as a piece of software; there have been no known backdoors or other significant problems with code quality. As far as anyone can tell there was some sort of internecine conflict on the development team that led to someone deciding to just torpedo the project in a very public (and, frankly, crazy) way.

I think that using TrueCrypt is the way to go for the moment, but the forked efforts are worth keeping an eye on, with the goal of switching soonishly. CipherShed and VeraCrypt are the major options, with the difference being that CipherShed preserves compatibility with existing TrueCrypt volumes, which might be important if you have TrueCrypt-encrypted backups burned to disc or something and need to work with them, while VeraCrypt breaks backwards compatibility in order to implement some very specific edge-case security improvements that reduce its vulnerability to some theoretical attacks (of the sort that only the NSA can credibly do).

CipherShed is a very straightforward effort to rewrite TrueCrypt in a way that gets it under a FOSS license (something that has always been an issue with the mainline TrueCrypt version) but it's only pre-alpha right now. I wouldn't recommend using it just yet. The well-tested legacy TrueCrypt code is probably safer than untested CipherShed code for the moment.
posted by Kadin2048 at 8:15 PM on May 24, 2015 [1 favorite]

TrueCrypt has actually been audited, and found to be basically fine, or at least not doing anything blatantly wrong. It's probably not great long-term, since it's not supported by anyone and won't ever see another update, but hopefully soon enough CipherShed or another successor will be stable, usable and audited.
posted by BungaDunga at 8:49 PM on May 24, 2015

There's no reason to suddenly stop using Truecrypt. Give it a year or two and it might be time to start looking around at the alternatives. But until then. your data will be perfectly safe in those Truecrypt containers.
posted by Juso No Thankyou at 1:57 AM on May 25, 2015

Veracrypt is derived from Truecrypt code so that's not really a true alternative. Just keep using Truecrypt.
posted by LoveHam at 4:57 AM on May 25, 2015

« Older Help me not freak out!!! (Housing edition)   |   I don't want to be her suicide letter. Newer »
This thread is closed to new comments.