Ask HN: Do you encrypt your laptop's hard disk?

60 points by nonane ↗ HN
I have a lot of personal and company information on 2 of my laptops (Windows 7 and a MacBook). This includes bank account information, private keys, passwords and proprietary source code. I'm always paranoid about my laptops being physically stolen while I'm traveling or if my office is robbed. To help put my mind at ease (somewhat), I've been looking into whole-drive encryption. Incase my laptop does get stolen, I can be sure the thief does not get my data.

It looks like there are 2 solutions out there for Windows - TrueCrypt and Microsoft's Bitlocker. I can't use Bitlocker because my laptop doesn't have a TPM chip, which I'm told is required to encrypt the boot volume. TrueCrypt looks like the only option available right now for Windows.

Also, it looks OS X does not have built-in whole-drive encryption like Window's Bitlocker. Luckily TrueCrypt also has support for OS X.

What do you use to protect your data? Are there any pitfalls that I need to be aware of (besides loosing your password)?

134 comments

[ 3.7 ms ] story [ 183 ms ] thread
yes .. because I can. My macbook was stolen out of my flat this year and it was a good feeling not to have to worry about the data.

don't get why you would encrypt your whole disk though. the home is all I need encrypted.

Good point. On Windows I have my data lying around in a few places (including a separate partition). I guess I want total peace of mind - for example, I don't want to worry about any data lying around in the hibernation files, crash dumps, /tmp etc.
I use encrypted DMGs on osx, with specific folders symlinked to be inside the DMG, for example:

  /Users/chip/work/company -> /Volumes/enc-base/work/company
  /Users/chip/.subversion -> /Volumes/enc-base/dotfiles/subversion
  /Users/chip/.ssh -> /Volumes/enc-base/dotfiles/ssh
  /Users/chip/Library -> /Volumes/enc-base/Library
  /usr/local/mysql/current/data -> /Volumes/enc-base/mysql-data
I don't imagine its perfect, but I know most of my important and confidential things are encrypted.
You may need to ensure your databases (eg mysql) don't have data that require attention, too.

That's why I'm slowly moving from a general mysql/mongo/redis instance toward a per-folder instance that I run when I need it.

I use TrueCrypt to protect my laptop. No chances in speed that I've noticed and as far as I understand it, it's quite secure. 30+ randomly generated password gets me in and it's a lot easier than you think to memorize and type quickly. I always feel like I must have made a mistake but can't remember the last time my fingers got it wrong. To me, it's kind of a no brainer. 3 extra seconds before boot is the only thing it takes to make sure my stolen laptop couldn't lead to stolen credit card numbers, accounts, business docs etc.

I've got no experience with Bitlocker, but I'm a huge fan of TrueCrypt.

+1 Truecrypt. However my fingers get the password wrong regularly, today for instance! The reassurance it provides is very valuable, I have PCs laptop, netbook, ext HDD, and memory sticks all encrypted as confidential client data could be on any of them. Prior to this I used regularly get in a funk whenever I couldn't locate a memory stick
First off, I'd like to throw Bitlocker back in the ring and tell you that boot volume encryption is relatively unimportant for the threat model you propose, specifically untargeted data at rest.

Boot volume encryption/verification is designed to protect you against attackers who would replace your boot image with a one that contains a rootkit or keylogger. This threat model requires serious forethought and planning on the part of the attacker. He is likely targeting you or your company and he wants to do it steathily. Under this kind of threat, you really need the entire company to adopt an extremely high level of operational security. (Remember your security is only as strong as the weakest link in the chain.) Usually, this kind of paranoia is reserved for three letter agencies.

I should mention that Truecrypt doesn't protect against this threat either. At some point, there needs to be an unencrypted bootloader, which can be attacked. Hardware boot volume verification would verify that the bootloader has not been modified, which is what TPM tries to do.

Unless the encryption is implemented poorly (which in Truecrypt and Bitlocker is not) an attacker with access to your boot partition cannot attack your data partition without additional information (like your password).

On OS X, I've heard good things about PGP Whole Disk Encryption. I don't know if Truecrypt can handle Boot Camp (PGP WDE can), if you care about that at all. On Linux, I use dm-crypt + luks

Excellent points. I said earlier that I wanted a no-brainer solution where I don't want to think / worry about where my applications or, even the OS decides to store my personal data - this is why whole-drive encryption looked attractive. However, an attacker would need some planning to get to that sort of data out - a common thief would probably not have that kind of skill anyway.
No, it's more the question of the goal of the "attacker" when you don't do the whole-drive encryption. If you have the data on the notebook that are worth a lot of money and you can imagine that somebody would be interested at that then you should encrypt the OS partition. Ever heard about page file? It's on the OS partition, unencrypted. Temporary files? There, unencrypted. Even if the temporary files are deleted, the content of them remains on the hard disk. Unencrypted.
I don't agree with the above.

If we're talking about Windows, it's not "boot volume encryption" but the "C: disk encryption" that you have to worry about even if the attack scenario is data at rest. If you don't encrypt C: disk every forensic worker will trivially recover a lot of material that you'd believe was encrypted on another partition.

If we're talking about Linux where you configured /boot unencrypted and everything else encrypted, only then it's about the attack scenario that parent mentions.

Bitlocker, Truecrypt, dm-crypt, PGP WDE will encrypt your data but leave something unencrypted in order to boot from it.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.

Assuming of course that all the data that you wish to protect is on your data partition, and that no protected data is, was, or ever will be on any other partition. Full disk encryption removes the possibility of exposure of protected data showing up on non-encrypted partitions.

With most operating systems, I don't think that there is a way to ensure that no protected data will ever end up on a non-protected partition. Presumably - if there is any writable directory on an unencrypted partition, there is a reasonable chance that protected data will end up on that partition.

I highly doubt an OS or an application would be writing to the unencrypted boot sector or an unencrypted boot partition. First off, the OS should disallow that operation without elevated privileges. I don't know if Windows or OSX follow that guidance.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.

> boot volume encryption is relatively unimportant for the threat model you propose, specifically untargeted data at rest.

I'll have to respectfully disagree here. Windows has heaps of different ways of caching all kinds of information outside of your home folder. Individual applications can also cache stuff wherever permissions allow (and often do). Realistically with Windows if you're going to encrypt you want to encrypt your C: drive.

PGP WDE works, it's 'good enough' to be a PITA for any authorities and you can use the same software on PC and Mac, but be warned - PGP broke Snow Leopard upgrades from Leopard when it came out and every major PGP upgrade I've ever done on Windows has resulted in a reinstall (but then again, 9.x was really, really bad).

If you're using a non-administrator account for your day to day on OSX you can use FileVault - just watch your /tmp folder.

I highly doubt an OS or an application would be writing to the unencrypted boot sector or an unencrypted boot partition.

At some point, some partition somewhere will need to be unencrypted, otherwise the system cannot boot, since the decryption programs are typically too large for a single boot sector.

I'm not advocating against "full" disk encryption. That's what I use. I just wanted to say that the OP doesn't need boot volume verification and that Bitlocker is sufficient for his needs.

I use PGP WDE on OSX. It is easy to use and doesn't seem to slow it down much.

I have however ran into one problem: The licensing app somehow "forgot" that it was registered (something to do with changing active directory binding). I would not have noticed except I went looking for why the computer was so slow.

I opened the PGP app and it said it wasn't licensed and the disk was "decrypting" itself.

I had to wait for basically 3 hours for it to decrypt the disk, re-enter my registration information, and re-encrypt the disk.

Okay, seems a lot of people misunderstood what I meant.

There is no such thing as full disk encryption, at least in the "full" sense of the term. There will be some unencrypted partition somewhere that boots the OS. TPM is designed to verify that this partition has not changed from a trusted configuration. I wanted to say that OP does not need this level of security, which is why Bitlocker is a viable and free and fast solution for him to use. (And the security current implementations of TPM provide are questionable right now.)

Applications should not be allowed to write to this partition without elevated privileges. The OS shouldn't be writing to this during normal operation either. Sensitive data should not be put on this partition, and as far as I have heard, Windows has not done anything like this.

When I say "data", what I refer to is the C: drive. With Bitlocker and Truecrypt, the C: drive is encrypted. The Users folder should be encrypted. All the bazillions of temp directories should be encrypted. The hibernation file is encrypted. Even Program Files is encrypted.

I keep all of my passwords encrypted in 1Password, and I have one encrypted folder on my Mac with all of my sensitive documents in it. I didn't want to encrypt my entire hard drive or even my entire home directory because of the performance hit.
I also have a password manager (KeePass) but I'm not as disciplined about keeping all my files in one place. Also, as I said in my earlier comment, I want to make sure everything on the hard disk is secure, include any system temp directories.
I do the same thing, but in GNU/Linux, using pwsafe for passwords and dm-crypt for disk encryption. IMO the one downside is that I have to remember to put stuff in the right place, e.g. moving dotfiles with sensitive data into the encrypted directory and creating a symlink back to ~.
OS X has FileVault which encrypts the home folder. I don't think I have any personal data outside of it. But I do use TrueCrypt too.
Does a TrueCrypted home directory get backed up by Time Machine? That's my biggest woe about FileVault - your home dir only gets backed up when you're logged out. Also, have you been able to run TrueCrypt as a non-admin user?
I must clarify there: I use FileVault to encrypt my home directory and besides that I keep some more sensitive data in TrueCrypt volumes.
Check /tmp - it's not uncommon for things to end up there. The important thing to remember is that when /tmp is deleted if it's on disk then it's not really deleted until it's overwritten.
My biggest gripe with FileVault is that it doesn't fully support Time Machine backups. Online backups (hourly) are completely disabled. To perform a backup you need to shutdown/restart, and then sit waiting for it to finish. Annoying if you're a laptop user ready to travel elsewhere with your laptop.

Also it breaks the Time Machine browser. If you want to do a restore, you must mount the data backup manually and find the file(s) you want to restore through Finder. Definately not elegant or very user friendly.

Some apps do have minor glitches with FileVault. IIRC, Firefox wouldn't remember certain settings if you used it with a FileVault-enabled account (not sure if this has changed in recent versions).

Yes I do (since a few months):

- http://agilewebsolutions.com/knox (one vault per client) on Mac OS X, including all db data if any

- http://agilewebsolutions.com/products/1Password for all small-sized sensitive data (eg: production access, passwords etc), with an automated crypted backup

I'm looking for a reliable and as seamless solution for Windows at my pace (not a big need).

Something I'm also looking at is a way to securely erase all the free space on Mac OS X (to remove past data), as well as something that really works to find sensitive data (where I could define what sensitive means).

There's a "securely erase free space" feature in Disk Utility, which does crash on me when I use it though, making a reboot necessary. Otherwise, you might simply use a one-liner like

dd if=/dev/zero of=/tmp/free_space_eater; rm /tmp/free_space_eater

This overwrites all unused space on the disk with zeroes. You'll temporarily run out of free diskspace with either option, so it's a good idea to do this when you're not working on your computer.

Thanks for both tips. I didn't even think it could be built in! Mac OS kind of amazes me on a regular basis.
Looking at it again, it's probably a good idea to extend that one-liner a little bit by throwing in a sync command, just to make sure that all zeroes get written to disk before deleting the fill-up file:

dd if=/dev/zero of=/tmp/free_space_eater; sync; rm /tmp/free_space_eater

I like Knox (which is just a wrapper around OS X's encrypted DMG functionality --- but a really good wrapper), but Knox isn't a full-disk encryption solution. The point of full-disk encryption is not having to constantly inventory your files and remember which ones need to be protected, and Knox doesn't save you from that.

Knox is handy if you already do full-disk encryption, because it lets you segregate data further (personal financials, client work, etc), so that even if you lose your computer while it's (say) on, an attacker will still need the key to yet another encrypted volume to get that data. I find it extremely useful for things I know I'm not going to need to access often; I also use it for my mail spool.

I use Truecrypt but there's also FreeOTFE, which is supposed to be "more" open source than TC.

I don't use whole-disk encryption but I have almost all my applications on the encrypted partition, thanks to PortableApps (http://portableapps.com/). As a bonus it's very easy to backup all my PortableApps data, as well as take everything on an external drive and start working on a different computer (provided it has Truecrypt).

Edit: link to FreeOTFE: http://www.freeotfe.org/

Not meaning to be a jackass but realize that maybe if you downloaded (and maybe already deleted!) that porn video with that girl that might or not might be 18 you could be in big troubles if you don't have your full disk encrypted.

Edit: or other things that would be ok but can be used against you by law enforcement, for example what about your collection of pirated MP3s or DivX?

Is this more acceptable than accidentally downloading porn with someone that might look underage? (Or having looked at it because some trolled linked it to you)

An encrypted disk could also get you in a position where you have to give up your password. Be careful with your porn-filled encrypted hard drive.
Not in every country, not in Italy for sure. Anyway truecrypt-like systems gives you plausible deniability since you can have a "decoy" system.

Fortunately that is not my case but I can't say I don't have any MP3s of DivXs that aren't, err, properly licensed.

Edit: or cracked software, we have very high fines in Italy for using softwares without a license.

I'm just saying that in case the police have a look to your laptop and they WANT you to charge with something, they will.

Do you really believe in the plausible deniability thing? It might fool someone doing a routine check, but not someone willing to really find out what's going on.
Also, I remember I have read an article about some guy that had some pics of their little childrens sometimes naked in an "innocent" way on a trip.

They had their children taken away because they went to a photo shop to have the film developed and the clerk called the police.

Smells like an urban legend. Either it didn't happen or the pictures weren't so "innocent".
You're probably thinking of this incident:

http://www.salon.com/life/feature/2006/07/18/photos/index.ht...

I recall other vaguely-similar cases reported in less detail in earlier years. The clerks may not have good judgment, and the incentives for the clerks and many of the agencies involved are to err on the side of assuming-the-worst.

The stigma of even having been accused may make people in such a situation unwilling to talk about it even after being cleared afterwards. After all, many will assume law enforcement would only get involved if "the pictures weren't so 'innocent'".

To those who use single folder encryption or recommend it you at serious risk. Applications leak data, they write temporary files in places you never expect etc.

Folder based encryption will not provide protection, only whole disk encryption.

I use encrypted LVM on linux which works great. I've used TrueCrypt in the past and that works too, although I had some stability problems with the software in Windows.
I started using ecryptfs on my /home partition when my last laptop got stolen. I suspect there's some potential for leakage through /tmp and swap, but I suspect most likely attackers aren't that sophisticated. Should I be concerned? Are there easy ways to plug the gaps?
Ecryptfs is a fantastic solution. If you're using the passphrase-wrapped-by-login-password method (convenient, I think Ubuntu implements this method) then security is not that great - because it's ultimately limited by the strength of your login password: if an attacker gets his hands on the wrapped passphrase, such as is the case when your laptop gets nicked, brute-force methods will suffice.

As for /tmp and swap: those are not required to be persistent over reboots. So you can regenerate those with a random key on every boot. <a href="http://paste.pocoo.org/show/260932/>Here are some pointers to help you do that with dm-crypt</a> for a swap device backed by a loopback device.

I am using Espionage (http://www.taoeffect.com/espionage/) on my Mac. Working great, I wanted to avoid whole-drive encryption for performance reasons and only encrypt what is necessary (my work related files, pictures, videos, etc).
Linux - dm-crypt. If I could, I'd make full-disk encryption mandatory for all business use laptops. I work for a smaller shop, so a developer or two usually ends up going to a trade show.

With full source and a build environment for our product on their laptop. That makes me paranoid about loosing a laptop in the chaos of a trade show, while our booth is surrounded by our competitors.

Since most of my life exists in one way or another on my hard disk, I consider it to be an absolute must to encrypt the drives.

I’m using PGP Whole Disk Encryption http://www.pgp.com/products/wholediskencryption/index.html, which works perfectly. I prefer it over OS X’s FileVault feature since it just protects everything and is completely transparent to the system and the user.

And, btw, I’m still hoping for a mobile OS besides BlackBerry’s that provides a reasonable secure encryption option.

I'm weighing up going down this route - what kind of performance hit do you experience form using PGP WDE on your Mac? Thanks
Frankly, I've never noticed it being there other than when I do some extremely IO expensive operations like data processing. When I do that on my MPB though, I'm just testing it. That work belongs on a server anyway if you want it to be fast.
During normal use, the performance degradation is barely noticeable, it _feels_ like 10%–15%. Things become a bit more critical when working with larger files or during heavy I/O.

One thing to consider, however, are SSDs. To my knowledge, encrypted data is only written to blocks that already contain random data. You therefore might want to look for disks whose performance does not degrade that much when free blocks are no longer available.

Correct me if I'm wrong, but it looks like PGP Whole Disk Encryption is the only product on the that supports whole-disk encryption for OS X. TrueCrypt on OS X and FileVault can only encrypt directory trees.
A related tip: I use a True Crypt (file) volume to store all my personal stuff, in particular a scanned version of everything ever sent to me in the post (tax stuff, bank stuff). I highly recommend this practice (scanning everything to an encrypted volume). The files stay organised - unlike my paper records ever did. It's trivial to have a complete copy of you're personal files at work... which can come in remarkably handy and of course it's secure and backing up is easy (just copy the file).
As a semi-professional nude photographer I have encrypted every hard disk I own, including my laptop's. It's part of my promise to the customers to keep their photos really safe. I am using Ubuntu and LuKs on all my machines because I find it very convenient to have a superb encryption mechanism built in.

As a side note, I do all my picture editing in Gimp. While this is not commom among professional photographers, it contributes in some ways to my landmark style.

I'm intrigued. Do you have some examples of your work?
I am too, not sure why you are being downvoted. I'm interested in finding out what a "landmark style" influenced by using gimp instead of photoshop looks like exactly.
He is being down voted because the first comment of this throwaway account is a boorish redditism asked to someone who just said they value client confidentiality.
I'm sure there's a portfolio that we could see.
Didn't realize the account was made only a few hours ago, so I guess that's not a great sign. I was giving him the benefit of the doubt that he was asking for non-confidential examples of the work out of genuine interest, but maybe that's a little naive on my part.
Is there a significant style difference between using Gimp and Photoshop? I only know Photoshop, but I've always thought of Gimp as just program for doing basically the same work. I wouldn't think there'd be a difference in the final product.
The most common complaints I've seen are that Gimp isn't Photoshop - meaning PS users who move to it dislike it due to the multi-window UI, 'wrong' key combinations.

I actually used Gimp before PS and from my perspective the only things it really misses are layer groups and layer styles. For PS users there is Gimp Shop[1] which attempts to "deweirdify" the UI to something more reminiscent of PS.

[1]: http://gimpshop.com

Sadly, this is the reality of OSS, layer groups were first proposed (and accepted as a "good idea") as early as 2002, but actually are supposed to come out in Gimp 2.8, which I think is coming out in 2011?

Meanwhile, one can run the external plugins such as this: http://registry.gimp.org/node/16563

For a programmer, GIMP is fine for an occasional photo editing job. Just wish, it could do a better job of importing Photoshop files. I know it is more of PS fault not GIMP's, but still.

(I'm still confused - what are the good all-disk encryption options for OS X, please?)

Thanks

I use truecrypt for my Mac and Windows machine and share the truecrypt file via Dropbox. Can't live without it anylonger ;-)
I'd use Bitlocker for your Windows 7 laptop, as a previous commenter noted it has a mode to work via a USB key inserted at boot time. In my experience it's been fast and unobtrusive. I've never used TrueCrypt, though I've looked into it several times and remembered thinking that it looked just as good (or better) technically as Bitlocker, but the UI is really horrid and overly complicated if you're looking for something that's a "no-brainer": http://www.truecrypt.org/screenshots

Bitlocker Tips:

1. You might have to enable it in your group policy (see http://www.sevenforums.com/tutorials/4681-bitlocker-drive-en...) for the option to use a USB key to show up.

2. You'll need the USB key inserted to power on the laptop or resume from hibernate, but not for waking it from sleep. That helps with convenience since you won't have to use the key to unlock it from sleep.

3. Make sure to back up the Bitlocker Recovery Key saved to the USB drive. It's saved as a hidden file, just put it somewhere safe online in case you lose the USB key.

4. Don't lose the USB key along with your laptop! Since that sort of defeats the point of encrypting the drive in the first place...

We use Jetico Bestcrypt VE. It's extremely secure and flexible.

http://www.jetico.com/encryption-bestcrypt-volume-encryption...

You do not require a TPM chip to use BitLocker, although it's better if you have one as the TPM makes it very difficult to tamper the boot code.

Use full volume encryption products (like BitLocker or Bestcrypt VE). There's always useful data in temporary files and it protects against leaving a sensitive file out of an encrypted volume.

I don't encrypt a bit — I even got no login password. I've got all my stuff on a 50GB Dropbox, so if I lose my MBP I'll just sync a new machine. Don't have anything of particular importance on my drive: design PSDs (could be secret), stock resources (icon packs, graphical elements), my music and a inspirational folder.
I do the same (happy 50GB Dropbox user).

I haven't researched this, but is it possible to remotely delete a Dropbox drive? I.e. if my laptop is stolen, to use the site to wipe the data from the laptop? I assume it's possible.

Yeah, I think so – but don't know for sure.
Not against a capable attacker (who prevents your laptop from getting on the internet).
i use pgp whole disk encryption on my macs and softraid encrypted disks on my openbsd laptop and backup server.
I don't have to worry about proprietary source code working for Mozilla, but since I work in metrics, I have access to data that could potentially risk user privacy if it were stolen, so I keep my laptop locked down pretty tight.

I run PGP Whole Disk Encryption and am very happy with it. I also use Super Duper for backing up to two different external drives. One is unencrypted which I keep in the firesafe at home, and the other is also encrypted with PGP WDE which I take with me when traveling. That way, if my laptop were stolen, I can pick up a new one and restore the drive to it.

With truecrypt you can also create file containers, which you can easily backup as a whole by copying them to another disk. In some situations, this has certain advantages e.g. when upgrading your hard disk. It also provides a way to allow access only to certain parts by distributing your documents over several containers. I use truecrypt on my netbook and haven't had any problems with it in years and found it a convenient way to securely share files between computers with different OSes. Truecrypt is also available for linux but unfortunately there doesn't seem to be an ARM/android version available. On linux, I use encryptfs though.