TrueCrypt

[explode7]

Yo Malice how much for this piece of software? And if I want couldn't I just compress a folder with all my files and add a password to it? Wouldn't that be simpler and less time consuming to decrypt since you need the software as well as a password with TrueCrypt?

 

[Malice]

Yo Malice how much for this piece of software? And if I want couldn't I just compress a folder with all my files and add a password to it? Wouldn't that be simpler and less time consuming to decrypt since you need the software as well as a password with TrueCrypt?

Its is COMPLETELY FREE
Its opensource

Passwording a folder is relatively weak...I could pop a cd into your drive and crack it in minutes

Your best option...
Encrypting a whole drive is not needed for the average joe.

I suggest, installing TrueCrypt and creating an Encrypted Container.
This creates a file that is of X size...say, 1 GB
All you do to access the data, is run TrueCrypt, and it basically "maps" or mounts a drive letter, that is the internals of that file. It acts like a mapped drive, and all the data in that volume, or file container, is completely encrypted.

 

[Malice]

Does that help?

 

[explode7]

So you say you can easily crack my zipped folder with a password? How about if I zip it using Winrar? That would take an extremely long time to crack no matter which software you use to crack it and especially if the case I use in the password is upper and lower and numbers and special charaters. It will take years to crack that password.

 

[Malice]

So you say you can easily crack my zipped folder with a password? How about if I zip it using Winrar? That would take an extremely long time to crack no matter which software you use to crack it and especially if the case I use in the password is upper and lower and numbers and special charaters. It will take years to crack that password.

I would bet (not that I am a good example to really explain it) that a WinZip/ WinRar password protected archive, would be able to be cracked fairly quickly.

I am speaking from "rough" knowledge on this aspect. Those are typically not encrypted though, the algorithms are not very efficient. Granted, if a run of the mill person got it, they wouldnt be able to get into the archive...but if anyone with a program can crack it. Check this out, its an example - LINK

 

[explode7]

HA! Brute force and dictionary attacks. LOL!!! Dude thats the same cracking methods that will take you years to crack a password that is as tight as I mentioned earlier.

 

[Malice]

HA! Brute force and dictionary attacks. LOL!!! Dude thats the same cracking methods that will take you years to crack a password that is as tight as I mentioned earlier.

Quite possibly...
I perform cracks on usernames and passwords all the time...

I am not stating that it wouldnt take awhile...
I hope I didnt make it sound like a password protected file is weak...

 

[explode7]

^It all depends on the password itself which determines if the password is weak actually. But it doesn't really matter to Windows since anyone with a little comp skills can reset passwords on that system.

 

[Malice]

78 minutes will the laptop finishes encrypting the entire drive...
Will play with it then

 

[jaguarr]

It's not the password that is vulnerable it's the encryption type. The attack happens at the encryption level not the password level. That's why something like WinRAR is easy to crack where it's encryption is concerned, because it uses a relatively basic encryption level.

jag

 

[explode7]

^Yes I know but the password can still a really really long time to crack if I use a very complex password.

 

[Malice]

^Yes I know but the password can still a really really long time to crack if I use a very complex password.

True, long passwords go a long way, but I think our point is that lacking encryption is a hole unto itself.

 

[jaguarr]

^Yes I know but the password can still a really really long time to crack if I use a very complex password.

You can use the longest, most complicated password in the known universe and if your encryption sucks ass I can still crack open your file.

jag

 

[explode7]

we'll see. How about I send you a very hard password encrypted file under winrar and lets see if you can crack it?

 

[jaguarr]

How about you get a life?

jag

 

[explode7]

^Dude I wasn't being insulting. I was really going to send you a winrar password protected file to crack. Sorry if my statement was misunderstood as an insult.

 

[jaguarr]

^Dude I wasn't being insulting. I was really going to send you a winrar password protected file to crack. Sorry if my statement was misunderstood as an insult.

I think you're missing the point that we're talking about what is philosophically and technically feasible, not what I or Malice can personally do as computer geeks. It's just common sense that a higher level of encryption algorithm will be much, much harder to crack than one that doesn't use as complex an algorithm. Password length and complexity and length is only as good as the level of encryption protecting it. If you use the most complex password that you could possibly dream up to protect a file, but it has poor or mediocre encryption due to an algorithm that's not overly complex, someone with the right tools is going to be able to crack open whatever it is you're trying to protect. If you use a type of encryption that's highly complex, then it increases the likelihood that they won't be able to crack open whatever it is you're protecting. They're not trying to crack or guess your password, they're trying to decrypt against the encryption algorithm. Do you get what I'm saying, here?

jag

 

[explode7]

^Yes I already know that. But Winrar has a very complex encryption algorithm because it have taken me a very long time to crack even a simple password.

 

[Malice]

^Yes I already know that. But Winrar has a very complex encryption algorithm because it have taken me a very long time to crack even a simple password.

Then WinRar might use a fairly good one.
WinZip, uses a terrible one, so I automatically thought the same thing.

Last time I looked, regardless of the password, a WinZip archive could be cracked in seconds.

I figure WinRar must use a 64 bit or maybe even a 128 bit...

 

[jaguarr]

^Yes I already know that. But Winrar has a very complex encryption algorithm because it have taken me a very long time to crack even a simple password.

That's because you are cracking against the password and not against the algorithm. Pro level decryption tools don't even care about the password. It's just a formality.

jag

 

[explode7]

I think you can choose which encryption type you want under winrar, either the 64 bit or 128 bit.

 

[explode7]

That's because you are cracking against the password and not against the algorithm. Pro level decryption tools don't even care about the password. It's just a formality.

jag

Na it's the encryption I cracked against. I can't remember the program but I pretty sure its the encryption I cracked against. It said it would take like 100000 hours or something to crack. It was really insane.

 

[jaguarr]

Na it's the encryption I cracked against. I can't remember the program but I pretty sure its the encryption I cracked against. It said it would take like 100000 hours or something to crack. It was really insane.

It's still cracking against the password. It has to get past the encryption, eventually, but it's still cracking against the password. Pro level decryption tools don't care about the password, per se. I don't think you're distinguishing between the two concepts.

jag

 

[Malice]

My Laptop finished...
When I boot the laptop now, a BootLoader comes up

TrueCrypt BootLoader.
Basically is just says
PASSWORD?: _

If you typo it, it says incorrect, and comes back up with a new password prompt. If you type it in correct, it starts booting windows.

There is a boot CD also that you HAVE to build when you encrypt the drive, this boot loaded is the exact same as that on the laptop, so if the boot loaded on the laptop goes bad, the CD can rebuild the laptop boot loader.

Also, there is an option on the CD that say, DeCrypt entire system...
I am not sure if that is ONLY on the CD or on both the CD and the laptop...will look.

 

[Malice]

Has anyone used this in any fashion than a quick test?