I recently got a LaCie 250Gb external drive to do some off-site backups of my data. I am a bit worried about security though since it is so easy to get these USB devices talking to just about anything.
I read up about disk encryption software commonly called On The Fly Encryption – OTFE for short. I use XP and OS X as my desktop Operating Systems but I think I’ll stick this drive mostly into my XP machines for now so I am focussing on software for that at the moment.
The amount of data I need to encrypt is probably much less than 5Gb, it is just things like mail, configuration files, a few database dumps and so forth, the rest could go in the plain onto the disk. However some of these tools allow encryption of full devices so that would be an ideal. I would for example not be too happy if my raw files of my photos gets stolen, this is the main chunk of data I need to arrange off-site backup for.
There are a number of free and commercial options, I tried a few in each catagory:
Product Name | Cost | Comments |
FileDisk | Free (GPL) | Command line only, though the FreeOTFE author wrote a GUI front end for it. It seems to be unmaintained though and certainly was the reason for quite a few hard resets of my box today. |
FreeOTFE | Free (GPL) | Early days in developement but looks promising. I had it stop responding a couple of times when copying large files onto it. Lacks good progress indicators for things, so you think its crashed when its just taking its time. A big plus of this product though is that it has the ability to make Linux compatible crypted disks, this could be a big selling point. |
TrueCrypt | Open Source (Own License) | Works flawlessly so far. I particularly like the nice progress bars on creating and formating of the data files. |
CryptoExpert Lite | Free but restricted | Has maximum file size limitation so did not try it. |
Softwinter Sentry | $49.95 | This product also worked flawlessly, not as nice progress bars but it works. |
From the above table it should be clear that amongst the products I tried TrueCrypt and Sentry are the winners, I’d consider buying Sentry if I needed very long term storage and need the kind of backing that a company tends to give, backwards compatibility and so forth.
My usage however as a off-site backup system means I will be overwriting the last backups – or perhaps rotate them for 2 or 3 months – so I most certainly do not need long term archival.
TrueCrypt can also encrypt a full partition so I also tested that and I must say it works great. The initial format over the USB2 of 200Gig would take about 5 hours – so I did a quick format for testing but this is not suggested for actual use. This works great so I will put all my data on the crypted partition and leave a 32Gig FAT32 on the drive to store the TrueCrypt software on etc. You do not need to install anything on the windows machine to run TrueCrypt so can even be run off a memory stick.
My choice therefore is TrueCrypt, kudo’s to them for a very professional looking product with a good UI and great documentation to go with it.
While researching this I came across this site that has a whole lot of useful encryption related information.