Skip to main content

Encryption

More
19 years 6 months ago #8637 by beexo
Encryption was created by beexo
Phishing!!! I think we used to call it stealing. Any how, I don't even want to think about the idea of loosing my hard disk to some MF that decides to go phishing in my office while I am sleeping. Just the thought of it makes me shiver. So I have done some surfing, and have come across some free software for this purpose. One such program for windows is the TrueCrypt. I have never used such software, therefore I know nothing about it, and this is where you come in.
Do you use it? Which one? Is it reliable? , etc.

One thing I would like to have (if possible) is the following:
1- The whole disk should be encrypted.
2- The PC should only boot if a USB key is pluged in. Once booted, it should work without the USB key. This would serve to funcions, boot the computer, and provide the de-cryption code.

You're comment os this subject are appreciated.
More
19 years 6 months ago #8641 by cybersorcerer
Replied by cybersorcerer on topic Re: Encryption
I think you are confused about the real definition of phishing, because the ability to make the computer boot only with a usb key is not going to save you from phishers. Phising is a type of "social engineering" that takes a tailored web page that looks trustworthy and prompts you for information that you should never give out(credit card, ss number, pin number, etc) and forwards it to the hacker who then goes on to steal your identity. This is usually done in the form of an email, but can also use DNS cache poisoning to redirect your computer to a phishers website but be tailored to look exactly like the website you intended to go to. It can also be used in a MITM(man in the middle) attack where a hacker intercepts your connection, forwards the data to the site you requested, but the information responded by the server is forwarded to the hacker, but is then forwarded back to you making the transaction transparent to the user.

To protect against the email attacks is simple; NEVER give out that information to ANY email. For the others, it is a bit more complicated, but I usually disable javascript before connecting to my trusted e-commerce sites. I'm sure there are other methods that the posters on this website would love to share, so I'll leave to the stage to those who want to share their defenses against phishing.

"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
More
19 years 6 months ago #8644 by beexo
Replied by beexo on topic Re: Encryption
Ok! I may have missused the term phishing. Altough I think it is being used to describe other methods of collecting information, such as stealing your hardware (I have read some stories). But what I would like is your (you all) opinion on the subject of cryptography. If someone breaks in my office and steals my computer, I would like to be sure that none of the information on the hard drive(s) could be ever read.
More
19 years 6 months ago #8645 by ReX
Replied by ReX on topic Re: Encryption
I came accross this windows encryption program, I haven't tried it yet but it's free. I also like it because it uses 128 bit blowfish encryption. Wich is more than sufficient for most home and office uses but I think its a little early to consider it impossible to break like they say on there site.

www.cypherix.com/cryptainerle/index.htm
More
19 years 6 months ago #8649 by beexo
Replied by beexo on topic Re: Encryption
Cryptainerle is easy and free (so they say) but it has container size limit of 25 megs. Not good enough.

I have come across a program called DriveCrypt. This looks like the perfect solution to what I am looking for. The problem is that it is a commercial product. It's not a price issue, as it costs around $130. Being a commercial product, you just don't know what's inside.
More
19 years 6 months ago #8652 by ReX
Replied by ReX on topic Re: Encryption
If the data you want to keep safe is on a file server you could do something like this: pooh.selwerd.nl:81/index.php?id=84

But maybe a hardware encryption device would be a better solution for you. ABIT makes one called SecureID. It only used 40 bit DES which is sufficient for most home users but is not very strong encryption. CRU also makes hard drive encryption devices with considerably better encryption but at a significant increase in price also.
www.forensicpc.com/proddetail.asp?prod=CRUENCRYPTDPV&cat=14
Time to create page: 0.131 seconds