Imagine pulling in to your driveway one evening after a long day at work only to realize that your front door has been kicked in. After the police arrive, you discover that you have been burgled. That new shiny 50” plasma is gone. Your house is a mess. And there’s a tangled jungle of cables where your computer once sat.
It happens every day in America. All of us have door locks, and many of us even have sophisticated alarm systems to deter theft. But even the best door lock and alarm system can be thwarted, and chances are you’re not employing bank vault level security at your front porch. Most of us try to offset the risk of theft by purchasing insurance, renting safety deposit boxes, or even deploying our very own safe. But what steps do we take to protect our computer?
Do you ever buy anything online? How about pay your bills or visit your bank’s web site? Ever logged in to your office network from home to finish a project or grab a file? If a burglar took your plasma, that’s easy enough to replace. But with your computer, he potentially has access to some very private data. And it’s trivially easy to gain access to a computer that solely relies upon the Windows logon password for protection. That’s why every home computer user needs to use encryption.
These days it’s easier than ever to employ encryption software on your personal computer. And best of all, it’s completely free. With an open source utility called TrueCrypt, you can encrypt your entire hard drive with only a few quick clicks. With an encrypted hard drive, it takes decades for a very dedicated attacker to gain access to your files.
Simply download and run the TrueCrypt installer. Once installed, click on “System” and “Encrypt System Partition/Drive” and walk through the wizard to create your passphrase and begin the encryption process. It may take several hours for the drive to be fully encrypted, depending on the size of your hard drive as well as your computer’s specifications. But the initial setup should only take 15 minutes. You’ll be prompted to create a recovery disc, which is helpful in case anything goes wrong. Of course you’ll still need your password to unlock the computer, though.
And just like that, you went from a screen door to a bank vault.
TrueCrypt can also be used to encrypt external hard drives, files, and even build in a decoy operating system. The decoy operating system is a great feature, as highlighted by this XKCD comic. With a decoy OS, you’ll have two difference passwords. One password will unlock one operating system, while the other password unlocks the other one. Both operating systems operate completely independent of each other. This is essential for applications which require plausible deniability. If under duress, one can safely divulge password “A”, while keeping the contents of operating system “B” securely hidden. But that’s a bit more complex, and possibly a topic for another day.
Note that TrueCrypt full disk encryption only works on standard Windows setups. People with multiple operating systems, or other operating systems such as OSX or Linux cannot use TrueCrypt full disk encryption.