Windows system partition encryption: yes or no?

Heated discussions about long term goals please. Pretty much everything goes.

Re: Windows system partition encryption: yes or no?

Postby Merlin » Tue Jun 10, 2014 2:13 pm

compul wrote:Im my opinion Evil Maid should definately be considered. There's enough scenarios I can imagine that scare me with it. Then again I'm paranoid. Then again that's a good thing.

You've already got (optional) off disk bootloader in the accepted proposals. Use it and your bootloader can't be infected by EvilMaids.. unless you leave your USB bootloader key where thay can access it.
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby compul » Tue Jun 10, 2014 2:37 pm

This is exactly why I put it there ;)
User avatar
compul
Site Admin
 
Posts: 69
Joined: Fri Jun 06, 2014 6:15 pm

Re: Windows system partition encryption: yes or no?

Postby Merlin » Tue Jun 10, 2014 2:48 pm

To be honest If i had something sufficiently sensitive that I thought EvilMaid attacks were a serious concern, my entire TrueCrypted laptop would be a decoy and all the serious work would happen under Debian booted off that USB you propose having the bootloader for TC on, but that's just me ;)
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby compul » Tue Jun 10, 2014 2:58 pm

I stated earlier that I haven't used TC in years, since everything I consider remotely sensitive is on my debian machines. So it's not just you. :P
It's not an assumption to work off of though.
User avatar
compul
Site Admin
 
Posts: 69
Joined: Fri Jun 06, 2014 6:15 pm

Re: Windows system partition encryption: yes or no?

Postby Merlin » Tue Jun 10, 2014 3:23 pm

Well what would be really cool, but probably infeasible, would be if a hidden OS could be set up on USB rather than a second partition, which would enable people to keep anything really sensitive with them, or hidden.. but that's just blue sky thinking. Unlike Linux I've always found Windows a bit hostile to letting itself be run from anything other than an internal drive though.. Plus the last thing I want to encourage is a rush to "cool new features". And that probably has security implications I haven't considered.

The assumption to work off is "Most users are locked into Windows, and don't want the learning curve for anything else even if it's better suited"
Merlin
 
Posts: 43
Joined: Sun Jun 08, 2014 4:57 pm

Re: Windows system partition encryption: yes or no?

Postby gabranth » Thu Jun 12, 2014 6:51 pm

i think is getting rid of system encryption is a bad idea since windows can leaks info about your encrypted volumes encrypted OS = put on an encrypted partition not in plain text
gabranth
 
Posts: 1
Joined: Thu Jun 12, 2014 6:42 pm

Re: Windows system partition encryption: yes or no?

Postby srg » Tue Jun 24, 2014 4:17 am

gabranth wrote:i think is getting rid of system encryption is a bad idea since windows can leaks info about your encrypted volumes encrypted OS = put on an encrypted partition not in plain text


This is exactly why we definitely can't drop support for the encryption of the system boot drive. You have to worry about the swap file, the hibernation file, all the stuff in the Windows registry (last open files, last open programs, file paths, all kinds of stuff is stored in the registry).
srg
 
Posts: 16
Joined: Fri Jun 06, 2014 9:13 pm

Re: Windows system partition encryption: yes or no?

Postby Mac » Mon Jun 30, 2014 3:13 am

If this is a survey, then my vote is definitely YES to retain partition encryption. I believe this is one of the foremost features for which people use Truecrypt. Although I suspect it will be a challenge to implement partition support for W/8 and UEFI, I feel it is of paramount importance for keeping Truecrypt (successor) viable. I also feel strongly that future versions retain backward compatibility to existing header and data structure formats.

There will undoubtedly be an urge to upgrade data on-the-fly -- such as updating the pass-phrase validation fields to accommodate enhanced security. I urge this to NOT be done automatically -- but only with user consent -- in case this data is being shared amongst a variety of systems. i.e., Confirm with the user before making any changes which are not backward compatible. Users may not always be able to synchronize software upgrades on all platforms (for a variety of technical or policy reasons). This consideration is also applicable to further newCrypt evolutionary changes.
Mac
 
Posts: 6
Joined: Mon Jun 09, 2014 4:56 am

Re: Windows system partition encryption: yes or no?

Postby srg » Thu Jul 03, 2014 3:57 pm

My feelings exactly, Mac.
srg
 
Posts: 16
Joined: Fri Jun 06, 2014 9:13 pm

Re: Windows system partition encryption: yes or no?

Postby WaywardGeek » Fri Jul 04, 2014 4:33 am

I've offered to maintain this functionality personally. The code doesn't seem so bad to an old geek like me who still thinks in 16-bit assembly code! Don't worry... be happy... we'll maintain it.
WaywardGeek
 
Posts: 40
Joined: Sat Jun 07, 2014 8:38 am

PreviousNext

Return to Long-Term Goals / Wish List

Who is online

Users browsing this forum: No registered users and 1 guest