01.11.2006, 15:35 | #1 | ||||||||||||
Супер-Модератор
|
TrueCrypt*
Как гласит хорошо знакомая многим присказка,
На выбор пользователю предлагается полный набор популярных алгоритмов шифрования: начиная от AES (256-bit key), Blowfish (448-bit key), CAST5 (128-bit key), Serpent (256-bit key), Triple DES, Twofish (256-bit key) и заканчивая самыми различными вариациями на тему Twofish-Serpent. При подключении вновь созданного раздела можно явно указать программе не сохранять историю подключений, а также не использовать кэширование паролей в драйвере устройства TrueCrypt. Если понадобится, в модуле управления защищенными разделами можно изменить текущий пароль доступа к выбранному вами тому, а также произвести сравнительный тест скорости записи на него при условии использования различных алгоритмов шифрования. Одна из особенностей программы - отсутствие в заголовке созданного "диска" специфической сигнатуры, характерной для других подобных программ, что делает невозмоным идентифицировать TrueCrypt-диск, т.к. ни одна из частей виртуального диска не отличается от случайных данных. Стоит отметить, что существуют версии этой программы для операционных систем Windows и Linux (версии для разных ядер Linux можно найти на сайте разработчика). Официальный сайт: http://www.truecrypt.org | инструкция на русском языке
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × Последний раз редактировалось Slava; 21.12.2010 в 09:37. |
||||||||||||
Благодарности: 4 |
07.02.2008, 11:59 | #3 | ||||||||||||
Супер-Модератор
|
Обновление до 5.0
Спустя почти год, вышла новая версия OpenSource ПО для шифрования блочных устройств - TrueCrypt 5.0. Основные нововведения:
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
Благодарности: 2 |
11.03.2008, 16:35 | #4 | ||||||||||||
Супер-Модератор
|
Обновление до 5.1
Спустя почти год, вышла новая версия OpenSource ПО для шифрования блочных устройств - TrueCrypt 5.0. Основные нововведения:
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
06.07.2008, 20:11 | #5 |
Супер-Модератор
|
Обновление до 6.0 Final
Спойлер
TrueCrypt 5.1a Improvements: * Faster booting when the system partition/drive is encrypted (typically by 10%). (Windows Vista/XP/2008/2003) * Other minor improvements. (Windows, Mac OS X, and Linux) Resolved incompatibilities: * On computers with certain hardware configurations, resuming from hibernation failed when the system partition was encrypted. Note: If you encountered this problem, the content of RAM may have been saved unencrypted to the hibernation file. You can erase such data, for example, by decrypting the system partition/drive (select System > Permanently Decrypt System Partition/Drive) and then encrypting it again. (Windows Vista/XP/2008/2003) Remark: As Microsoft does not provide any API for handling hibernation, all non-Microsoft developers of disk encryption software are forced to modify undocumented components of Windows in order to allow users to encrypt hibernation files. Therefore, no disk encryption software (except for Microsoft's BitLocker) can guarantee that hibernation files will always be encrypted. At anytime, Microsoft can arbitrarily modify components of Windows (using the Auto Update feature of Windows) that are not publicly documented or accessible via a public API. Any such change, or the use of an untypical or custom storage device driver, may cause any non-Microsoft disk encryption software to fail to encrypt the hibernation file. We plan to file a complaint with Microsoft (and if rejected, with the European Commission) about this issue, also due to the fact that Microsoft's disk encryption software, BitLocker, is not disadvantaged by this. * Workaround for a bug in the BIOS of some Apple computers that prevented users from entering pre-boot authentication passwords and controlling the TrueCrypt Boot Loader. (Windows Vista/XP/2008/2003) Bug fixes: * When the system partition/drive is decrypted under Windows, the original partition table will not be restored. Note: This issue affected users who repartitioned an encrypted system drive and then decrypted it under Windows. (Windows Vista/XP/2008/2003) * Other minor bug fixes. (Windows, Mac OS X, and Linux) TrueCrypt 6.0 New features: *Parallelized encryption/decryption on multi-core processors (or multi-processor systems). Increase in encryption/decryption speed is directly proportional to the number of cores and/or processors. For example, if your computer has a quad-core processor, encryption and decryption will be four times faster than on a single-core processor with equivalent specifications (likewise, it will be twice faster on dual-core processors, etc.) [View benchmark results] *Ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed). For more information, see the section Hidden Operating System. (Windows Vista/XP/2008/2003) For security reasons, when a hidden operating system is running, TrueCrypt ensures that all local unencrypted filesystems and non-hidden TrueCrypt volumes are read-only. (Data is allowed to be written to filesystems within hidden TrueCrypt volumes.) Note: We recommend that hidden volumes are mounted only when a hidden operating system is running. For more information, see the subsection Security Precautions Pertaining to Hidden Volumes. *On Windows Vista and Windows 2008, it is now possible to encrypt an entire system drive even if it contains extended/logical partitions. (Note that this is not supported on Windows XP.) *New volume format that increases reliability, performance and expandability: o Each volume created by this or later versions of TrueCrypt will contain an embedded backup header (located at the end of the volume). Note that it is impossible to mount a volume when its header is damaged (the header contains an encrypted master key). Therefore, embedded backup headers significantly reduce this risk. For more information, see the subsection Tools > Restore Volume Header. Note: If the user fails to supply the correct password (and/or keyfiles) twice in a row when trying to mount a volume, TrueCrypt will automatically try to mount the volume using the embedded backup header (in addition to trying to mount it using the primary header) each subsequent time that the user attempts to mount the volume (until he or she clicks Cancel). If TrueCrypt fails to decrypt the primary header and then decrypts the embedded backup header successfully (with the same password and/or keyfiles), the volume is mounted and the user is warned that the volume header is damaged (and informed as to how to repair it). o The size of the volume header area has been increased to 128 KB. This will allow implementation of new features and improvements in future versions and ensures that performance will not be impaired when a TrueCrypt volume is stored on a file system or device that uses a sector size greater than 512 bytes (the start of the data area will always be aligned with the start of a host-filesystem/physical sector). For more information about the new volume format, see the section TrueCrypt Volume Format Specification. Note: Volumes created by previous versions of TrueCrypt can be mounted using this version of TrueCrypt. * Parallelized header key derivation on multi-core processors (one algorithm per core/thread). As a result, mounting is several times faster on multi-core processors. (Windows) *Ability to create hidden volumes under Mac OS X and Linux. *On Linux, TrueCrypt now uses native kernel cryptographic services (by default) for volumes encrypted in XTS mode. This increases read/write speed in most cases. However, the FUSE driver must still be used when the volume is encrypted in a deprecated mode of operation (LRW or CBC), or when mounting an outer volume with hidden-volume protection, or when using an old version of the Linux kernel that does not support XTS mode. (Linux) Improvements: *Up to 20% faster resuming from hibernation when the system partition/drive is encrypted. (Windows Vista/XP/2008/2003) *Many other improvements. (Windows, Mac OS X, and Linux) Removed features: *Encrypted system partitions/drives can no longer be permanently decrypted using the TrueCrypt Boot Loader (however, it is still possible using the TrueCrypt Rescue Disk). (Windows Vista/XP/2008/2003) Note: This was done in order to reduce the memory requirements for the TrueCrypt Boot Loader, which was necessary to enable the implementation of support for hidden operating systems. Bug fixes: *When Windows XP was installed on a FAT16 or FAT32 partition (as opposed to an NTFS partition) and the user attempted to encrypt the system partition (or system drive), the system encryption pretest failed. This will no longer occur. *Many other minor bug fixes and security improvements (preventing e.g. denial-of-service attacks). (Windows, Mac OS X, and Linux) |
31.08.2008, 22:53 | #6 | ||||||||||||
Супер-Модератор
|
Обновление до 6.0a Final
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
Благодарности: 1 | bmp (07.09.2008) |
03.12.2008, 22:00 | #7 |
Супер-Модератор
|
Обновление до 6.1a Final
Спойлер
TrueCrypt 6.1 New features: * Ability to encrypt a non-system partition without losing existing data on the partition. (Windows Vista/2008) Note: To encrypt a non-system partition in place, click 'Create Volume' > 'Encrypt a non-system partition' > 'Standard volume' > 'Select Device' > 'Encrypt partition in place' and then follow the instructions in the wizard. Please note that this is not supported on Windows XP/2000/2003 as these versions of Windows do not natively support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). * Support for security tokens and smart cards (for more information, see section Security Tokens and Smart Cards in chapter Keyfiles). * The TrueCrypt boot loader can be prevented from displaying any texts (by selecting Settings > System Encryption and enabling the option 'Do not show any texts in the pre-boot authentication screen'). * The TrueCrypt boot loader can now display a custom message (select Settings > System Encryption and enter the message in the corresponding field) either without any other texts or along with the standard TrueCrypt boot loader texts. * Pre-boot authentication passwords can now be cached in the driver memory, which allows them to be used for mounting of non-system TrueCrypt volumes (select Settings > System Encryption and enable the option 'Cache pre-boot authentication password'). * Linux and Mac OS X versions: The ability to mount a Windows system partition encrypted by TrueCrypt and to mount a partition located on a Windows system drive that is fully encrypted by a Windows version of TrueCrypt. Improvements: * Protection against memory corruption caused by certain inappropriately designed versions of some BIOSes, which prevented the pre-boot authentication component from working properly. (Windows Vista/XP/2008/2003) * During the process of creation of a hidden operating system, TrueCrypt now securely erases the entire content of the partition where the original system resides after the hidden system has been created. The user is then prompted to install a new system on the partition and encrypt it using TrueCrypt (thus the decoy system is created). Note: Although we are not aware of any security issues (connected with decoy systems) affecting the previous versions of TrueCrypt, we have implemented this change to prevent any such undiscovered security issues (if there are any). Otherwise, in the future, a vulnerability might be discovered that could allow an attacker to find out that the TrueCrypt wizard was used in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on the computer) e.g. by analyzing files, such as log files created by Windows, on the partition where the original system (of which the hidden system is a clone) resides. In addition, due to this change, it is no longer required that the paging file is disabled and hibernation prevented when creating a hidden operating system. * Many other improvements. (Windows, Mac OS X, and Linux) Bug fixes: * Many minor bug fixes and security improvements. (Windows, Mac OS X, and Linux) TrueCrypt 6.1a Minor improvements, bug fixes, and security enhancements. (Windows, Mac OS X, and Linux) Note: If you are using an older version of TrueCrypt, it is highly recommended that you upgrade to the latest stable version.
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
15.05.2009, 16:08 | #8 |
Супер-Модератор
|
Обновление до 6.2 Final
В этом релизе добавлены новые алгоритмы чтения для повышения производительность в среднем на 30-50% при работе с твердотельными накопителями, обновлен загрузчик для поддержки материнских плат с бортовыми RAID-контроллерами, а также внесено множество улучшений в варианты под Windows, Mac OS X и Linux Список изменений
May 11, 2009 New features: * The I/O pipeline now uses read-ahead buffering, which improves read performance especially on solid-state drives, typically by 30-50%. (Windows) Improvements, bug fixes, and security enhancements: * The boot loader now supports motherboards with BIOSes that reserve large amounts of base memory (typically for onboard RAID controllers). Note: In order to be able to take advantage of this improvement under Windows Vista, you will have to install Service Pack 1 or higher first. Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. (Windows Vista/XP/2008/2003) * Mounting using the 'Auto-Mount Devices' feature may take significantly less time as partitions containing unencrypted filesystems are now skipped. (Windows) * When volumes that are mounted as read-only or removable are saved as favorite volumes, they are mounted as read-only and/or removable when 'Mount Favorite Volumes' is used. * When a multiple-pass wipe algorithm is selected when performing in-place encryption of a non-system volume, the header areas will be wiped before the encrypted headers are written to the disk. Note: On an existing volume, you can perform such an operation by changing its password and/or keyfiles. (Windows) * Many other minor improvements, bug fixes and security enhancements. (Windows, Mac OS X, and Linux)
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
Благодарности: 1 | bmp (15.05.2009) |
21.06.2009, 01:20 | #9 |
Супер-Модератор
|
Обновление до 6.2a Final
Список изменений
Improvements and bug fixes: * Improved file container creation speed on systems having issues with write block sizes greater than 64 KB. (Windows) * The 'Device not ready' error will no longer occur when the process of decryption of a system partition/drive is finished. (Windows) * Other minor improvements and bug fixes. (Windows, Mac OS X, and Linux)
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
Благодарности: 1 | bmp (22.06.2009) |
25.10.2009, 13:09 | #10 | ||||||||||||
Супер-Модератор
|
Обновление до 6.3 Final
Вышла новая версия открытого ПО для шифрования блочных устройств - TrueCrypt 6.3. В новой версии исправлены накопившиеся ошибки, добавлена полная поддержка работы на платформах Windows 7 и Mac OS X 10.6 (Snow Leopard), в сборке для платформы Windows появилась возможность монтирования зашифрованных разделов на начальном этапе загрузки, до запуска системных и пользовательских сервисов.
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
Благодарности: 2 |
25.11.2009, 00:06 | #11 | ||||||||||||
Супер-Модератор
|
Обновление до 6.3a Final
Вышла новая версия открытого ПО для шифрования блочных устройств - TrueCrypt.
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
20.07.2010, 19:55 | #12 |
Супер-Модератор
|
Обновление до 7.0 Final
Вышла новая версия открытого ПО для шифрования блочных устройств - TrueCrypt. В этом релизе добавлена поддержка для аппаратного ускорения шифрования с использованием алгоритма AES для поддерживаемых процессоров, улучшена система автоматического монтирования разделов при подключении, добавлена возможность создавать разделы с различным размером сектора, включено средство для управления избранными томами, а также повышена безопасность и исправлены ошибки Список изменений
7.0 - July 19, 2010 New features: * Hardware-accelerated AES (for more information, see the chapter Hardware Acceleration). Note: If you want to disable hardware acceleration, select Settings > Performance and disable the option 'Accelerate AES encryption/decryption by using the AES instructions of the processor'. * A volume can now be configured to be automatically mounted whenever its host device gets connected to the computer (provided that the correct password and/or keyfiles are supplied). (Windows) Note: For example, if you have a TrueCrypt container on a USB flash drive and you want to configure TrueCrypt to mount it automatically whenever you insert the USB flash drive into the USB port, follow these steps: 1. Mount the volume. 2. Right-click the mounted volume in the drive list in the main TrueCrypt window and select 'Add to Favorites'. 3. The Favorites Organizer window should appear. In it, enable the option 'Mount selected volume when its host device gets connected' and click OK. Also note that TrueCrypt will not prompt you for a password if you have enabled caching of the pre-boot authentication password (Settings > 'System Encryption') and the volume uses the same password as the system partition/drive. The same applies to cached non-system volume passwords. * Partition/device-hosted volumes can now be created on drives that use a sector size of 4096, 2048, or 1024 bytes (Windows, Linux). Note: Previously only file-hosted volumes were supported on such drives. * Favorite Volumes Organizer (Favorites > 'Organize Favorite Volumes' or 'Organize System Favorite Volumes'), which allows you to set various options for each favorite volume. For example, any of them can be mounted upon logon, as read-only or removable medium, can be assigned a special label (which is shown within the user interface instead of the volume path), excluded from hotkey mount, etc. The order in which favorite volumes are displayed in the Favorites Organizer window can be changed and it is the order in which the volumes are mounted (e.g. when Windows starts or by pressing the 'Mount Favorite Volumes' hotkey). For more information, see the chapters Favorite Volumes and System Favorite Volumes. (Windows) * The Favorites menu now contains a list of your non-system favorite volumes. When you select a volume from the list, you are asked for its password (and/or keyfiles) (unless it is cached) and if it is correct, the volume is mounted. (Windows) Security improvements: * In response to our public complaint regarding the missing API for encryption of Windows hibernation files, Microsoft began providing a public API for encryption of hibernation files on Windows Vista and later versions of Windows (for more information, see the section TrueCrypt 5.1a in this version history). Starting with this version 7.0, TrueCrypt uses this API to encrypt hibernation and crash dump files in a safe documented way. (Windows 7/Vista/2008/2008R2) Note: As Windows XP and Windows 2003 do not provide any API for encryption of hibernation files, TrueCrypt has to modify undocumented components of Windows XP/2003 in order to allow users to encrypt hibernation files. Therefore, TrueCrypt cannot guarantee that Windows XP/2003 hibernation files will always be encrypted. Therefore, if you use Windows XP/2003 and want the hibernation file to be safely encrypted, we strongly recommend that you upgrade to Windows Vista or later and to TrueCrypt 7.0 or later. For more information, see the section Hibernation File. Improvements: * Many minor improvements. (Windows, Mac OS X, and Linux) Bug fixes: * Minor bug fixes. (Windows, Mac OS X, and Linux) Removed features: * TrueCrypt no longer supports device-hosted volumes located on floppy disks. Note: You can still create file-hosted TrueCrypt volumes on floppy disks.
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
19.09.2010, 21:27 | #13 | ||||||||||||
Супер-Модератор
|
Обновление до 7.0a Final
Вышла новая версия открытого ПО для шифрования блочных устройств - TrueCrypt.
__________________
× Если вы нашли ошибку в моём сообщении, выделите её мышкой и нажмите Alt-F4 × × Twitter, LastFm, SCC, What.cd, Tapochek.net × |
||||||||||||
03.02.2011, 14:46 | #14 |
Местный
|
Купил внешний HDD, отрезал часть и зашифровал TC. Если подключаем, отрезанная часть видится как не отформатированный раздел, что не очень удобно. Хранить контейнер в виде зашифрованного файла на этом диске - тоже както не катит.
Есть варианты, чтоб зашифрованный диск в проводнике до показывался? |
03.02.2011, 14:54 | #15 | ||
Боец
|
Fafnir, а смысл такого шифрования если он будет показываться? Ты с какой целью раздел шифруешь, от кого?
Можно к примеру создать внутри шифрованного диска скрытый том и автоматически монтировать 1-й, но тут загвоздка, если монтировать с защитой скрытого, о нем узнают, а если монтировать без защиты, то можно затереть данные на скрытом разделе, поэтому обычно такие разделы автоматом не монтируют. По одному паролю юзают свой скрытый диск, а второй пароль на случай, если придется сдаваться, но сдать обычный шифрованный диск без серьезных данных, если логи и история не сохраняется, про второй скрытый раздел никак не узнать... Чем тебе мешает скрытый раздел? Оффтоп
Последний раз редактировалось Slava; 03.02.2011 в 16:05. |
||
03.02.2011, 16:16 | #17 |
Боец
|
Fafnir, скрытый раздел не должен висеть в проводнике, на то он и скрытый... Винда то какая? Может Вашему разделу по каким то причинам система назначила букву диска, нужно убрать ее с раздела, тогда он не будет виден в проводнике.
Последний раз редактировалось Slava; 07.02.2011 в 09:09. |
Благодарности: 1 | Fafnir (17.02.2011) |
28.06.2011, 10:27 | #18 | ||||||||||||
Боец
|
Пользователя TrueCrypt арестовали из-за отказа предоставить ключ шифрования
|
||||||||||||
31.05.2014, 13:10 | #20 | ||||||||||||
Боец
|
Уведомление о закрытии проекта TrueCrypt и небезопасности приложения
Последний раз редактировалось Slava; 31.05.2014 в 13:12. |
||||||||||||
Благодарности: 2 |
Метки |
безопасность, защита данных, opensource, шифрование |
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1) | |
|
|