I imagine most people are aware that TrueCrypt shut down mysteriously yesterday, which is funny as I just wrote about them in my previous blog entry about lessons learned from HeartBleed. There is a lot of speculation right now, and as fun as that is, we don’t know the story yet and may never fully know it. FOSS projects explode for a lot of reasons and we can’t discount government involvement either. From a practical perspective all we can do is move on and adapt. TC was easy to use, had a friendly GUI, FOSS, and Windows compatible. As for TC replacements with most of these features, lets look at the contenders.
1. 7zip. This is my current favorite for a dumb-down GUI for making encrypted files. No, it won’t make an encrypted volume, but you can simply create a .7z file with 256-AES encryption and be done with it. I find most people have this installed on their system and IT departments trust it, so there’s very little worrying about the recipient being unable to open the file. No need to have someone setup a complex gpg setup, exchange keys, etc. Just pick a nice long passphrase and make sure its at least 15 characters. The big limit here is no full disk encryption.
2. DiskCryptor. Claims to do full disk encryption. I have yet to test this but it seems to have a decent reputation.
3. AxCrypt. 128-bit AES, very easy to use. Windows only. Requires admin rights to install/run. I’ve run this a few times, typically TC was easier and better, but now it seems like a very nice option for Windows users.
4. gpg4win. Looks like someone wrote a Windows front-end for gpg. I’d love to see everyone migrate to a key-based system like gpg/pgp.
5. FreeOTFE. Can create virtual encrypted disks like TC did.
What I wouldn’t use is Bitlocker, which is what the TC site recommends. Not only do you need the Enterprise or Ultimate version of Windows for it to work, but it sends your private key to Microsoft for file restore. Sending your private key to a third-party doesn’t seem very secure to me. Nor would I continue to use an old version of TC considering the TC devs, or whoever shut down the project, claims its insecure.
If you know of anymore alternatives, please post them in the comments section.