Schneider Blog – Encrypting Windows Hard Drives

ThreatPost - Microsoft to Support SSH in Windows

Encrypting your Windows hard drives is trivially easy; choosing which program to use is annoyingly difficult. I still use Windows — yes, I know, don’t even start — and have intimate experience with this issue.

Historically, I used PGP Disk. I used it because I knew and trusted the designers. I even used it after Symantec bought the company. But big companies are always suspect, because there are a lot of ways for governments to manipulate them.

Then, I used TrueCrypt. I used it because it was open source. But the anonymous developers weirdly abdicated in 2014 when Microsoft released Windows 8. I stuck with the program for a while, saying:

For Windows, the options are basically BitLocker, Symantec’s PGP Disk, and TrueCrypt. I choose TrueCrypt as the least bad of all the options.

But soon after that, despite the public audit of TrueCrypt, I bailed for BitLocker.

BitLocker is Microsoft’s native file encryption program. Yes, it’s from a big company. But it was designed by my colleague and friend Niels Ferguson, whom I trust. (Here’s Niels’s statement from 2006 on back doors.) It was a snap decision; much had changed since 2006. (Here I am in March speculating about an NSA back door in BitLocker.) Specifically, Microsoft made a bunch of changes in BitLocker for Windows 8, including removing something Niels designed called the “Elephant Diffuser.”

More of the Schneider blog post

About Tony Johnson

Innovative helps you balance your business requirements, service levels, staff and infrastructure to make your IT as effective as possible. Tony Johnson is Vice President of Operations at Innovative and has been helping clients optimize their IT spend and operations since 1983.

Leave a Reply

Innovative Integration can help you optimize your IT infrastructure. Request a Consultation