grunge
news

TrueCrypt Full System Encryption on a Netbook

   January 2nd, 2010

For the uninitiated, TrueCrypt is a Free, Open Source, on-the-fly disk encryption software.  You can do many things with it, from Encrypting flash drive, to creating Encrypted file containers, to Full System Encryption.  I had done all except the latter and I have been wanting to try it out.  For various reasons though I had never really bothered with it, until now.

Over the holidays I picked up an Asus EeePC 1005HA Netbook

asus-1005ha

I have a 14 inch laptop with all the bells and whistles of a normal laptop, but after a while, lugging the beastly heavy thing around got to be quite old, and it got to a point where I just didn’t even bother bringing it with me any more because it was just a hassle.  I picked up the Netbook to hopefully remedy this issue.  Their small and incredibly light build will hopefully not become such a burden down the road.  While you can definitely feel the slowness of the Atom processor, you only really notice it if you’re doing a bunch of stuff at once.  If you’re just surfing the net, IM’ing, doing office stuff, you don’t really notice at all.

So now that I have my new little buddy I started thinking about security for it.  Since it’s so small and will be going with me every where, it’s also prone to growing a set of legs and walking off.  Should this occur, I want all of my personal and work related files stored on it to be completely secure.  I have used TrueCrypt for many years so I have come to trust it, and I figured this would be en excellent solution.

However, installing TrueCrypt on a Netbook presents a few hurdles, primarily due to the lack of a CD drive.  Sure, you could pick up a USB external CD drive, but what fun would that be?  I have already re-partitioned it using a USB bootable G-Parted, and used the Microsoft ISO USB DVD download utility to make a USB bootable Windows 7 flash drive, so it was my mission to go about this the same way.  When you use TrueCrypt to encrypt a system volume, it requires you to burn a TrueCrypt Emergency Boot CD, which is really a good idea because if something goes wrong you really need it.  Of course on a Netbook this isn’t an option.  So basically what happens is TrueCrypt gives you an .iso image and makes you burn it, then it verifies the disc you burned to.  At this step I got around the verify requirement by simply mounting the .iso in a Damon Tools virtual drive.  This tricked TrueCrypt in to thinking that I had burned the image.  But, this still left me with a nagging issue.  Should something go wrong, or happen to my system, I would NEED to be able to boot this image to recover my system, or face 100% data loss.  Off to Google I went, and came upon a very informative blog post at Florian Freundt’s site that outlines how to make a multi-utility USB boot drive!  What a wonderful blog entry, as I followed it’s directions and was able to successfully create a USB drive that will let me boot my TrueCrypt Rescue Image!  Not only that, but I also put my Acronis Recovery Image on it, along with Parted Magic (contains G-Parted and other useful utilities), and Ultimate Boot CD.  Plus, in the future it will be very simple to upgrade these utilities to new versions because all I’ll have to do is replace the .iso on my flash drive.  Very nice!

Once I knew I would be able to boot the TrueCrypt Rescue Image, I proceeded with the system encryption.  This went of with out a hitch, and took about 5 hours to complete the encryption.  I was a bit worried about system performance since the Atom isn’t exactly a beast, but to be honest I don’t see any real performance hit other then coming out of hibernation seems a bit slower.  I can still pop open a 3gb 720p HD Xvid encoded video file and play it full screen with no hiccups.  Firefox fires up in the same amount of time and I don’t really notice any lag.

I can now rest soundly with the knowledge that my ultra portable data is safe and secure, and should I ever need it, I can recover my partition with the TrueCrypt Utility.

truecrypt

12 Responses to “TrueCrypt Full System Encryption on a Netbook”

  1. KrAzE  Says:

    I refuse to get a smaller laptop. 18 inches is heavy but worth the lug!

    http://www.swiss-miss.com/2009/09/newspaper-laptop-sleeve.html

  2. Noone  Says:

    Good stuff, thanks for the post.

  3. Derek  Says:

    hi nick, did you encrypt the whole system with plausible deniability? i was considering whether to do that to my netbook which has a quick boot function. any suggestions?
    (i.e. http://www.truecrypt.org/docs/?s=hidden-operating-system)

  4. Nick - Author Comment:

    Yes, the whole system is encrypted, but I didn’t do the hidden OS thing, just the Full Disk Encryption.
    6 months later and I’m still running it, I have had zero issues with it! TrueCrypt is a great product, and I am still shocked it’s free.

  5. Derek  Says:

    thanks for the response, appreciate it. agreed truecrypt is really an outstanding product. alrite, gonna do the same to mine this weekend 😉

  6. radheshyam  Says:

    hello there,
    i’m in a real big trouble please help me.
    I encrypted my netbook with secure disk from securstar(dot)com .NOW the OS didn’t load so i had to install my win7 on a different partition.I installed securedisk again but it won’t read the encrypted partition.I have the password but no way to acess the partition please help.
    thanks
    radheshyam

  7. Nick - Author Comment:

    LOL, suck to be you.

  8. Seb  Says:

    « TrueCrypt is a great product, and I am still shocked it’s free »

    You can’t trust an encryption software if it’s not open source. And if it’s open source, then people will expect it’s free.

  9. calvin  Says:

    Interesting article. Thanks.

    How about performance after encrypting the netbook?

    I know a netbook is meant only for internet surfing or a bit of office work.

  10. Nick - Author Comment:

    General performance doesn’t take that big of a hit. In day-to-day use I don’t even notice it. About the only time I DO notice it though is when entering or resuming from a hibernate state. Doing either of those things takes significantly longer for sure… but I rarely use hibernate, so it doesn’t really bother me.

  11. Mark  Says:

    I have a netbook and I used Truecrypt to encrypt the system. Everything checked out and seemed fine… till I did a reboot after everything was encrypted. It failed to boot. The setup was XP with NTFS partition (full drive). HP Mini 210-1010NR. I had to format and start from scratch. This was a major hassle considering TrueCrypt never failed me in the past.

  12. Nick - Author Comment:

    Did you try using the TrueCrypt boot utility to repair the boot loader? Maybe TrueCrypt’s loader didn’t get installed properly or something?
    Weird man, that stinks though.

Leave a Response







grunge

πWhat do you think you're doing?