Re: Re: Testing whole disk encryption

[warpig8993 () yahoo com]

Here's a couple of tests - keeping in mind I would assume the largets threat to your drive is someone getting physical 
access ro it. (a physical keylogger would be the second greatest  threat)   I would do what a criminal would do if your 
laptop got into their hands and they wanted your data.    

Like them, I would pull the drive from the laptop, (I'm assuming it's a SATA laptop drive)  Use a USB to SATA adapter 
and plug it into another computer. You didn't mention of it was an NTFS volume or not so not sure if you would plug it 
into a Windows or Linux box to verify.    

Second grab a copy of Norton Ghost or Acronis and try to get an image of it. (Our experience is the MS EFS doesn't seem 
to work after imaging a disk with a EFS protected folder/file.  The ony way to get the data from the image is to have 
the DRA on hand.)   Not only can you test TrueCrypt this way but you can also test if you can recover your data from a 
backup disk image or not. 

I would also look around and see what the dark side is saying about the software - Has anybody been able to brute force 
the startup password? (if one exists) Look to see if you get a prompt to access the encrypted drive after slaveing it 
to another system.  If you get one then it's just a matter of time before your password will be guessed. The toughest 
encryption in the world wouldn't matter after that.   If I had your laptop I wouldn't work to hard to get around the 
encryption, I would do all I could to compromise the password/passphrase protecting it. 

Just my .02