[Discuss] Full disk encryption
Edward Ned Harvey
blu at nedharvey.com
Tue Jan 3 12:13:23 EST 2012
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Tom Metro
>
> What makes Microsoft BitLocker better than TrueCrypt?
Each is better in its own way.
Bitlocker is better if you're an IT person who wants to protect your
internal users from external attackers, and you want to ensure you're still
able to access the internal users' data, if the internal user goes away for
some reason. It's easy for you to deploy and control centrally, and users
don't notice it or complain about it.
Bitlocker is easier to use - No password necessary at boot time. The TPM
performs some system biometrics (checksum the BIOS, serial number, various
other magic ingredients, and only unlock the hard drive if the system has
been untampered. Therefore you are actually as secure as your OS.)
Truecrypt is better if you are a user, who cannot trust his IT people. You
want to keep the kiddie porn, the plans for the remote government's nuclear
program secret from all people, period.
> Are you using full disk encryption? If so, what tool are you using?
I am using Truecrypt on windows. Filevault on OSX Lion. Nothing on OSX
Snow Leopard. Nothing on linux.
More information about the Discuss
mailing list