Ask Slashdot: Simplifying Encryption and Backup?

New submitter FuzzNugget writes "A recent catastrophic hard drive failure has caused me to ponder whether the trade-off between security and convenience with software-based OTFE is worthwhile. My setup involves an encrypted Windows installation with TrueCrypt's pre-boot authentication, in addition to having data stored in a number of TrueCrypt file containers. While it is nice to have some amount of confidence that my data is safe from prying eyes in the case of loss or theft of my laptop, this setup poses a number of significant inconveniences." Read on below; FuzzNugget lists some problems with this set-up, and seeks advice on a simpler system for backing up while keeping things locked down. FuzzNugget continues: "1. Backup images of the encrypted operating system can only be restored to the original hard drive (ie.: the drive that has failed). So, recovery from this failure requires the time-consuming process of re-installing the OS, re-installing my software and re-encrypting it. Upgrading the hard drive where both the old and new drives are still functional is not much better as it requires decryption, copying the partition(s) and re-encryption.

2. With the data being stored in large file containers, each around 100-200GB. It can be come quite burdensome to deal with these huge files all the time. It's also a particularly volatile situation, as the file container is functionally useless if it's not completely intact.

3. As much as I'd like to use this situation as an opportunity to upgrade to an SSD, use with OTFE is said to pose risks of data leaks, cause decreased performance and premature failure due to excessive write operations.

So, with that, I'm open to suggestions for alternatives. Do you use encryption for your hard drive(s)? What's your setup like and how manageable is it?"

backup orthogonal to encryption

Aka: you are doing it wrong. First think of backup: you have a machine, and you copy its contents to another drive. Ok. Easy. Now take a breath, and use OTFE for the original hard disk, and now add OTFE for the external drive/media. There. The backup has NOTHING to do with encryption. If you have forced yourself into a backup solution which requires encryption integration to the point that it only restores to a specific hardware, you are failing hard time, precisely for the reason backups are for when you don't have the original hardware.

Again, separate backup from encryption. I mean, next you will want an integrated internet/remote backup and you will cry us a river? Compartimentalize each function and then you can mix them freely.

Re:backup orthogonal to encryption

[julesh]

+1 to this. I have a setup similar to the OP's (albeit with different software) and it has no impact at all on my backups, which I take in exactly the same way as I would were the system not encrypted, i.e. they access the files using the ordinary file system API and copy them to a different location (where they are, of course, reencrypted). I suppose the decrypt-compress-reencrypt cycle involved here is a little inefficient, but it doesn't seem to be a huge issue in reality.

As for increased number of write cycles, it's all down to the software you use. If the driver will emulate an SSD and pass through the 'trim' commands, you won't see any problems. At least some OTFE packages can do this. Truecrypts docs suggest that at least some configurations will work, although it does warn that using it means attackers will be able to potentially identify empty sectors. This means its use is incompatible with hidden volumes, but nothing in OP's description suggests he was using them.

Re:backup orthogonal to encryption

[FuzzNugget]

Sorry, I could have been more clear about the crux of the matter. I *do* have multiple onsite and offsite backups which I update them regularly and religiously (I did have to spend two days reconstituting some data as my backup software had failed 5 days prior to this drive failure and not warned me ... but that issue has been resolved and is completely external to the matter at hand)

Aka: you are doing it wrong. First think of backup: you have a machine, and you copy its contents to another drive. Ok. Easy. Now take a breath, and use OTFE for the original hard disk, and now add OTFE for the external drive/media. There. The backup has NOTHING to do with encryption. If you have forced yourself into a backup solution which requires encryption integration to the point that it only restores to a specific hardware, you are failing hard time, precisely for the reason backups are for when you don't have the original hardware.

Great, I completely agree.

How?

I've done everything I can think of to create a raw, autonomous image, thinking that it was self-contained and would be portable as long as it's not reformed when moved, but apparently I was wrong. As far as I can tell, this seems to be a foible of TrueCrypt's encrypted OS feature.

Re:backup orthogonal to encryption

[Jane+Q.+Public]

(1) Make sure you are using an OS that doesn't make surreptitious copies of stuff without your knowledge. (That eliminates Windows, and for that matter most Microsoft software.) Just about all OSes keep logs, but be aware of how to clear your logs.

(2) Install a SECOND hard drive for your private data. Just data.

(3) Use full-drive encryption on that drive. You will have to enter a (preferably long) password when you log in, but that's the biggest hassle.

(4) Back up your encrypted drive. There should be little if any need to back up your OS and software.

(5) Regularly clear your logs and caches.

Alternatively, you could create large encrypted volumes on an unencrypted hard disk, and just back those up as needed. That helps eliminate backing up empty (but encrypted) space. You don't even need backup software to do this: periodically just copy your encrypted volumes to another drive.

That may seem like a hassle, but it's nowhere near the kind of hassle you are describing. I don't believe in locking myself into software that is picky about how to handle backups. These methods are robust, and really not very much trouble.

Re:backup orthogonal to encryption

Have you tried dd-ing the image of the entire drive?

Re:backup orthogonal to encryption

Errr... no, sorry, if you are backing up IMAGES of your hard disk, you are not separating backup from encryption. Backup FILES. Backing up images is useful for cases where you want to clone your machine or come back to a previous known state of the OS, but it is a brain dead approach to backup. You run out of disks matching your image and what, SOL?

Re:backup orthogonal to encryption

[silas_moeckel]

You want a backup that generally should never be a raw image. Most backup software can deal with encryption rather than trying to backup the encrypted raw data.

Re:backup orthogonal to encryption

[nabsltd]

Great, I completely agree.

How?

Install the OS to an unencrypted drive and create an image. This is easily restored (even to a different drive), and easily updated as you install more software.

Put all your data on a separate partition and encrypt that using whatever tool you want. Unless your computer has some insanely proprietary software on it, this is all that needs encryption. Whole disk encryption is usually used for cases where the supplier of the computer doesn't trust the user of the computer to be able to keep important stuff safe. This doesn't seem to be the case with you.

Back up the data using any file-based backup utility you like. The backup can be encrypted or not...either way, it should be accesible from any machine that is running the encryption software (assuming you haven't lost the password).

Re:backup orthogonal to encryption

[Spazmania]

You're just discovering this about Windows software-based disk encryption schemes? Spend the extra $50 on an FDE drive and save yourself the heartache.

Re:backup orthogonal to encryption

[AmiMoJo]

It matters of you try to ghost the OS. Unless your imaging software can mount a TrueCrypt volume it will have to copy every block verbatim, creating a much larger image file and preventing incremental backups.

Re:backup orthogonal to encryption

[nazsco]

So, if your backup is already online, let's say a vps, you would be sending everything unencrypted to the machine you can't really trust and encrypting there?

Re:backup orthogonal to encryption

[julesh]

So don't do that. There are other ways of performing backups, and recent versions of Windows are quite happy being deployed with a file level copy onto a newly formatted disk (older versions may have objected, however). Linux has always been happy with this approach.

Re:backup orthogonal to encryption

[AmiMoJo]

You can't just file copy Windows installations, the permissions will be broken. That is one reason why FAT32 is no longer supported for the boot drive. Also there are lots of symbolic links in the winsxs directory that most software can't cope with other than by duplicating masses of data.

Re:backup orthogonal to encryption

[fa2k]

The problem seems to be with system backups. It *can* be a royal pain to reinstall the OS if you have a lot of custom software and configuration. I think the submitter is wrong in that the images can only be restored on the same drive as they were taken. If this is the case, it seems to be a failure of the drive imaging software or TrueCrypt.

Re:backup orthogonal to encryption

[fa2k]

This would sacrifice some security on any OS. You could stick /tmp , /var/tmp, /home and swap on the encrypted drive, that would improve things. (I don't know if it handles well to have /var/log there, but as the parent says, logs can leak some significant information about when you were using the computer). Backup could be done at the file level.

Anyway, if you're throwing out windows anyway, and have one drive, it's fine to use full disk encryption. It is literally just a checkbox in the installer.

Re:backup orthogonal to encryption

[lsatenstein]

Aka: you are doing it wrong. First think of backup: you have a machine, and you copy its contents to another drive. Ok. Easy. Now take a breath, and use OTFE for the original hard disk, and now add OTFE for the external drive/media. There. The backup has NOTHING to do with encryption. If you have forced yourself into a backup solution which requires encryption integration to the point that it only restores to a specific hardware, you are failing hard time, precisely for the reason backups are for when you don't have the original hardware.

Again, separate backup from encryption. I mean, next you will want an integrated internet/remote backup and you will cry us a river? Compartimentalize each function and then you can mix them freely.

If you are interested, here is an explanation of software I wrote to address encrypted backups or file transmissions.
I wrpte a Linux based encryption software that I developed for backup and file transfers as well as for database field encryption. The concept is simple.

I maintain a table of keys (16 "8 byte" keys). I am using 3DES, but the concept is similar if you wish to use AES for encryption.

In the header of the encrypted file, maintain some signature to say it is your encrypted file. Then in four successive nibbles, each nibble serving as an index (counting from zero) to indicate the sequence of table entries that are needed to build the 3DES encryption/decryption/encryption keys. If using AES, the concatenation of the three (or 4 keys, if you want higher encryption sizes), creates the key to encrypt or decrypt. I also use cypher block chaining(CBC). CBC does mask repeat patterns. Here again, the CBC initial field can be an extract from another table. My file header looks like this "[Leslie]23F5" representing indexes 2,3,15 with cbc from entry 5 of another table. (counting from zero). The CBC field is from a different 16x9 table. CRC or md5sum can be used to ensure no transmission errors occurred. I was even considering basic ECC encoding to allow for correcting single bit errors. Now what is necessary is to keep the keytable copy in a "wallet" or TPM file. I also have an algorithm to generate the 16x8 hex table that is used for these keys. (Basically, no encryption table row is a duplicate of another row). I use 3DES because it is non algorithmic, and its a very lengthy trail and error exercise to determine the keys and it is used with or without the CBC. By the way, without a debugger, even I do not know how the keys are constructed or their key values. Once encryption or decryption has completed, I overwrite the control tables.

AES execution is built into the Intel hardware, and therefore speeds up the process of encrypting. It also speeds up the discovering of the encryption keys. That is why I discarded using AES. A second reason was that I wanted the smallest field that I could encrypt to be 8 characters.
One use was to provide clients with the software. Each client would receive his encryption keys. His files, when received at a host server is re-encrypted to the internal set of keys in use by the institution. The architecture is to insure that internal employees could not transfer customer A's files to customer B or internal files to other than the encryption server. Customer A would be able to decrypt his files but noother. As well, critical database fields in multiples of 8 bytes can be encrypted.

PGP was discarded as my way to use encryption, because of the way many financial institutions work. For example, a bank with 15000 customers is often required to store several weeks or generations of reports that a client may wish to receive.

If the customer loses his system and his private key, the bank would have to rerun the applications that were used to generate those reports in order to recreate them, with the exercise to generate new client public/private keys and re-encrypt files to the new keys. This would be and is horribly expensive, as a client population of 15000, always

Re:backup orthogonal to encryption

[rioki]

How about you encrypt the OS partition too? That does not change the advice for the data partitions. I for example keep true crypt volumes lying around. They are simple to manage, just copy the entire volume.

That is what I don't get for many backup solutions, unless you have a high available service to maintain, but normal users need only backup stuff that they can't restore form a different source and that is only data. The OS and programs can be "restored" in the conventional way of installing them.

Re:backup orthogonal to encryption

[rioki]

It depends on the attack and threat you are trying to anticipate. Encryption also provides some form of tamper resistance. I can patch your unencrypted OS and read all your data once you unencrypt your data. As always it depends on the use, if you have a laptop with potential sensible data, encrypting the entire thing makes sense, but remember to protect from the evil maid...

Disk encryption

I use encryption across all my desktops and laptops. On my laptops I just use dmcrypt/cryptsetup and encrypt the whole disk running ubuntu.
For storage I use my fileserver which is 1x500gb encrypted with dmcrypt for the OS and for the "storage" of the fileserver I have redundancy against failure:
LVM with 2x 1TB sata disks. The LVM has both physical volumes as seperate "mirror" slices (encrypt 1 disk, add a mirror disk). The total usable storage is around 790 GB but I already had one disk fail and I could simply "mount" my data without one disk being present & rebuild the LVM mirror using a new disk! Secure & reliable!

The only issue I have not been able to solve in this setup is if/when one disk fails, your data is only available read-only because the lvm-mirror is only "partial" and physical volumes are missing. If anybody knows a solution for that, please comment. This was just a temporary issue though, as soon as a new disk was added and the mirror rebuilt, all was back to normal.

Re:Disk encryption

[kwark]

"The only issue I have not been able to solve in this setup is if/when one disk fails, your data is only available read-only because the lvm-mirror is only "partial" and physical volumes are missing. If anybody knows a solution for that, please comment."

You could have used lvm on md. Disks fail all the time, I wouldn't risk my data on a setup that fails if 2 disks fail "at the same time". But the good news is that you still can switch: remove one disk, setup a raid1 with 1 missing, sync, add other disk to raid1. This setup can be "expanded" to raid 5 or raid 6 if you can add disks.

Re:Disk encryption

[Lawrence_Bird]

you are not backing up your data. Let me make it easy for you. What happens when a file becomes corrupted? What happens to your "mirror" copy? Does it too become corrupted? If so, you might want to reconsider and start making real backups.

Re:Disk encryption

[preflex]

The problem is that you're using LVM. ZFS can do this just fine (unless you're using windows).

You didn't say what you're using, but the Ubuntu PPA is here.

Generic source at http://zfsonlinux.org/

Re:Disk encryption

[nullchar]

Software raid via mdadm is a good option. Setup a raid 1 or 1+0 md device for your two disks. E.g. /dev/md1 = raid1 of /dev/sda1 + /dev/sdb1. Now format and use the /dev/md1 partition as full disk encryption, or a truecrypt container with ext4 inside, whatever you like. Now when one disk dies, mdadm emails you, and you can still read/write to the array (where only one disk is active).

I tend to partition and max out the available space on every drive, so LVM is an unnecessary layer for me.

You still need backup for file corruption, accidental deletion, or when both drives fail at the same time.

Re:Disk encryption

[nullchar]

See comment to your original post: http://ask.slashdot.org/comments.pl?sid=3575755&cid=43283631

Linux Full-Disk Encryption and Windows VM

Then you take snapshots for a full-system backup. This may not work for your use. Perhaps try a Seagate encrypted hard drive.

Disk encryption

[MaxDollarCash]

I use encryption across all my desktops and laptops. On my laptops I just use dmcrypt/cryptsetup and encrypt the whole disk running ubuntu. For storage I use my fileserver which is 1x500gb encrypted with dmcrypt for the OS and for the "storage" of the fileserver I have redundancy against failure: LVM with 2x 1TB sata disks. The LVM has both physical volumes as seperate "mirror" slices (encrypt 1 disk, add a mirror disk). The total usable storage is around 790 GB but I already had one disk fail and I could simply "mount" my data without one disk being present & rebuild the LVM mirror using a new disk! Secure & reliable! The only issue I have not been able to solve in this setup is if/when one disk fails, your data is only available read-only because the lvm-mirror is only "partial" and physical volumes are missing. If anybody knows a solution for that, please comment. This was just a temporary issue though, as soon as a new disk was added and the mirror rebuilt, all was back to normal.

Does Windows do this?

[ColdWetDog]

On OS X, you can easily create bootable images of drives using programs like SuperDuper! and Carbon Copy Cloner (stupid names). You can encrypt these files, put them on various types of drives and OS X can boot off of USB and FireWire drives which makes backups and restores pretty easy.

OS X also allows for encrypted sparseimages (folders) that can be stored on Dropbox or similar. Between the two concepts, I avoid the hassle of whole drive encryption and just worry about encrypting some of my data.

I would think that Windows would have similar functionality - mostly the ability to create bootable backup drives - is this not so?

Re:Does Windows do this?

If a windows user has a TPM chip, bitlocker is a great option. I think with Windows 8 it has optimizations for SSD drives.

Onto backups, I use this built in command on Windows 7/8

WBAdmin.exe -Allcritical -backupTarget e:\backups\

While it is not bootable, You can boot from a windows install CD or recovery key and just apply it. You don't need to re install the OS first. It does not even have to be the same hardware. We use this to replace hard drives or move users to new computers. We still have to update drivers but that's expected.

I also have to agree with the other comments about separating backups and encryption. If you have your backups on something encrypted, you can mount that volume and just use it.

What problem are you trying to solves?

[bill_mcgonigle]

aside: "OFTE" seems to stand for "On The Fly Encryption" - an initialism I hadn't heard used by IT folks before ... but anyway....

Why aren't you backing up your files from one encrypted volume to another, at the file level? It sounds like you're doing block level backups of your container files. Do you not trust your backup computer to have those volumes open and decrypted at backup time? Dealing with block-level diffs isn't an easy way to approach the problem, but you could look at mirroring a copy-on-write filesystem, or a dedicated backup application that does its own block diffs and maps for incrementals.

I use LUKS on linux for my backups, and then the backup drives go offsite. But the backup computer is allowed to access the files while the backup is running - which isn't a problem for the risks I'm trying to defend against. If you can't trust your backup computer, another approach is to run Windows as a VM and handle your backups with linux, which has a lower intrusion rate.

Re:What problem are you trying to solves?

[Jane+Q.+Public]

"Why aren't you backing up your files from one encrypted volume to another, at the file level?"

That's probably a better suggesting than mine, if you want full-disk encryption. Just enable both disks, and copy your files over.

My suggestion (to keep from backing up the whole disk, that is) was to make several large encrypted volumes (files) using something like TrueCrypt, and then copying them... but you still end up backing up blank space.

I agree, it would be better to use two or more fully encrypted disks and just copy your files.

I cringe at the mere thought of encrypting my whole main drive, OS and all. Bleaaggghhh! But if you don't, you have to clear your logs once in a while.

Re:What problem are you trying to solves?

RTFS. He wants to backup and encrypt not only his files but also his OS installation and all the programs he has installed on it, which makes sense as installing all that crap manually can be a pain. That is not even considering serials and stupid x-strikes DRM schemes.

Restoring images can also be a pain when dealing with different hardware, small harddrives and other issues. I can imagine the pain grows exponentially once you add in encryption. I too would love some good ideas for this problem.

Re:What problem are you trying to solves?

[AliasMarlowe]

He wants to backup and encrypt not only his files but also his OS installation and all the programs he has installed on it, which makes sense as installing all that crap manually can be a pain. That is not even considering serials and stupid x-strikes DRM schemes.

So he should also record the MAC on each network adapter, and the serial number of each drive (or at least on his Windows partition). There are many licensing schemes which still rely on one or other of these being invariant. The replacement system would have to fake them convincingly enough.

Re:What problem are you trying to solves?

[bill_mcgonigle]

It's no different - you back up the files to the encrypted volume at the file level. If you're stuck on Windows there are some special files/locations (I think, still?) but Windows backup utilities know how to deal with this. I was using Ghost from a DOS image to do file-level backups of NTFS volumes in the 90's. Re-validating the restore on the new hardware under the Windows Genuine regime is the harder problem (but there are tools for that too).

With a linux machine, none of these problems are relevant - installing grub to the hard drive is the only part that takes some non-obvious knowledge.

Re:What problem are you trying to solves?

[bill_mcgonigle]

I cringe at the mere thought of encrypting my whole main drive, OS and all. Bleaaggghhh! But if you don't, you have to clear your logs once in a while.

Yeah, if you're not encrypting your swapfile or temp space, you should make sure your laptop is never stolen or seized. :)

Even at that, with automatic bad block reallocation, fixing it after the fact isn't good enough for the highest level security.

Re:What problem are you trying to solves?

[imsabbel]

> I cringe at the mere thought of encrypting my whole main drive, OS and all. Bleaaggghhh! But if you don't, you have to clear your logs once in a while.

Why exactly?

With Truecrypt, I have >>1GB/s possible throughput, so even saturated SATA-6 from an SSD will not be limited by CPU power - hell, 1 or 2 cores are not in use anyway, nearly all of the time.

And defect sectors or other snafus? Well, if a 4k block is dead, it does not matter if it was encrypted or not. Its not like the whole thing breaks down...

Re:What problem are you trying to solves?

[Jane+Q.+Public]

"Even at that, with automatic bad block reallocation, fixing it after the fact isn't good enough for the highest level security."

True. But the cost of the "highest" level, in convenience and reliability, is pretty high as well. Most people would do fine simply encrypting their data, and clearing their logs and unused drive space once in a while.

Re:What problem are you trying to solves?

[Jane+Q.+Public]

"Why exactly?

With Truecrypt, I have >>1GB/s possible throughput, so even saturated SATA-6 from an SSD will not be limited by CPU power - hell, 1 or 2 cores are not in use anyway, nearly all of the time."

I will remind you of the situation that started this whole thread. If anything DOES go wrong, good luck getting it back.

Whereas if you encrypt your data, but not your OS, you may not be getting the highest security it is possible to get but it's still pretty damned good and far more fault-tolerant.

It also means all you have to do for backup is copy your files. No backing up of empty drive space, and no losing the time it takes to do so. Heck, you can double or even quadruple or more the number of backups you could get per volume of storage media, depending on how much free space you have on your drive.

Re:What problem are you trying to solves?

This is what I was thinking. Just rsync between two encrypted machines. Hell run an ssh socket between them. Your are screwed anyways if the machines are on and they know what they are doing.

Re:What problem are you trying to solves?

"I will remind you of the situation that started this whole thread. If anything DOES go wrong, good luck getting it back.

Whereas if you encrypt your data, but not your OS, you may not be getting the highest security it is possible to get but it's still pretty damned good and far more fault-tolerant. "

What kind of BS is this? There is no difference in recovering from full encryption of partial encryption, start by making backups of your keys.
Second make sure you have some means to access the disk in a readonly way, booting from usb/cd or connecting the disk to an other machine. You might even leave some free space on the disk to temporary install a recovery OS.

Re:What problem are you trying to solves?

[Jane+Q.+Public]

"What kind of BS is this? There is no difference in recovering from full encryption of partial encryption, start by making backups of your keys."

Try telling that to OP. His story contradicts this idea.

If he has a drive failure, his backup is USELESS.

Re:What problem are you trying to solves?

[peawormsworth]

I cringe at the mere thought of encrypting my whole main drive, OS and all. Bleaaggghhh! But if you don't, you have to clear your logs once in a while.

Maybe thats because your operating system doesnt make it easy for you to do. Ive been using full LUKS AES 512 encryption on linux for several years on multiple computers including work computers. I have never had an issue with Full encryption being an issue. Its way easier then having partial encryption such as encfs user account encryption... which has posed some issues for our admins during automated backup situations.

Full disk encryption is a much better solution because the user is not required to remember where encryption is applied when moving private resources around the system. Furthermore, there is no reason to worry about where applications may be temporarily storing data and logs outside your user control and knowledge. Its just way easier to know that when your computer is shut off, all the data and operating system and logs and applications and everything is equally protected by strong encryption.

Re:What problem are you trying to solves?

[peawormsworth]

"Even at that, with automatic bad block reallocation, fixing it after the fact isn't good enough for the highest level security."

True. But the cost of the "highest" level, in convenience and reliability, is pretty high as well. Most people would do fine simply encrypting their data, and clearing their logs and unused drive space once in a while.

Wrong. Most people dont do the daily things they need to be doing for security until after they realize they have been comprimised or they lost their laptop or similar security breach. The simplest approach is the one you dont need to think about and requires the least number of steps from a user perspective. That is: full disk encryption.

Backup or Imaging?

From your description you seem to do imaging of whole disks instead of backup of files.

1. Why can't you restore the still encrypted image on a new (same size or bigger) disk? As long as you image the whole disk (including the truecrypt boot loader) and not only partitions it should work. I've done it successfully from a disk with some bad sectors to a new disk with dd-rescue. If after restoring you want to resize the partitions to use the whole bigger drive you probably have to decrypt before resizing.

2. Are you using TC containers on an already encrypted drive? Why?

3. not sure, but I think if you use the ssd with full disk encryption from the start remapped sectors will always contain encrypted data. No idea about performance and endurance.

Re:Backup or Imaging?

[dmbasso]

2. Are you using TC containers on an already encrypted drive? Why?

He's into really really really hardcore porn... squirrels, peach pips, shaving foam... I'm sure you know what I mean!

Re:Backup or Imaging?

[FuzzNugget]

1. Why can't you restore the still encrypted image on a new (same size or bigger) disk? As long as you image the whole disk (including the truecrypt boot loader) and not only partitions it should work.

If I imaged the entire drive, it would take many hours each time. I image only the OS partition, for the sake of restoring in case of malware infection or other bad software that I want to rid completely. And I have restored it many times for this purpose.

I have tried restoring the image to a new drive and subsequently restored the TrueCrypt bootloader, key data / volume header and, as a last resort, decrypting the volume after restoring it from an image. It wouldn't boot after any of these things. After decryption, gparted still couldn't identify or mount the partition.

2. Are you using TC containers on an already encrypted drive? Why?

I have not encrypted the entire drive. The setup is like:
[Windows 7 encrypted OS] [unencrypted partition with autonomous encrypted file containers / VHDs]

I do it this way because file containers are more portable than encrypting the entire drive or entire data partitions.

Re:Backup or Imaging?

[SScorpio]

What backup software are you using that requires imaging the whole drive with every backup? You will need to do a single full backup for the initial backup, and then only changes are synced over on whatever backup schedule you do, I have my backups setup to do the incrementals daily. You would then configure your backup software how it you want it to keep data, maybe keep the first of the month snapshot for three months, with a yearly that rotates out every other year.

TrueCrypt encrypting a drive has no effect on the backup process. You're running Windows 7 and backups in Windows will use Volume Shadow Copy which access the drive after TrueCrypt decrypts it. For example you fully encrypt your system partition, after booting into Windows you create a backup of the drive. You restore the backup to another drive. The restored backup will not be encrypted. You might be able to find some software that would do a low level raw read of an HDD and backup each sector, but that's horribly inefficient in both backup speed, and required amount of storage for each backup.

LUKS and LVM2

[devent]

I'm using LUKS encryption and LVM2 on my Linux Desktop and there are no problems.

I don't see the point to encrypt the system partition because there is no private data on it. I just encrypt my home partition.
Backup and restore I have multiple possibilities: just use dd and copy the whole partition, use rsync or rsync-backup to backup the files. To store my backups I have created a cheap software RAID10 with external USB hard disks: https://www.anr-institute.com/projects/projects/raid-10-usb-2-5zoll-extern/wiki
With the RAID I have some security of the data in case of driver failure and I can just add more disks if I need more space.

If I have a new computer I can just install a new os (takes about 20 minutes) and copy the home partition.

Re:LUKS and LVM2

Not sure about Linux but Windows leaks data in temporary files all over the place. Only solution is to use full disk encryption. On linux I would at least make sure that /tmp and swap are zeroed on shutdown/reboot.

Re:LUKS and LVM2

[julesh]

I don't see the point to encrypt the system partition because there is no private data on it. I just encrypt my home partition.

On Windows it is actually incredibly difficult to set up system and home to be on separate partitions. It can be done, but it means either using a hacked installer to make changes to the registry before users are created or messing around with symlinks after the users are created - plus i've heard reports of common software misbehaving after it has been done. It is therefore highly unlikely that this is a realistic option for OP.

Re:LUKS and LVM2

[julesh]

On linux I would at least make sure that /tmp and swap are zeroed on shutdown/reboot.

Zeroing is over the top -- encrypt them with a key that is generated randomly at each boot.

Re:LUKS and LVM2

[0123456]

On linux I would at least make sure that /tmp and swap are zeroed on shutdown/reboot.

Ubuntu, at least, encrypts the swap partition with a random key (possibly only if you have home directory encryption enabled?). And, unless you're low on RAM, /tmp should probably be a RAM disk.

Re:LUKS and LVM2

[Gothmolly]

You fail at RAID. You should have used far copies.

Re:LUKS and LVM2

[devent]

I beg your pardon? "far copies"?

Re:LUKS and LVM2

why do we still use lvm?

don't get me wrong, it's really useful for a lot of things, but in desktops, where there's more chance of losing power?

lvm does not really sync on fsync(), unles you tell it to, and then end up committing whole 4mb chunks... goodbye speed...

nope, no reason for lvm on desktops...

Re:LUKS and LVM2

[SScorpio]

I've kept my system drive and "home" separate on Windows since I've used XP over ten years ago.

The process I used in XP, Vista, 7 and 8 is as follows.
1) Install Windows with only one drive connected to make sure bootldr is on the system drive.
2) During installation, setup a temporary throw away administrative account.
3) Connect another other hard drives to your system and boot into the throw away account
4) Setup the drive / partition you want to have user data on. I recommend creating a root "Documents and Settings" or "Users" folder but you can call it whatever you want, and place it anywhere you want.
5) Open regedit and modify the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList - Change the ProfilesDirectory key from "%SystemDrive%\Users" to "d:\Users" or where you want user data to go.
6) Create a new administrator account that you will keep.
7) Log out of the throw away account and into your new main account. Your "home" directory will be placed under D:\Users\username or where ever you setup for key.
8) Delete the throw away account, and delete user files for it.

This process keeps the Default and Public user folders on the C: drive, but it is possible to move them and modify the registry keys for them in the same location as the ProfilesDirectory key if you want. I never have anything under them so I leave them on the system drive.

I've never ran into any software that doesn't behave correctly while having my user data on a secondary partition. Other instructions to move a user directory have you changing the path in multiple keys in the registry. This method causes the user account to be setup with all of the paths already pointing to the desired location.

Re:LUKS and LVM2

[MightyMartian]

It depends on how important encrypting all critical data is. In particular leaving your swap file/partition unencrypted could allow someone to gain some access to sensitive data.

Re:LUKS and LVM2

[Chris+Mattern]

Zeroing in that manner is also not secure--an opponent could get a lovely picture of them by simply yanking power and transferring the disks. Encrypting them (with a random key, if you like) prevents this.

Re:LUKS and LVM2

[Chris+Mattern]

And, unless you're low on RAM, /tmp should probably be a RAM disk.

One would think so, but somehow the only Unix I've ever seen that does this without custom configuration seems to be Solaris.

Re:LUKS and LVM2

I've kept my system drive and "home" separate on Windows since I've used XP over ten years ago.

I do the exact same thing. I boot into a fresh install with a temp Admin account, change the Profile folder to E:\Files, create a new Admin account, get rid of the old account and clean up the profile folder on the C: drive for the old account. I also install all of my programs, that give me the option, on a D: volume. C: is purely reserved for the OS and drivers. This makes it much easier for backups, migrations, and finding data files.

As for encryption, so far I only use truecrypt when storing files on Google Drive. I don't use encryption on my desktop, laptop, or tablet. My laptop and tablet are basically used when I am traveling, so only vacation photos and encrypted passwords are stored and then removed once I get home. Only my desktop has important data on it that might need protection.

The biggest problem with disk encryption is that, in the past, it hasn't been user friendly and it adds processing overhead. Perhaps it's gotten better and its time to take another look...

Re:LUKS and LVM2

On linux I would at least make sure that /tmp and swap are zeroed on shutdown/reboot.

Zeroing is over the top -- encrypt them with a key that is generated randomly at each boot.

This is the solution I have deployed on my Debian GNU/Linux servers for swap and /tmp.

Re:LUKS and LVM2

[arth1]

On many if not most Linux systems nowadays, /tmp is tmpfs and RAM, so it is always cleared on reboot, unless you elect to save it to disk during shutdown and restore it at startup. /var/tmp, on the other hand, is usually on disk. But few people (or apps) use it, and the distro usually has an option for clearing it on reboot.

It will usually suffice to encrypt /home and /var. That takes care of mail spools too, as well as proxy caches and logs. If you store keys under /etc, you might want to create symlinks to an encrypted partition for those.

Re:LUKS and LVM2

On Windows it is actually incredibly difficult to set up system and home to be on separate partitions. It can be done, but it means either using a hacked installer to make changes to the registry before users are created or messing around with symlinks after the users are created - plus i've heard reports of common software misbehaving after it has been done. It is therefore highly unlikely that this is a realistic option for OP.

Like SScorppio, I've been doing this since XP. It's not at all difficult, even with badly-coded software with hard-coded directories.

No "hacking" required, just creating a config file for Windows to use during installation, which you can do during the installation process itself: http://www.sevenforums.com/tutorials/18629-user-folders-change-default-location.html

Changing an existing installation is more tedious, and involves using symlinks, but not "incredibly difficult", especially to the average /. user.

Re:LUKS and LVM2

[peawormsworth]

I'm using LUKS encryption and LVM2 on my Linux Desktop and there are no problems.

I don't see the point to encrypt the system partition because there is no private data on it. I just encrypt my home partition..

You really should change to full disk encryption. There is all kinds of private data under other directories on linux. For example, all your wifi passwords are likely under the /etc directory. Not to mention the bounty of information stored in /var. If the machine you are trying to protect is a laptop, you should switch to full encryption of everything but /boot partition.

Re:LUKS and LVM2

[peawormsworth]

With the RAID I have some security of the data in case of driver failure and I can just add more disks if I need more space.

I never understood why the RAID community rejects the RAID mirror option as a backup solution. I tested RAID mirror by installing a linux system onto two disk... then simply removed the 2nd disk and worked on a single disk RAID mirror minus the mirror. Later when I wanted to do a full backup... I just connected a 2nd disk of equal or greater size to say the USB port and requested RAID to use this as my mirror. I would first mount the 2nd disk as a LUKS device so the "backup" would be encrypted. Then I let RAID do its thing for the next couple hours, while the computer remained usable... although slowed slightly due to the mirroring occurring. Once complete... I just unplug the USB drive and it is effectively a full system backup. I tested this by booting from the mirror drive and it seemed all was fine. And the backup was ready for me to plug in a new drive to complete the mirror again and create new backups from this one. Seems like the simplest full backup system possible with absolutely no down time.

I am not a RAID expert tho... Im sure I will get slammed by RAID experts saying Im abusing what RAID is all about. All I know is that it works and provides full encrypted backup solutions with no down time.

Re:LUKS and LVM2

[Inda]

Neat.

Not sure about the registry stuff though. I think I remember moving the user file folders on someone's PC and it can be done in a GUI.

Right click My Docs > target folder destination ?????? or something like that.

Re:LUKS and LVM2

[SScorpio]

That just moves the MyDocs folder. There are more folders than that, and not all of them have a GUI set target folder option. My method has all files and folders with the account on the new drive.

Point 2 is wrong

OP says "the file container is functionally useless if it's not completely intact".

This is wrong. If there's an error in a container, it just affects the 1 file that the error is on.

Every other file in the container is ok.

Re:Point 2 is wrong

[FuzzNugget]

Yes, that interpretation is correct. If there is simple file system corruption inside the container, then, yes, it only affects the specific individual contained files and the rest are fine.

But what I actually meant is: if there is some baser level corruption on the disk or file system corruption *outside* of the container (ie.: on the partition in which the container resides) that causes the container itself to become unreadable by TrueCrypt, all the files contained within are inaccessible.

Basically, the problem is that adding a layer of security also adds a layer of instability.

Huh?

[brit74]

> "Do you use encryption for your hard drive(s)? What's your setup like and how manageable is it?"

I have two backup drives, placed in different locations so that, even if my house burns down, I still have the data. I encrypt my data. My data is not tied to a specific hard drive. It's just a bunch of files in a TrueCrypt container (either encrypting the whole drive or an encrypted file container). I can go in and access/move/delete/rename any files when I need to - from any computer the backup drive is attached to, as long as I have TrueCrypt running and have punched in the password.

"Backup images of the encrypted operating system can only be restored to the original hard drive (ie.: the drive that has failed)." What? That seems complicated if you lose your hard drive. Treat your encrypted backup as a bunch of files.

Re:Well...

1) Not all illegal stuff is immoral stuff.

2) If it's personal, private stuff, don't encrypt? That's just dumb.

3) Junk premise and answer.

4) Also, company data that can't get into the open.

Re:Well...

ans to 2 is why? private is private and provided you use proper security on access controls all is hunky dory

I would encrypt all easily stolen/lost devices like laptops, tablets and smart phones.

Re:Well...

[brit74]

"2) Private stuff. ans to 2 is why? private is private and provided you use proper security on access controls all is hunky dory"

What do you mean by "proper security on access controls"? Do you mean encrypting individual files or folders depending on their contents (e.g. if you store your tax returns on your computer)? Out of convenience and avoiding the hassle of figuring out exactly which files I need to encrypt, I can just encrypt the whole thing and be done with it.

OTFE and SSDs

Can't say I've any experience, but the kind of things you mention seem to be a potential factor for any encryption technique.

The primary problem being wear-leveling which the drive will manage through the trim command. By using Trim the drive knows which blocks are unused and can logically remap blocks on write to ensure even usage across the drive.

If this isn't enabled, then your SSD life will suffer due to uneven wear on the drive - this isn't OFTE causing increasing writes, it's excessive writes to a single area of the disk caused by not letting the drive manage wear leveling.

If it is enabled, then data isn't overwritten, so someone maybe able to access blocks of data (possibly from before when encryption was applied), and in the worst case the "root" block containing encryption key information protected by previously compromised credentials, which wasn't overwritten when you updated credentials - thus allowing an attacker another attack point. These are also possible for not OTFE setups. Also being enabled some sort of profiling of disk usage could be made which could help uncover hidden volumes etc.

Truecrypt seems to pass trim commands through, so using on an SSD compromises security for a couple of specific attacks, do you care about those attacks?

In fact truecrypt have documentation on these issues:
http://www.truecrypt.org/docs/?s=wear-leveling
http://www.truecrypt.org/docs/?s=trim-operation

Linux

[magic+maverick+]

Here's the thing, encryption and backups are two separate things. I once didn't encrypt, nor did I backup. I then accidentally deleted some very important things. Whoops. I then started backing up (and taking greater care with the command line). I then got paranoid and started encrypting stuff using the built in encrypting stuff that comes with Ubuntu (and Debian and similar). Backups were still going to an unencrypted external HD though. So then I started using the built in encryption thing for that too.

And then I started using DejaDup (GUI front end to Duplicity) instead of my home rolled rsync based script. And it does backups the correct way.

So, my suggestions:
1) Use a Linux based OS, such as Ubuntu. Encryption comes free. If you have some stuff that needs M$ Windoze you can run it in a VM.
2) Forget about your OS and programs. Your data is number 1!
3) Don't backup huge encrypted containers. Mount them, and then backup the contents (to another encrypted location).

Re:Linux

1) Use a Linux based OS, such as Ubuntu. Encryption comes free. If you have some stuff that needs M$ Windoze you can run it in a VM.

You sound like a 10 year old. Over 90% of home users run MS Windows. He was asking for a solution for his setup, which clearly involves Windows. Get over yourself...

Re:Linux

[kwark]

"3) Don't backup huge encrypted containers. Mount them, and then backup the contents (to another encrypted location)."

Or don't use containers but a filebased encryptions scheme (like encfs).

Re:Linux

Encryption comes for free on Windows (since at least XP) and OS X as well. Linux is not special in this regard.

Re:Linux

Lolz. What 10 yr olds care about M$ Windoze? The solution is obviously fuck M$ Windoze and go with a real OS. With proper built in encryption tools, instead of TrueCrypt which is a hack to make Windoze encrypted.

Re:Linux

"Encryption comes for free on Windows (since at least XP)"

Only for specific versions of XP: http://support.microsoft.com/kb/308989

Re:Linux

[geminidomino]

"M$ Windoze?"

Jesus, I think this *post* is ten years old.

It must have gotten clogged in the queue or something.

Re:Linux

Or don't use containers but a filebased encryptions scheme (like encfs).

That's how I prefer to do it: EncFS for a data directory that I then back up with an online service (SpiderOak*). As a bonus, because it works within a filesystem, it retains all features of that filesystem, so it should work well even on FAT or NTFS filesystems.

There's also a Windows port that I didn't know existed until I searched just now: encfs4win

* SpiderOak claims everything is encrypted and they can't decrypt the data, but this way I know they can't.

Re:Linux

[Burz]

GP is spot-on though. Upgrading to Windows Ultimate to get full-disk encryption is an expensive proposition. One might as well buy a Mac...

Re:Linux

[peawormsworth]

I havent used spider oak, but i here it is a good solution. Also I think Lacie has a good remote storage solution where the data is encrypted in a way which prevents "them" (their system administors) from access ur data in an unencrypted format. Many people use dropbox without realizing that the encryption keys are stored by the service, meaning that your data can be decrypted and sent to 3rd parties without ur knowledge.

Anyhow... I just wanted to mention that encfs stores the passphrase protected master key along with the data directory in a file like .encfs.xml or similar name. This means that if anyone gets your encfs files the effort involved to decrypt your data is made much easier by brute force (depending on the strength of your passphrase selected). You can instruct encfs to keep this file in an alternate location, but this is not the default. This may not be a concern for you if spider oak really is not keeping any copy of the keys for your remotely stored data. But for those doing this on solutions like dropbox... your security is greatly reduced.

Re:Well...

[Anonymous+Brave+Guy]

private is private and provided you use proper security on access controls all is hunky dory

If your data is stored unencrypted, and your physical security can't guarantee to prevent hostile access to storage devices, then you don't really have any access control at all.

Re:Well...

[JamesTRexx]

I think your answers are wrong.

1) All the more reason to encrypt stuff, although it would take more than that.
2) Protect your privacy in the case of hardware getting stolen.
3) Because you can is a very good reason (see #2).

I'm looking into adding this extra layer of protection to laptops and external disks for our customers as an option.

Your comment is so epically stupid.....

[guevera]

...that it almost becomes a work of art. I want to just sit and admire it and try and tease out the nuances of idiocy and subtle details or inanity that lurk within the depths of its stupidity, in hopes that I'll reach some new plateau of understanding as I gain insight into the essential nature of the moron of the species.

alas, time is short, so I'll have to return another time to bask in the aura of this commentator's ignorance.

Thumbdrives

[macbeth66]

No data, important or confidential data, resides on any system drive, including smartphones. It gets written to a thumbdrive. Stuff like music and video is just backed up the usual way with the system up and running. The thumbdrives reside in a safe, along with the wallet and other hard to replace stuff. And I rotate the stuff out to another site. It all just became a habit as I found things that worked.

What OS? try Crashplan + FDE not images.

[goombah99]

He doesn't say what OS he is using. If he is not using a mac I would reccomend a combination of full disk encyption on the local machine and use crashplan (java application) to back up an incremental set of encrypted backups. Crashplan works very well and is very reliable in my experience. (It's only problem is the bloat java program tend to do when they have been running for a long time.)

  If he is using Mac OS then since 10.7 it is possible to manage encrypted disk backup most easily with the tools apple provides built in to the OS. The way it works is that you use Full disk encryption. After you boot the disk is readable by the OS. The OS then runs the backup system (Time Machine). If you use time machine you can set it to encrypt the backups. These backups can be done to a remote OSX drive and still use encryption regardless of whether the remote drive itself is Full Disk Encrypted. (That is Time machine manages the backup as an encrypted disk image).

The FDE on the Mac is accelerated with special decryption Intel Chip ops so there's no measurable speed decrease even when using an SSD, thus it does not need a special hardware encryption disk. It behaves just like a non-encrypted disk from the point of view of every program trying to access it.

That is to say FDE is preferable to the old style of OSX encryption that used encrypted disk images. With those the problems you list were all manifest (no incremental backups, catastrophic loss of all data from image corruption, and brittel behaviour of apps that expect their paths to be valid at all time regardless of the mount state of the image).

Imaging + Encryption

[heypete]

On Windows, I prefer to use Acronis software for imaging and TrueCrypt for encryption.

Since the TrueCrypt operations happen at a low level that's transparent to Windows and other applications that interact with the disk, once I enter the pre-boot password for TrueCrypt and load Windows I can interact with the disk as if it were not encrypted: by making images with Acronis after Windows has booted, Acronis sees the disk as a standard NTFS drive. I can save the image of the unencrypted contents of the disk to some sort of secure backup media.

The backup media may be encrypted on its own, or I could use the encryption mechanisms built into Acronis to protect the image files. If I were use Acronis bootable media and try imaging the disk, I'd only get an image of the encrypted data -- by booting into Windows first I can make an image of the unencrypted contents of the disk.

If the encrypted drive were to ever fail I could write the image back to a new drive sans encryption. This also allows me more flexibility in regards to resizing the filesystem to new disks: since I took the image of the unencrypted contents of the disk I can resize the filesystem to a new disk. If I had encrypted the raw disk itself then I would not have this option. After restoring, I can then encrypt-in-place using TrueCrypt to secure the new drive.

As for the encrypted containers, mount them and back up their contents.

Re:Imaging + Encryption

[colablizzard]

Have you successfully tried restoring your acronis backup? I have been "almost" burned by my backup software (not acronis) not understanding such underlying low level changes (such as encryption). The software only complained when I tried restoring!!

Re:Imaging + Encryption

I have been burnt by backup software... Anything by Symantec or Computer Associates for example.
Acronis TrueImage works.. I've used it for backup, non-stop backup, P2V, and occasionally actual system recovery.

The *only* annoyance is that they keep changing the container format. Once upon a time VMware could boot an
Acronis TrueImage backup... I wish they would get together and make this so again. Acronis doesn't even support
TIB to VMDK conversion. It does VHD (old version) which is almost good enough.

Re:Imaging + Encryption

[nosfucious]

Backup is good.

Backup and verified restore is better.

You can take 1,000 backups but unless you've verified that you can do a restore from a random backup, what you have is just a bunch of bits in a safe location. If you use tapes or WORM media, you need to check they are readable on another tape drive or reader. You need to check that can can do a restore from bare metal, preferably another box. Also, check you can do the restore WITHOUT internet connectivity. That migh mean manually recording licence codes and install media also off site. And potentially patches for both operating system and backup/restore software.

Backup systems are a special case under Murphy's law. For backups read it as "It will go wrong".

My solution

[Okian+Warrior]

My solution is to only encrypt the data, and then only encrypt the data that needs encryption.

I partition the hard drive into system and "user" disks, then make sure that I always save data/do projects on the user disk. That reduces the encryption/backup load immensely. No need to make a backup of the installed programs, or the system executables, or my installed libraries, or browser plugins, or anything like that.

I do monthly backups, but for each project I have a "work" abbreviation that changes directory to the right place and sets everything up for me. (Ie - I type "AIWork" as a command and it cd's to the right directory, adds things to the PATH and LIBS vars, starts emacs, and spawns a remote data display server. Another command "WebWork" is similar, but with different actions.)

Each of these calls a backup routine that makes a copy of the working directory as a first step. Before AIWork is complete, everything in that directory is copied to a disk on another machine. Hard disk failures sometimes happen for electrical reasons, so you should always make copies to a machine with different electrics. (The backup routine knows not to copy non-critical file types, such as .o files)

The backups are file copy operations - if I mess up a file, I only need to navigate to the saved version and grab this morning's copy.

For secret-decoder-ring work I have a TrueCrypt partition in a file that's 1GB long - plenty of space for source files and written documents, but small enough to make a backup of the partition file itself on any day I choose to work on such a project. A little harder to recover trashed files (I have to unencrypt the saved backup before copying things out), but still secure. (Note: I increased this to 2GB just recently. Time marches on!)

Another advantage of this is that the encrypted things are not as prominent in my system. A border crossing ape can ask me to boot my system and log in, and a cursory scan won't show anything unusual. He would have to find the TrueCrypt partition file, recognize it for what it is, and ask me to boot it up. That's assuming that it's even there; it's so small I never carry it physically across the border.

I know this is elaborate, but most of it is done for convenience. There's probably more elegant solutions people will recommend, some open source one-size-fits-all cloud-based workspace management system I'm not using, but it's simple and it works for me. Also, like a 1960's Chevrolet, it's easy to repair and maintain.

FUD in disguise

Intelligence agencies do NOT want you using Truecrypt. So Slashdot obliges with a carefully constructed attack against Truecrypt that is designed to encourage betas to seriously consider the commercial options that always contain back-doors.

You see the same thing in nonsense reports that tell you intelligence agencies have the ability to recover properly erased files, or files from smashed hard-drives. Slashdot frequently promotes stories suggesting that smashing platters or properly erasing files is a waste of time. Each story is carefully created to lower the likelihood of people in general using proper security protocols.

What do hard-drive failures and encryption security have to do with one another? Absolutely NOTHING. Why would someone wish you to conflate the two things in your mind?

Simple bit errors in Truecrypt volumes do not destroy access to all the encrypted files, but I can understand why certain people have an interest in telling you so. All forms of file storage, encrypted or not, are vulnerable to hardware failures in pretty much the same way. A catastrophic failure will make you wish you had used proper back-up protocols, regardless of file security. Indeed, back-up and encryption have nothing to do with one another, and encryption certain doesn't compromise back-up methods.

"I used Truecrypt, and when something went wrong, I lost all my files". Read this sentence. The read again. Then imagine someone saying it at the beginning of an advertisement. Why does the ad start this way? What is the ad trying to get you to think? Then, perhaps, you might want to Google a bloke named Edward Bernays.

Once again, every commercial security system has back-doors, and therefore the so-called encryption provided this way isn't worth a damn. Rock-solid encryption algorithms are in the public domain, and no, the NSA does NOT have secret UFO technology allowing them to break such encryption. By law, every single security vendor that operates in the West or does business in the West has to give NSA people full co-operation to allow intelligence agencies ways to bypass security offered by their products.

Slashdot does not daily carry stories attacking North Korea, Syria and Iran by accident. Remember, this is supposed to be a 'nerd' tech site, and yet one might think, form the content, that it was one of Rupert Murdoch's media outlets instead from the sickening political propaganda. Every story promoted here is thus suspect, if you have even one functioning brain-cell. You must always ask "why is this story chosen to be promoted?"

Re:FUD in disguise

Intelligence agencies do NOT want you using Truecrypt.

Posted from a computer with an always-on connection to the Internet.

Re:FUD in disguise

[FuzzNugget]

lulz ... well, thanks for the entertainment. I was actually beginning to think was nobody more paranoid than I am. Thanks for quelling that.

Re:FUD in disguise

[FuzzNugget]

No. Kill one sector on an unencrypted drive and you may not lose anything or you may lose some of the file that uses that block or all of it. If you lose one sector of an encrypted container you lose at least that block of cypher text and likely the whole container.

Thank-you, this is a good explanation of exactly what I meant by the word "volatile".

Re:FUD in disguise

Once again, every commercial security system has back-doors, and therefore the so-called encryption provided this way isn't worth a damn. Rock-solid encryption algorithms are in the public domain, and no, the NSA does NOT have secret UFO technology allowing them to break such encryption. By law, every single security vendor that operates in the West or does business in the West has to give NSA people full co-operation to allow intelligence agencies ways to bypass security offered by their products.

Bullshit. There aint any such law.

Re:FUD in disguise

[cryptoluddite]

It isn't a good explanation at all, it's just a claim with no facts to back it up.

Drives are encrypted using the algorithm in counter mode so that they are random access and parallel. That means every block is independent, so any simple corruption only affects the corrupted parts. The only way you could lose the whole container is if you have insertions/deletions in the data, which will corrupt a whole plain filesystem container as well (but since it isn't encrypted you could possibly repair that).

Re:FUD in disguise

[dbIII]

Rupert Murdoch's media outlets

No conspiracy theory is required because he shapes what people are talking about and doesn't actually have to own the other bits of the media. North Korea, Iran and Syria are in the news a lot from those outlets so of course slashdot joins in - it's in the news after all.

Re:FUD in disguise

"I used Truecrypt, and when something went wrong, I lost all my files".

That's a misquote: The correct quote is:

"I used a computer, and when something went wrong, I lost all my files."

Bravo!!!

[Okian+Warrior]

Well-written, amusing, and insightful.

You deserve mod points but alas, today I have none.

Crashplan is awesome.

[goombah99]

A few more words about Crashplan.
Crashplan markets itself as a competitor to things like Mosy and other purveyors of managed remote backup. But Crashplan is distintly different than all these others in a way that is unbeatable. Namely, you don't have to use their archives to store your data. With crashplan you can target any disk as backup storage. This could be an external disk connected by USB 3.0 or one over at your freinds house (they run crashplan too), or you can use crashplans servers. They sell the app not the service if just want to use it with your own disks or a freinds.

The difference here is what happens when you need to restore. With any other service (like Mosy) you are hosed. How the heck are you going to recover a terrabyte from the remote storage to your local disk over the internet????? Not going to happen. FOr a fee Mosy will burn DVDs and mail them to you. But that assumes you know what date you want the back up for. If you are trying to recover from some slow disk corruption or a trojan you want to inspect the backups first to find the latest possible date before the corruption started, then you want to add back the newer files you can salvage. That's not going to happen with the DVDs you have sent to you.

But crash plan is different. You just drive across town to your freinds house and pick up the drive. Mount it locally and find all the files you need for the backup. Just like what you would like to have! perfect.

If crashplan would just solve their Java memory management issues it would be perfect. when you launch it it starts off with 100MB but a week later it's up to a gigabyte of memory use. Fortunately it seems the Virtual Memory manager is able to page out most of this when it's not active, but java programs are such out of control pigs.

Re:Crashplan is awesome.

[goombah99]

1. Crashplan does the encryption for you as well has managing the differential backups and restores. It even does a lot of work calculating the minimal differences and de-duplications so the internet traffic and disk space are optimally managed. Your friend cannot read your backups on his computer and you can't read your freinds computer.

2. But from your point of view you are always wokring the GUI with unencrypted files and folders when choosing what to back up so the enxryption is all transparent to you.

3. combine this with Full Disk Encryption on your originating computer and the encyption and backup objectives won't step on each other.

4. Unlike most roll-your-own solutions like this, crashplan also manages the problem of dynamic DNS and establishing a connection through various firewalls and routers. In a nutshell, Crashplan the company acts like napster and brokers the connection between the two peers, then it gets out of the loop. Even if the company disappears your data is still yours and you can still physically access it.

5. crashplan also notifies you by e-mail on the backup status and warns you when too long a time has elapsed since it was able to make a connection between the local and remote computers.

6. if you like crashplan will escrow your encryption password to protect you from your own incompetence.

Re:Crashplan is awesome.

[hawkeyeMI]

Yes yes yes, CrashPlan solves this with or without their service (which is a bargain, BTW, especially the unlimited family plan). Been using it both to back up (and a few times to restore) for > 1 year now, and I'm so happy with them.

Re:Crashplan is awesome.

You should be able to tune the JVM parameters for force the java app to remain at a constant memory level, yet still performant.

Re:What OS? try Crashplan + FDE not images.

[dreamchaser]

He doesn't say what OS he is using.

Yes, he does: "My setup involves an encrypted Windows installation ".

OSX + CrashPlan

Being on OSX I've been using the built-in FDE for a while and haven't noticed any performance issues on both spinning and solid-state drives. For backup I use CrashPlan extensively. It has free P2P backups and you can pay a very reasonable rate for remote backup services. You can pick your own encryption key so that only you can actually decrypt the data. The other nice thing about the P2P option is you can partner with all your geeky friends and provide distributed backups for each other for free (ignoring bandwidth and storage)

Encrypted backups to Glacier

I've written a script that backs up files to AWS Glacier. Files are encrypted using GPG (keys are separately encrypted and pushed to S3), file names are hashed and then the optionally compressed files are uploaded to Glacier. Still in alpha though.

A little bit of everything

I use BitLocker on all my drives mostly for giggles, since all my important data that I don't really want to share is stored on True Crypt Volumes, The Volumes are either stored on Dropbox if I need access from multiple machines, or backed up using Crash plan along with the rest of my data, which by the way is stored on separate hard drives from my system, so that incase of system failure...

tar, 7zip

[emil]

7zip is nice because it quietly adds encryption (unlike xz).

tar cvf - (directory_path) | 7za a -si -mx=9 -pPASSWORD directory.tar.7z

7za x -so -pPASSWORD directory.tar.7z | tar xpf -

You are thinking of doing this on Windows, so beware that tar will not preserve NTFS ACLs. You can use cygwin tar if you want, but I find that the mingw tar works all right too.

If you really want to use flash media, make sure it's SLC, rated for 100,000 write cycles. If you use cheaper MLC media, media failures begin at only 5,000 writes.

Duplicity

[Albanach]

Duplicty allows for scripted backups with the archives being encrypted by GPG and therefore can be restored to any drive, so long as you know the password.

FreeOTFE

[pongo000]

I use it for all my Windows encryption stuff. Not tied to hardware, can encrypt partitions as files or partitions in situ, you can even make hidden encrypted volumes for plausible deniability's sake. Oh, and it's open source. Enough said.

Why is this on Ask Slashdot?

[guruevi]

This stuff is handled perfectly in the Truecrypt FAQ isn't it? RTFM

- You can create backups of TC containers, it'll actually be much faster to create a differential or incremental backup of the container since only 1 file needs to be read (cache hits will be more efficient) compared vs millions of little individual files (each costing IOPS on both sides to initiate the backup as well as compare and store it).

- 1 (or multiple) bits falling over in an encrypted file system does not cause the entire system to go corrupt. In some cases, the encryption will be more safe as internal checksums may be able to detect and/or auto-recover the errors.

- Disaster recovery does not require you to restore a TC volume to the same disk. That is a Windows-specific limitation. You can't restore MS Windows to a different system and expect it to boot because of it's DRM and driver model (Mac, Unix or Linux systems do not have this limitation). You can still open the backed-up TC volume or even open the disk TrueCrypt volume in another machine.

Re:Why is this on Ask Slashdot?

- Disaster recovery does not require you to restore a TC volume to the same disk. That is a Windows-specific limitation...

You can recover Windows system image to a different drive. I've done it several times myself without any issues. (I think only a motherboard change would be detected as a significant system change to screw up the activation.)

From what I gather, OP is talking about restoring encrypted backups, meaning Windows has nothing to do with it, it's just random data.
Either that or he's doing something wrong.

Re:Why is this on Ask Slashdot?

[ckedge]

> You can create backups of TC containers

If you use a file based container, BEWARE any backup software that first looks at the timestamp of the file to determine if the file should be backed up or refreshed.

Truecrypt does not modify the timestamp of file containers.

Thank God I noticed that before I someday needed to use one of my backups. I would have opened up a "recent backup" to discover that it was in fact very very old.

Overkill

[Tony+Isaac]

Do you live in an underground bunker, with automated blast doors and multi-layer security? I doubt it. Does anybody really care enough to defeat such measures to get into your house? I suspect you're like the rest of us, with standard locks and maybe an alarm system or a dog, or both. That is sufficient to deter all but the most determined criminals. And if anyone is determined enough, your extra security won't stop them anyway.

Your data isn't that different. Nobody is really after your data, at least not to the point of being willing to spend serious money and time getting into your system. The real threats are things like malware (which won't even be slowed down by your encrypted drive), or somebody snooping around on your hard drive after stealing your laptop (when actually they are more likely to want to just sell it).

Common sense is the best protection for most of us. Don't save passwords in an unencrypted file. Use a non-trivial password to log on to your system. Hang on to your stuff. You get the idea.

Re:Overkill

[93+Escort+Wagon]

Nobody is really after your data, at least not to the point of being willing to spend serious money and time getting into your system.

Finally, some common sense gets injected into the discussion!

As I interpret this whole thing: The submitter basically has set up what amounts to a "roll your own" system for encryption using TrueCrypt, as well as a custom system for backups - but isn't happy with the level of complexity, because that's often the enemy of robustness (and free time). Now I'm not a Windows guy anymore, I'm on OS X - but I'm pretty sure Windows 7 and 8 have whole-disk encryption and built-in backup utilities that would solve this problem. On the Mac I'm using OS X's built-in whole disk encryption - and before that existed, I used their encrypted disk images. And for backups... the built-in utility Time Machine.

If the built-in system tools are not acceptable for some reason, the submitter should explain this - otherwise I don't see why the obvious answer isn't the correct one.

Re:Overkill

[cryptoluddite]

This is a key point, that encryption only protects data when the encrypted part is off-line. If you get a malware and your My Financial Data volume is mounted then the malware can access it. And if you get a malware and then *ever again* pay your bills then it can just wait until that encrypted volume is mounted and then steal the data.

Encrypted drives only protect against theft. Encrypted volumes protect against 'temporary theft' like a roommate poking around while you're taking a shower and logged in. That's it... they aren't a security solution themselves.

To actually secure data you have to use encryption to protect from theft, but also never mix different levels of protection. This basically means using a separate computer entirely for your banking, or however you want to assign the security say one system for high risk activities like gaming and porn and another for everything else. Ideally you don't share data between zones, but if you do it's always the higher protection one that accesses the lower one (banking computer mounts gaming computer shared folder, never the other way). Also any zones that overlap are the same; if you have a gaming system and a porn system with the same password, they might as well be the same computer.

WTF

Backup images of the encrypted operating system can only be restored to the original hard drive (ie.: the drive that has failed).

That is extremely bizarre and I guarantee you that 99.9% of people who encrypt their disks, don't have that problem. I suspect you're either wrong about the limitation, or you are using some kind of weird crippleware. If the latter, drop it now and go to something normal like dm-crypt or whatever.

With the data being stored in large file containers, each around 100-200GB. It can be come quite burdensome to deal with these huge files all the time.

Things just get weirder. Ok, I think I get what you're doing now. You're backing up entire block devices, rather than files. Most of us would back up a filesystem (which involves decrypting the block device, interpreting it as a file system, the backup system backing up each file, and in turn re-encrypting it for backup purposes). Our approach, I admit, would be slower. But simpler. And fixes the problem you're talking about.

You'd probably have the same problem if you weren't encrypting. Do you backup machines which don't use crypto, as full partition backups, rather than as files?

If that's what's going on, stop it.

Re:Well...

[maxwell+demon]

1) Illegal stuff

Do you know for sure what exactly is illegal in different countries? Some people travel internationally. Maybe some of your completely legal stuff is illegal in some other country you're travelling to.

2) Private stuff

That's the main reason for encryption. If someone steals your laptop, losing the hardware is bad enough. You don't want them also to have access to your private data. And no, your OS level security cannot protect your files in that case, because all one has to do is to boot a live system from CD or DVD (using an external drive, if necessary) and use that to access the files. Since your installed OS isn't even started, it cannot prevent that access. Or alternatively, remove the hard drive and put it in a different computer.

Truecrypt + SyncToy

I have all of my drives on all of my computers fully encrypted at the system/partition with Truecrypt.

For each drive I also have an identical encrypted backup drive which is stored in a drawer and never used unless I'm actively backing up its partner. When I want to backup a given drive, I pull out its backup partner, plop it in my Thermaltake drive dock, and run SyncToy. When I'm done, the backup drive goes back in the drawer.

It may seem a little cumbersome, since I have to actually physically touch drives in order to do it, but SyncToy makes it really quick and easy since it's only doing incremental backups. I have a rotating schedule of backups so that each drive is backed up at least once every couple of weeks. I also backup the most critical files on my laptop to another server over my local network once a week with SyncToy, so there are always 3 encrypted copies of my most important and frequently-used files.

Some Clarifications

[FuzzNugget]

There are a lot of similar and tangentially related responses, so I'll make this one post instead of responding inline to each one.

SETUP
My partitions look like this in gparted:

[ PRI/BOOT: Windows w/ TrueCrypt OS encryption ] [ EXTENDED: [ LOGICAL: normal, unencrypted partition where TrueCrypt file containers reside ] ]

Note that TrueCrypt replaces whatever existing bootloader is on the drive with its own so it can run pre-boot authentication to decrypt the OS.

Yes, I realize that I don't store any data on the OS/software partition, but there are still system caches, logs, databases and other potential data leaks to consider. For example, the encryption keys for the file containers get stored in the hiberfile. Without encrypting the OS, it would be fairly easy for an attacker to access the keys to the encrypted file containers. With the OS encrypted, this is not an issue.

BACKUP
I use TBU IFL (self contained bootable imaging software) to backup the OS partition in it's raw, encrypted form. Yes, this causes it to backup empty space and it takes quite a bit longer to run. Differential backups do work and are a smaller filesize than the original full backup, but they still take just as long.

From the research I've been doing on TrueCrypt's forums, it appears the reason that I can only restore these backups on the original drive is due an insufficiency in TrueCrypt's rescue system.

What I've found is that I can use Windows-based imaging software to backup the OS partition in it's decrypted form, restore the image to a new drive and re-encrypt it. It's a bit of a process, but it's still faster and easier than running the full TrueCrypt decryption process, copying the partition to the new drive and re-encrypting. I could use the imaging software's own encryption scheme to protect the image if I want.

When I backup my data, I do exactly what many have suggested here: back it up at the file level by using synchronization software to periodically compare and copy changed files (from inside the TrueCrypt volumes that I've already mounted) to an external drive which contains mounted TrueCrypt volumes of identical size.

FOLLOW-UP
So, to rephrase and answer some of my questions:

1: Non-Portable OS Backups
Solution in this context: use Windows-based imaging software to backup the system volume in its decrypted form. Use the encryption feature built into the imaging software to protect it.

2: Volatility of Data Containers
The problem is not backing up data inside the containers. The problem is that they are volatile. Any data corruption in the area of the partition where a container resides renders that container functionally useless and all contained files inaccessible. Basically, adding a layer of security also adds a layer of instability, but I don't currently see a better way of acheiving that security.

3: SSDs
Still not sure what to think about SSDs, all of my research has yielded mixed results from polar extremes of the spectrum.

Mac + FileVault + Time Machine encrypted

[gnasher719]

Get a Mac. Turn full disk encryption via Filevault2 on. Backup using Time Machine with an encrypted backup drive. The encryption is invisible except that you have to enter the password from time to time.

Re:Mac + FileVault + Time Machine encrypted

[FuzzNugget]

Get a Mac.

I know I said I was open, but ... not *that* open.

Re:Mac + FileVault + Time Machine encrypted

Or keep using Windows and Bitlocker. Not like Mac has anything special there.

Re:Mac + FileVault + Time Machine encrypted

[myforwik]

What mac has is good vertical integration. In 10 clicks you can encrypt your hard disk and have it automatically backing up to an encrypted external drive or NAS. If your HDD dies and you put a new blank one, the Mac BIOS will automatically find and load the most recent back-up. Secondly, macs backup itself is light-years ahead of anything else I have seen for the simple reason that they have built it into the file system. The mac knows which directories and files have been edited, it doesn't have to do crap like check timestamps or hash files (such as rsync does), the filesystem itself flags the writes. Windows backup is so scary that no one uses it. It says it does "full backup when needed". There is no way to control when it does anything, and it randomly does complete system backups instead of incremental backups. And because it doesn't do hard-links like linux/osx does I continually find people confused and deleting things resulting in unable to restore from an incremental backup.

Duplicati

[bakuun]

You might want to have a look at Duplicati - that's what I ended up using after I spent a while looking into how to do backup securely. It'll handle scheduling, partials (i.e. diffs, if you want), compression, encryption of the result, and finally upload to a whole range of different cloud providers (or a local directory, of course). It's free, and available for Windows, OSX, and Linux.

Already solved

[Frosty-B-Bad]

Enable BitLocker on your drives. When you connect a drive for backing up, bitlocker it then use any backup mechanism (win backup or file history in 8) problem solved. Everything's encrypted and backed up.

If you ever expect it to be useful to others ...

[dbIII]

If you ever expect the data in there to be useful to others then don't bother to encrypt your backups, it's an accident waiting to happen. Rely on physical security of the backup media instead.
Even if it's you own stuff, do you really want to mess around at 4am with a recovery procedure you can't quite remember that is written down somewhere you can't get to?

I backup, but don't encrypt

I backup website data to a local NAS. I don't allow external access to the NAS. Access must come from within the LAN. Second, I use linux, and use rsync to make backups. It works very well across networks, will try to recover data from bad drives (I've recovered data from a drive that would only reliably work for the first 5 minutes after turning it on), and makes excellent full archives, and subsequent snapshots. I don't encrypt, although that's an option I could explore in a hundred different ways.

Re:If you ever expect it to be useful to others ..

yes it's one of those tradeoffs isn't it. I could make my files and backups more secure but if I get hit by a bus my wife will likely lose access to our family photos, tax returns and other files due to the complexity of the setup.

Restore tests?

[myowntrueself]

Sorry, I could have been more clear about the crux of the matter.

I *do* have multiple onsite and offsite backups which I update them regularly and religiously (I did have to spend two days reconstituting some data as my backup software had failed 5 days prior to this drive failure and not warned me ... but that issue has been resolved and is completely external to the matter at hand)

How often, if at all, were you doing restore tests? And how complete were your restore tests? Were you doing test restores of individual files or bare metal restore tests?

SSD

[fa2k]

I can't speak to the security of SSDs.

There are two reasons why it may reduce the lifespan: 1) no TRIM support. Here is a Q/A which confirms this for LUKS on Linux, I doubt Truecrypt have TRIM support either. http://superuser.com/questions/124310/does-luks-encryption-affect-trim-ssd-and-linux . TRIM is relatively new, and while most filesystems do now support it, you're not losing out on much performance. An alternative is to leave a percentage (e.g. 10 %) of the drive completely unused, as an unformatted partition (NOT encrypted). This gives the drive's wear levelling algorithm some more room to work with. Drives do of course already have some such space which is not visible to the user.

2) Encrypted data are not compressible. Some SSDs use compression to get better write bandwidth and to reduce the number of writes. You shouldn't worry too much about this. You get what the hardware can support. The same thing would happen if you only stored H.264 videos, which also can't be compressed much, so the manufacturer has to allow for this.

Re:SSD

[fa2k]

An alternative is to[...]

Sorry, I made a mistake. This is *not* an alternative as in replicating exactly what TRIM does. It will however give you slightly better write performance

Re:SSD

Called SSD Overprovisioning..

See http://en.wikipedia.org/wiki/Write_amplification

Be careful of user data stored outside of profiles

[davidwr]

Some programs have their own notion of what a "user" is and store all users' data in a central location OUTSIDE of where Windows stores its user profiles.

This MAY wind up being on the C:\ drive.

"Temporary" copies of user data may also wind up on the Windows system drive, Windows Boot drive, or even the C:\ drive (yes, even if you "Boot" from "D:" some old programs have C:\ hard-coded into them, sigh).

And of course, pagefile.sys, hiberfil.sys, and similar files are by default also on the Windows system drive or Windows Boot drive.

There are no doubt many other one-off cases to watch out for as well. The moral of the story: Know your software and what it is really doing behind the scenes or be prepared to be surprised.

Re:Be careful of user data stored outside of profi

[SScorpio]

That's true, and if you are worried enough to encrypt your user data partition, you should do your system partition as well to make sure everything is being properly encrypted.

This post was to address the fact that that it isn't difficult to separate the users directory from the C: drive. Software throwing files all over the place isn't new, but thankfully most are following recommend procedure which puts everything in the user's directory.

Separating user's dir. from C: drive

[davidwr]

You can even do it on a per-user or even per-subdirectory basis by using NTFS mount points, but that can be a bit more confusing if you forget what's mounted where.

Re:Well...

[peawormsworth]

... the first thing you need to ask yourself, is WHY do I need to encrypt data?

1) Illegal stuff 2) Private stuff 3) Just because you can

ans to 1 is don't do it - you will be caught eventually ans to 2 is why? private is private and provided you use proper security on access controls all is hunky dory ans to 3) paranoia

Your burrying your head in the sand. Everybody should have concern about point #2 you listed. If you dont believe that you do any private stuff then you are not using online banking or sending email. As a minimum, these are things you should try to protect. 99% of your data from an unecrypted windows or linux system can easily be accessed. Your word processor documents and email messages and wifi passwords are accessible to anyone who steals your desktop or finds the laptop you lost. I have done this as an excercise. I am not a "hacker" and do not have desire to steal from others, but it is easy for me to get all this information from your system. So a hacker would easily know how to do it and then exploit that information to make life difficult or exensive for you.

So if you use a laptop and you do not use encryption... then it would be good for you to actually be a bit more paranoid then you current are.

At my place of business, I was able to easily show how both windows and linux emails and documents could be read off of anyones work computer. This was eye opening for our managers, because we dealt regularily with customers private information and shared private information between other business owners. Encryption is important in a business settings, but it is probably most important on portable devices like laptops, which are far more likely to be lost or stolen. Because I assure you it takes no effort at all to clearly see everything you ever put into it without having to break any user passwords.

my simple solution

[peawormsworth]

I run full disk encryption using luks on linux. Full hard disk encryption with luks is easy to install during linux installation... just two extra steps from the install menu. I install my operating system onto an SD card (although USB would work too). In this way it is very easy for me to do full system backups that are also encrypted. And a full backup costs roughtly $20 as SD and USB is cheap. For mass storage, I mount either encrypted or unencrypted hard drives. Usually, I do not encrypted the mass storage devices, because this primarily contains pictures and video that do not have great value to theives and have little chance of being used for identity theft. For more private videos and pictures, I can always store these on an encrypted partition if desired.

By running my main system off of an SD card, a full backup is simple. I can simply plug in a fresh SD card and call my backup script which creates a new encrypted partition and copies all my data. Then if my computer is lost of stolen, I just plug it in and go. There is no down time of reinstalling a new operating system and transfering backups to update it. Plus since the backup is full encrypted itself, I have no concerns about someone stealing the backup either.

I find my current solution simple and cost effective.

Data recover and truecrypt

Here is something to keep in mind. This assumes you are using truecrypt on windows.

1. Fat is not a very reliable filesystem, however its needed for trucrypted stenography features, therefore:
2. Create the hidden volume using NTFS filesystem and the normal volume using FAT/exFAT.
3. Always use a container file.
4. Use the "Backup Volume Header" feature in Truecrypt to backup the encryption key info from the container file. Save this to flash drive or something not on the same machine.
5. Using RStudio (Disclaimer: I dont work for them, I am just a customer than successfully recovered a truecrypt volume). http://www.r-studio.com/
6. With RStudio you recover the entire container file to the replacement drive. You ask rstudio to recover the entire file even if there are read errors, you get it to fill those in with nulls.
7. This will take about 24 hours for a 1tb drive, so sit back and wait.
8. Once you have the container file on the new drive, attempt to mount it. It will mount if the unless the volume header section is damaged. If it is damaged, use truecryt to restore the volume header that you backed up.
9. Once it is mounted, if windows can see the drive and files on it, you are lucky and all is well. You can then run chkdsk /f on the drive. If not, you then run rstudio again on the mounted drive, and recover to another locatioin. In the worst case scenario, you need at least twice the size of the container in free space on an unrelated/new drive.
10. Note that the price of encryption is you need to backup the entire volume, or you need enough space to attempt to recover a damaged volume. Having everything encryted is nice, but it comes at a price. You need to determine the appropriate trade off. Remember that if you are using the stenography feature, you are already willing to loose your data if you are compromised as the moment you mount the outer volume without protection enabled, you risk corrupting the data on the inner volume. This is the price you pay for plausable deniability. Of course dont forget that is the someone really wants it, and they dont believe your fake outer volume is real, they gonna beat and torture you anyway. Obligatory XKCD: http://xkcd.com/538/

Also Note:

Ideas on the outer volume also is to use a tool to kill the timestamps of all the files that you place there. This is recommened, because updating the files in the outer volume after the inner volume is made is a difficult and tricky operation. If the attacker mounts the outer volume and sees are the files are like 5years old, they gonna smell a rat. If they see all random timestamps, you say you ran the tool as recommened practise. Examples of such a tool is timestomp, however that doesnt work on FAT, so you need to find another one, I just cant remember the name right now.

One word

BitLocker

http://windows.microsoft.com/en-us/windows7/products/features/bitlocker