Blog

The thoughts, opinions, happenings, and just plain ramblings of a seemingly boring person.

External HDD Encryption

EncryptionI've recently started work at a place in the city which now requires me to do the commute back and forth on public transport. Previously I've either worked from home or drove to work, so catching the train twice every working day is a little new to me.

The train being the den that it is, I have gotten a little paranoid about getting stuff stolen, and that has gotten me thinking about the external hard drive that I usually carry in my bag. The hard drive contains my frequent external backups that I do of all our important data, and the thought of it getting stolen and the thieves being able to look at all our photos and all my documents was something that didn't really sit comfortably with me.

For the unaware (hi mum!), there are various ways to make sure data isn't visible by anyone except yourself, the most common of which is encryption. Encrypting data basically means that it is scrambled into incoherent gibberish, and can only be unscrambled by using one or more 'keys' (which in our case, is usually a password).

My external hard drive is a recent model WD Passport, so it has built-in hardware encryption that is locked/unlocked with WD software. By utilising that, the entire drive is encrypted. The software works well enough, but is only compatible with Windows and Mac OS X. As I now use a Linux operating system at work, I can't use the built-in WD encryption method because I won't be able to easily access the data on the drive.

As an alternative, the most popular cross-platform encryption method at the moment is using TrueCrypt. It is definitely not as friendly as the WD method, and is in my opinion probably a little too intimidating for the non-tech-savvy user.

It offers a few different ways of providing encryption, but what I have done on my drive is to create an encrypted container file on the normal hard drive file-system. This allows me to put all my sensitive stuff in that encrypted container, whilst still being able to read and write to other free space on the drive without having to worry about encryption or running the software.

In order to get access to the encrypted files, I have to 'manually' unlock the container with the encryption password, and it essentially mounts as another 'drive'. It works cross-platform (Windows, Mac, Linux), and apparently even on Android by using a third-party app (although I haven't tried that out myself yet). I have it working 'portably' on Windows (i.e. you don't have to install the software to unlock the container), but on Linux and (I think) Mac, an install of the software is required.

The only other caveat is that by using a file container, its size is fixed; so that if you don't create it big enough the only supported way make it bigger is to reformat/recreate it (and of course lose its contents in the process). However, there is a third-party tool that I have used successfully to expand the size of existing NTFS containers .

Overall it's a decent solution, and it means that if someone steals the drive, getting access to the files and folders in the encrypted container is almost impossible without the encryption password.

Leave a comment