Is a Truecrypt Encrypted Hard Drive less likely to get hacked?

Hi Experts,

Will encrypted a laptops entire hard drive, make it less likely to get viruses and/or compromised?  
victor2008Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

IanThCommented:
the more you try and keep data secret the more the virus/hacking community will try and defeat the technology its like a red rag to a bull simple
0
B HCommented:
just because the hard drive is encrypted, does NOT make it less prone to viruses/spyware.

see, once you boot it up, it's not encrypted anymore - it's exactly as exposed as an unencrypted drive.

the point of whole-disk encryption is only incase it falls into the wrong hands, physically.
0
Ady FootSharePoint ConsultantCommented:
This question has been asked many many times before and the answer is quite simple.  Whilst you can take every precaution possible to try to protect your data, no solution is completely infallable.  That is; if somebody wants to get at your data, it will be possible given time and resources.  

BUT - full disk encryption is one of the best ways to protect your data on removable drives and laptops.  So, to answer your question directly - yes it will make it less likely to be compromised by someone who might steal your laptop/disk.  It will make no difference whatsoever to your susceptability to viruses though.

Regards,

Ady
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

victor2008Author Commented:
Thanks for the info!  Are you guys saying that once the computer has been logged in and is online, it's not encrypted anymore and therefore hackers who gained access will be able to connect again to the computer?  The hacker would need to know the Truecrypt pwd and the Windows pwd, correct?
0
Ady FootSharePoint ConsultantCommented:
Hi Victor,

When you boot a truecrypt enabled system you disable the encryption when you enter the password before windows boots.  Once windows is booted - the data is still encrypted but is accessible.  You're right though - a hacker would need to know both the truecrypt and windows passwords to get in.

Regards,

Ady
0
B HCommented:
once you enter the encryption password at bootup, getting thru a windows password is trivial.  accessing it from the network is pretty easy too.

if you get infected with a keylogger while browsing the internet, you will be infected and your keystrokes will be mailed to whoever infected you... encrypted or not.  it will survive reboots too, just like a non-encrypted drive.

the only thing whole disk encryption will do for you, is make it really, really hard for someone to read your hard drive from an offline state - like if they stole it.  a thief who steals your laptop will most likely erase your drive and reinstall what they want, and keep using your laptop as their own, but they won't have any of your data.
0
victor2008Author Commented:
Bryon, isn't it the case that once you enter the encryption password at bootup, and then login to Windows, the data is still encrypted, right?
0
Ady FootSharePoint ConsultantCommented:
Victor,

As per my answer at http:#32053852 - the data is always encrypted even when windows is booted except that windows can read through the encryption because the key (the password) has been provided.

But, like Byron says, if someone steals the laptop whilst windows is booted - your data is accessible easy enough.

Regards,

Ady
0
victor2008Author Commented:
Thanks guys.  So, the only way to decrypt the data or for a hacker to connect remotely and view the data is if the laptop is stolen when Windows is booted, or a key-logger was emailed the pwds?
0
Ady FootSharePoint ConsultantCommented:
Indeed.  So long as the TrueCrypt password isn't compromised, the laptop is secure when turned off.  

Ady
0
victor2008Author Commented:
Hi Afoot, Thanks for your help on this!  You are saying that with TrueCrypt full disk encryption, the data is always encrypted even when windows is booted.

What do you think of bryon44035v3 comment:

"once you boot it up, it's not encrypted anymore - it's exactly as exposed as an unencrypted drive.

the point of whole-disk encryption is only incase it falls into the wrong hands, physically."

0
B HCommented:
The data remains physically encrypted on the disk, but, when booted after the encryption password, it's effectively unencrypted...

If your checking your email in a coffee shop on wireless and I'm in the same coffee shop, I can very easily copy your whole hard drive... given enough time, of course I would start with the interesting folders first...

Windows will have already decrypted your files well enough for the network layer to copy them

Just the same, if you burn your mydocuments to cd, they are not encrypted...
0
Ady FootSharePoint ConsultantCommented:
Victor,

Exactly as Bryon says above and like I already said myself previously at http:#32053852 and at http:#32057397 :-)

Regards,

Ady
0
IanThCommented:
think of it this way like I said hacker and virus programmers try and beat all technology that stops them getting their jobs done fact  
0
Sujith_NairCommented:
hey it seems you are confused about the very concept of encrypting HDD,  

it is basically a defense against exposing your contents to the outside world. if ever your Laptop gets stolen/lost the entire data,passwords,photos, memories,bank records are at the mercy of some stranger! So it is always advisable to keep your data encrypted though it has trade offs and chance of hacking and retrieving your data still exists but the chances are far remote!

Now regarding malware/Virus.... Let me make it very clear to you once you log into the system the entire Disk(/Resources/everything) is as much as accessible to a malware as by a legitimate software!  
Encryption/decryption is a transparent process which performs its operation at lower/machine levels. It is just a service as is the file access service in Windows! once you are logged in any application/software/malware that is launched/Used or launched as stealth by a malware has complete access to your system hence it provides no defense against any malware attack!  

To simply put it consider encryption as a lock in the door of your home, unless an external person finds a Key and open the door, everything within your home is safe!
But as soon as you open the door and keep it open while you are in the home ! (when you log in to truecrypt system and expose your disk to every software/application/malware/processes) anyone can enter your home without your permission be it the innocent laundry boy(legitimate sw) or a thief! (malware)

so if you are looking for protection from malwares/viruses/hacking in general go for some good Antivirus/Internet security suite. If you want privacy and security of your stored contents go for truecrypt!

Happy2Help
Sujith

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.