0

Scenario:

I'm working since 2 years as a software developer and sys admin. I never had anything useful on my pc. Now it's full of personal and sensitive data (passwords/source codes, etc).

Now that I realized the risks of losing the laptop, I've taken steps to prevent.

I've bought Acronis True Image to backup my whole computer periodically to an hard disk once, then proceding with incremental backups. The first backup I did today is free of any TrueCrypt use, nothing is encrypted with it. I've just encrypted the backup itself with Acronis True Image. My laptop has 2 hard drives and all of them are backed up.

Now that I have a safe copy of my whole computer, I wanted to proceed to a full drive encryption so that if I lose it, data will be safe.

So I've started documenting myself about the whole process. I have too much files around, spread around the 2 drives, so I wouldn't want to create a smaller container and move everything in there. I'd rather do a whole disk encryption so I'm fully safe about everything.

I've read that one good step is that you make and header backup (a feature truecrypt provides) to recover headers of the container so if you get corrupted container you can get it back.

So questions:

1)What are the steps to reduce the risk of corruption and failures?

2)What are the risks? Do you recommend full encryption or not, considering the backups? Any detailed explanation, article or comment will be much appreciated.

3)I've read here that Acronis and TrueCrypt aren't fully compatible (like you can backup only at container file level. Someone can elaborate? I've found ssome questions here, but nothing really clear.

4)Will TrueCrypt mess up with big files (iso images? Visual studio setup? SQL Server setup?) since it puts unencrypted files in ram? I have 3GB ram, should I not do this?

Thanks everyone for the help

Improve this question
2
  • I was not sure about the incompatibility but kb.acronis.com/content/14877 . How do you set up the backups? Differentials? Incrementals? Full? I guess at execution time Acronis finds all files decrypted so it's not a problem to do a backup, right?
    – user3924708
    Commented Dec 4, 2014 at 0:04
  • @Ramhound so I Can make a whole computer backup (and a second safety copy somewhere else :) ) and live happy with my whole drive encrypted? Also, does truecrypt asks for decryption password on wake up after suspending or hibernating too? That would be cool but I have no idea
    – user3924708
    Commented Dec 4, 2014 at 10:43

2 Answers 2

Reset to default
3

1)What are the steps to reduce the risk of corruption and failures?

Truecrypt does not add or take away any risk of corruption or drive failure, other than:

  • If the Truecrypt volume header at the beginning of the disk gets overwritten, the volume is unrecoverable. Do what Truecrypt says and make a recovery disc and store it in a safe place.
  • If you forget your passphrase, the volume is unrecoverable. Do not forget your passphrase.

2)What are the risks? Do you recommend full encryption or not, considering the backups? Any detailed explanation, article or comment will be much appreciated.

  • Full disk encryption will prevent an adversary from reading the contents if the hardware is powered off at the time of the theft, or they power it off and try to read the drives later or in another machine. That's it. It will not add redundancy to your data. It will not enable you to recover deleted files more than you can now. It will not decrease the likehood of sudden hardware failure.

3)I've read here that Acronis and TrueCrypt aren't fully compatible (like you can backup only at container file level. Someone can elaborate? I've found ssome questions here, but nothing really clear.

  • If your backup tool can back up raw partitions without caring or understanding about the filesystem in them, the tool, whatever it is, can be used to back up TrueCrypt partitions. The resulting file will be incompressible and will be near to the full size of the partition, you won't get the benefits of compression that can result if the tool can understand the filesystem within the partition.

4)Will TrueCrypt mess up with big files (iso images? Visual studio setup? SQL Server setup?) since it puts unencrypted files in ram? I have 3GB ram, should I not do this?

  • TrueCrypt works on the block level, not file level. It is unaware and uncaring of anything you are writing to the disk other than Windows is telling it to read/write sectors, sort of like an ATA or RAID controller driver. NTFS, FAT, and other filesystems reside above TrueCrypt in the I/O stack.
Improve this answer
0

What are the steps to reduce the risk of corruption and failures?

Create an image of every sector of your HDD. This way if you have a reason to restore your image you have everything you need in order to do so, even if your using full disk encryption, imaging software does not really care since its already decrypted at that point.

Will TrueCrypt mess up with big files (iso images? Visual studio setup? SQL Server setup?) since it puts unencrypted files in ram? I have 3GB ram, should I not do this?

Truecrypt doesn't care about big or small files.

Improve this answer
5
  • What does it mean "Create an image of every sector of your HDD". How I do that?
    – user3924708
    Commented Dec 4, 2014 at 0:02
  • Acronis has that exact capability. I am not sure what's not clear about copying every sector of a hdd
    – Ramhound
    Commented Dec 4, 2014 at 6:06
  • Well I toughth every backup is a copy of all the used disk sectors, that's what baffles me... You can't skip a sector where a piece of a file is stored. Does "every sector" means even unused space?
    – user3924708
    Commented Dec 4, 2014 at 10:42
  • @user3924708 - You can indeed backup the unused space using Acronis if you want.
    – Ramhound
    Commented Dec 8, 2014 at 11:43
  • @user3924708 An image (when i've done them anyway) is an image of either A)a partition or B)the entire disk including all partitions. The term unused is ambiguous, whether the person means unused within a partition or unused outside of any partition(and e.g. not the MBR). But any image includes unused space in the sense that if a partition was 20GB used 10GB free then it will be so when it is written too. Whichever it does it isn't skipping sectors so that phrase regarding sectors isn't a good one.
    – barlop
    Commented Mar 6, 2015 at 18:37

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .