NOTE: I’ve gotten a few emails from readers who have concerns that “If I stop using Google/Yahoo/Apple software, I won’t be able to do ____.”  That’s not true, and in a VG-exclusive series, we’re looking at some of the software out there that does the same job without laying your private life wide open and profiting on it.  I’ll be bringing you in-depth reviews on email providers, cloud services, browser setups, and much more.  Everything we’ll be talking about are programs and tools that I either currently use or have personally tested, and the reviews will be written for the average user.

Please note that we are not receiving anything from these companies.  They did not ask us to do a review, and they are giving us nothing for doing it.  In fact, we aren’t even telling them we’re doing it. You can be certain that this series will be completely honest and without bias.

On to part two: Truecrypt encryption software.

Before you say “I don’t really need to encrypt anything,” let’s take a look at what’s on your computer that a hacker may be interested in (or the federal government).

• Photos of your children – The internet is full of sleazy, disgusting child pornographers who—out of necessity so they don’t get caught—have become some of the most tech-savvy folks out there.  The dark web is full of photos and video of other people’s children, and while many of those photos are from child trafficking rings and whatnot, a lot of them are just collected off the web or even taken from people’s computers.  If the thought of some pedophile putting a photo of your child in his personal collection to be used and shared with other perverts makes you simultaneously sick and filled with rage, then you have a reason to encrypt files.

• Financial information – Do you have Quicken, TurboTax, or other financial software?  Do you ever log into your bank or credit card accounts?  Own a Paypal or eBay account?  Have you ever synced your phone to your computer?  If the answers to any of those is yes, you have a reason to encrypt files.

• Emails between you and your spouse, friends, or family – Have you ever, even once, used your computer to send an email containing information that you wouldn’t feel comfortable posting on a billboard?  Family drama, conversations about medical issues, ‘married’ type emails?  If you haven’t, you’re either lying or you’ve forgotten.

• Personal identifying information – Your date of birth, SSN, address, phone number.  Do you use one of those form-filler apps so you don’t have to enter your name and address into websites all the time?  It’s stored on your computer or on the internet.  Who you are, where you go, what you buy and like and click on and view and want.  More than enough information for someone to become you.  Or blackmail you, or arrest you.

Almost twenty years ago, programs like Back Orifice and Netbus allowed you to “have some fun with your friends” by opening their CD drive or moving their mouse cursor.  Unfortunately, they could also be used for some pretty awful things.  Back then every ‘script kiddie’ had a fairly dubious hobby: Using Netbus to get into people’s computers to snoop around.  They gleaned account passwords, banking information, private photos, and even deleted child porn off one person’s computer.  Now consider this:  That was 20 years ago.  You cannot even imagine the capabilities that exist now.  Bottom line: You need to encrypt your files.

Enter TrueCrypt.  First of all, TC is free and open source.  Anyone can look at the technology in it and verify it does what it says—and nothing else.  From their website:

• Creates a virtual encrypted disk within a file and mounts it as a real disk.
• Encrypts an entire partition or storage device such as USB flash drive or hard drive.
• Encrypts a partition or drive where Windows is installed (pre-boot authentication).
• Encryption is automatic, real-time (on-the-fly) and transparent.
• Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
• Encryption can be hardware-accelerated on modern processors.
• Provides plausible deniability, in case an adversary forces you to reveal the password.

The best part about TC is that the federal government spent a year trying to break the encryption, and couldn’t.   You can make hidden volumes inside of another encrypted container, kind of like a false bottom in a suitcase.  If someone attempts to force you to give them the password, you simply offer the password for the outer volume; they’ll never know there is another hidden volume inside where all the real stuff is.  Or, you can go all out and encrypt your entire hard drive.  For those who are well-versed in virtual machines like Whonix, you can even store and run your VM inside a hidden container, which means you can theoretically have an entire operating system separate from your regular OS, which you use for…whatever you use it for; banking, private stuff, whatever.

The only real drawback to TC is its strength.  If you lose or forget your password, your data is gone.  Your hard drive is done, if you used the pre-boot authentication.  From their website:

We have not implemented any kind of ‘backdoor’ in TrueCrypt (and will never implement any ‘backdoor’ or deliberate weakness, even if asked to do so by a government agency), because it would defeat the purpose of the software. TrueCrypt does not allow decryption of data without knowing the correct password or key. We cannot recover your data because we do not know and cannot determine the password you chose or the key you generated using TrueCrypt. If you follow the security requirements listed in this chapter of the documentation, then (to our best knowledge) the only way to recover your files is to try to “crack” the password or the key, which, however, could take thousands or millions of years (depending on the length and quality of the password or keyfiles, on the software/hardware performance, algorithms, and other factors).

I’ve tested TC extensively on Windows 7, Windows 8, Ubuntu Linux, and Debian Linux.  It works.

For those who find the idea a bit confusing or daunting, they have fantastic documentation written for average Joe on their website.  I taught myself how to configure and use the software from their documentation, so I can vouch for how well it’s written.  It’s been downloaded over 29 million times since it came out, and over 8,000 people downloaded it just yesterday.  You should be one of the people who download it today.

If you missed it, Part 1 deals with email, cloud services and task management, and it’s here.