hi all, i need to secure my user directory transparently, here is my scenario:
using windows_7 64-bit;
i have very important development files on this pc, i want to secure these files under my user directory so that they cannot be read in case of physical access / stolen hardware.
this hardware does not have tpm so i cannot use bitlocker, not that i would anyway since the only thing it gives is a false sense of security.
an option is to create a truecrypt container, however this will be limited to a fixed size, and the nature of development i cannot safely guess the size of the container for the next year or two. i also cant do full partition encryption cos i cant reinstall this work pc. lets just say the company does not give a shit about securing the dev files :/
going into the folder properties > general tab > advances attributes we can check the "encrypt contents to secure data" option, i can't find any details on what encryption is used or how secure it is. on top of that, file descriptors are _not_ encrypted, only contents. so booting with a live cd you can still see the file structure of individual files. much more exposed than im comfortable with.
i want this to be transparent, ie i log in with my domain account and my user data is decrypted, i log out and the data is secured again. i don't want to mess around with a) mounting separate encrypted volumes or b) enter multiple passwords to log in and decrypt, and also c) not expose the file structure, but rather a blob of encrypted data, less vectors of attack if you know what i mean.
so, the question is... what can i do to secure my user directory, transparently?