Can I encrypt my user directory transparently?


  1. acidburn
    Posts : 7
    7 ultimate 64-bit
       New #1

    Can I encrypt my user directory transparently?


    hi all, i need to secure my user directory transparently, here is my scenario:

    using windows_7 64-bit;

    i have very important development files on this pc, i want to secure these files under my user directory so that they cannot be read in case of physical access / stolen hardware.

    this hardware does not have tpm so i cannot use bitlocker, not that i would anyway since the only thing it gives is a false sense of security.

    an option is to create a truecrypt container, however this will be limited to a fixed size, and the nature of development i cannot safely guess the size of the container for the next year or two. i also cant do full partition encryption cos i cant reinstall this work pc. lets just say the company does not give a shit about securing the dev files :/

    going into the folder properties > general tab > advances attributes we can check the "encrypt contents to secure data" option, i can't find any details on what encryption is used or how secure it is. on top of that, file descriptors are _not_ encrypted, only contents. so booting with a live cd you can still see the file structure of individual files. much more exposed than im comfortable with.

    i want this to be transparent, ie i log in with my domain account and my user data is decrypted, i log out and the data is secured again. i don't want to mess around with a) mounting separate encrypted volumes or b) enter multiple passwords to log in and decrypt, and also c) not expose the file structure, but rather a blob of encrypted data, less vectors of attack if you know what i mean.

    so, the question is... what can i do to secure my user directory, transparently?
      My Computer
    Quote Quote

  3. mckillwashere
    Posts : 1,849
    Windows 7 x86/x64, Server 2008r2, Web Server 2008
       New #2

    I am going to suggest TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux This program is great you can make a seemingly usual file maybe a .iso file (maybe what I use, cause iso's can get quite large). and have everything encrypt to inside that file :)
      My Computer
    Quote Quote

  4. acidburn
    Posts : 7
    7 ultimate 64-bit
    Thread Starter
       New #3

    mckillwashere said:
    I am going to suggest TrueCrypt
    As I said above I can't reliably predict the size of the container for the next 2 years, but I guess it's just one of those things. i won't be securing this data after all, their lack of insight isn't my problem any longer :)
      My Computer
    Quote Quote

  6. mckillwashere
    Posts : 1,849
    Windows 7 x86/x64, Server 2008r2, Web Server 2008
       New #4

    With truecrypt you can set it for an UNGODLY size 500 GB to 500PetaBytes and have it grow dynamically9It doesn't allocate all at once)
      My Computer
    Quote Quote

  7. cincinnatiman
    Posts : 4
    windows 7
       New #5

    qusition was ask can u encript drive and be trasparent


    i am admaize that no one can awaser this, that most people dont understand what is out on market
    yes u can encript a drive and no one can get the keys, how, well takes 4 things, good workstation
    a workstation has tpm on it, and all firmware fully upgraded
    now for what u need, seagate ed sed harddrives, these are self encripting hard drives,
    how they work seams no one look at seagate even knows, but tpm must be turn on
    bad part is u cant tell drive is ack encripted, one these drives cant be put in raid
    doing so disables encription, so we got tpm turn on we booted in what windows 7
    ok turn on bitlocker, do not get on the internet doing this time i cant stress this enouf and dont lose back up key
    and i cant stess that hard enouf, throw bitlocker is microsoft is dose work with the drives
    how i understand all this works, is harddrives makes very small parttion that no one can find, this partion is back up
    in event one gets damage the keys keep here and it is highly encripted now yes bitlocker key will unlock the drive
    but this just for software drive checks for it own keys, if drive is remove from pc put into another will never work
    can data be stolen wile online well all encription software has a probem they dont do file by file encription decription
    and doing this would use grate deal cpu power so we must find way deal this, now we got probems with domains and remote access wich all can be done very easy, just nsa wont alow this never be done, nsa wants access to all computes wich they have and not being able read files well no one wants fight goverment to make this work, i beleave busness able to do this but being stop, with ileagle presher from the goverment but when goverment can cost u millions do u really wish to fight them
    well me i would in heart beat, i told seagle how fix each of all there probems but they will never ever use it, it would make pc hack proof and nsa proof, but u must understand to do this u must have very powerfull pc, some the big ones is hp z800 z820 and i shure there is others, each cpu has it own memory, so it can muiltytask but need code to do it,
    there is no code currently as 2018 that alows a pc to multy task in right way in other words send one thread to one cpu, now we need montor to find out how much cpu power dose take to use this program and would set the number cpus base on needs, and as needs change so will this on the fly, short this there is no current program will keep file lock so it cant be stolen, need more safe gards, and better firewalls that look for servers with no mac address, or servers has no busness on pc,even if the pc ask for it, if owner did not ask for it it all should be block but currently best firewall is ipfire, my 2 cents on that, it dose have its own probems, and i hope that they fix them in short as 2018 this kind encritpion is not being done so who will buld new firmware to alow seagate drives to do this
      My Computer
    Quote Quote

 

  Related Discussions
Hi, all - I have a system with two drives, one with Windows 7 and the other with Linux. Recently, my Windows installation failed to boot. I was able to copy the contents of my user drive by mounting the Windows drive while booted in Linux. I've since rebuilt the Windows drive, and am ready to...
By that i mean like %appdata% but for the current user directory... or maybe the documents directory?
I am using Windows Home Premium 64 bit SP1. My user directory under c:/...Users shows a padlock symbol on the folder for user "kevin". I believe that this is the reason this directory will not back up to my cloud drive provider. What does the padlock mean, and how do I remove it?
This is a minor nuisance but still it wasn't an issue in XP or even Vista. My Windows 7 Pro still shows the name as USER if looking in the folder "C:\". For example, there are 2 user accounts, both Administrators. When Windows 7 boots, you have a choice to log into SAM or JOY. However,...
Active Directory User and Computers "MMC could not create the snap-in" Anybody get this working? I've googled to no avail I've tried the Vista fix, registering a bunch of DLLs, but that didn't fix it.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 19:12.
Find Us