## The Full Disk Encryption Dilemma for Windows 10

I am quite unsatisfied with the current state of full disk encryption solutions available for use with Windows 10 on a Laptop with SSD. This blag post will mirror some of what [Bruce Schneier already said on the matter][Schneier2]: I will discuss some of the options and point out problems. I am not offering a solution, just a variety of bad choices to pick from. [Schneier2]: https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html Do you want to know more?

## Encryption on Android gets worse in every Version

My lamenting will be about the overall way in which device encryption is implemented in Android. This is mostly a collection of links where you can find out more about how it ~~worked across the recent versions~~ all went south. This article strictly expresses my own, badly informed opinion and you should check all the provided references carefully before forming your own. read();

## Protect your Android and still enjoy it

Just recently, the latest CyanogenMod nightly began supporting encryption on my phone, even though the bugreport still says it's an open issue. I don't mind. Anyway, this allowed me to finish a major project of mine: Protect the data on my phone, even in the case of a theft, while maintaining the ability to use the device conveniently. The goal. I want a strong disk encryption password, but i want a weak screen password or PIN, because unlocking the device is a frequent task. In such a scenario, it makes sense to implement an account lockout policy: In other words, we want the phone to shut down after, say, 3 failed attempts to unlock the screen. This prevents the screen password from being brute forced. Your device needs to be rooted to do everything I did. You will also need the Android studio if you want to do this properly, and it's a large download, you might as well start now. Click here if you're still interested.

## Which FalseCrypt is the true Crypt?

TrueCrypt is pretty dead. We need some options here, and as far as I can see, there are only two three: * CipherShed. Currently a vanilla fork of TrueCrypt. * VeraCrypt. A fork of TrueCrypt with some fixes and improvements. * Keep using TrueCrypt. Neither of the two alternatives has had an official source code audit or anything. They are both open source. I will give a quick summary of the facts on both forks, concluding that I have no clue and will probably flip a coin roll a D3. Whether these facts are pro or con is up to your discretion.

### CipherShed Facts

• They are on github.
• They seem dedicated. Meaning, the information on their homepage sounds like they thought this through.
• Not much has happened yet, they only forked TrueCrypt.
• There is only a pre-alpha version available, which I won't touch.
• They do not have any licensing information at all.
• Longterm Plans are a bit fuzzy, according to their wiki they want to
• Secure the code through audits, simplification, and a secure architecture.
• Migrate towards a OSI-approved licensed codebase
• Work closely with existing efforts such as OpenCryptoAuditProject, LUKS, GELI, and tc-play.

### VeraCrypt Facts

• According to the author in this thread, VeraCrypt was first published on June 22nd 2013, so it has already aged a bit.
• In fixing some of the security flaws in TC, they break backwards-compatibility. There is a conversion tool available.
• They are on CodePlex and the software is under Microsoft Public License.