Quote from: alonetraveler on October 09, 2012, 04:21 amQuote from: AliBabba on October 09, 2012, 04:09 amQ: Would a program like TrueCrypt, or any other disc encryption software, keep your data safe and out of the wrong hands? Apologies if this is a dumb question... I'm old, dammit.The most legitimately secure disk encryption software we come across is TrueCrypt. Some major commercial encryption software or devices have been decrypted by us once the federal government gets involved. I can't say what specific commercial brands or products without compromising my identity, but you can trust TrueCrypt. The Feds tried cracking Sebastien Boucher's PGPDisk encrypted volume for about 2 years, without success. That said, I would still prefer TrueCrypt. Quote from: alonetraveler on October 09, 2012, 04:21 amAs for keeping it safe, it depends on how secure your encryption password key is. General rule is more than 16 characters (alpha-numeric with some symbols sprinkled in) will keep it safe. Anything else beyond that is almost pointless padding unless you have great memory. I disagree. The FSB instructed their agents to use 26 characters; 16 characters mixed-case + numerics give you about 95 bits of entropy... throw in a few more for using symbols, let's give it 100, say. I'd go with 9 or 10 Diceware words -- 10 will yield 129 bits of entropy, and they're not that hard to memorize. Given that the words are chosen using a random physical process (dice) the only possible attack is brute force -- with a sufficiently long passphrase, good luck with that. Quote from: alonetraveler on October 09, 2012, 04:21 amTrueCrypt covers this extensively but you'll also want plausible deniability, so learn to keep your sensitive data trim. I say this because it's very obvious to find an encrypted volume if we see large blocks of random data. We can tell the difference from day to day data randomly placed on the drive to actual randomized/encrypted data. There are also several algorithms available to us to determine if an encrypted volume exists on the hard drive once we seize it. From that point on it's a matter from building dictionary lists from the seized drive and brute-forcing the volume or from leaning heavily on you for it.If you've used Diceware, a dictionary list is useless. The procedure you're describing is the same one employed by the U.S. Secret Service, i.e. using Access Data's Distributed Network Attack (DNA). A 9 or 10 word Diceware passphrase makes that all superfluous, from a technical point of view. Your only option then is to sweat it out of the suspect, and if they're smart they'll listen to their lawyer and keep their mouth shut.