Jump to content
  • 0

TrueCrypt and DrivePool


GiuseppeChillemi

Question

18 answers to this question

Recommended Posts

  • 0

No, we haven't added support for TrueCrypt yet.

Unfortunately, its not exactly on our high priority list (especially with the "official" discontinuation of development for it). 

 

 

ANd right now, Alex is very busy trying to get StableBit CloudDrive out. Once that is finished, we'll take a look at this (and a number of other feature requests) and see about implementing them.

Link to comment
Share on other sites

  • 0

The problem is the way that TrueCrypt works. 

 

Specifically, instead of using the Virtual Disk service, it creates "containers" for the OS and mounts those directly. That means that it bypasses a LARGE part of the Windows API, which we depend on.  Adding support means that we have to change a significant part of our code to accommodate for how TrueCrypt works.

 

However, because BitLocker is a Microsoft technology, it uses all of the built in API correctly. That means it is significantly easier to support BitLocker than TrueCrypt. And is why we recommend it over TrueCrypt (especially with TrueCrypts apparent demise/discontinuation).

Link to comment
Share on other sites

  • 0

It depends on how they work. 

 

VeraCrypt states that it's based on TrueCrypt, and appears to be a direct REBRAND of TrueCrypt.

DiskCryptor is very much different from TrueCrypt and does seem to work with Drivepool. However, because of how the drives mount, it looks like you'll have to manually mount them EVERY boot, and restart the StableBit DrivePool service. (currrently)

Link to comment
Share on other sites

  • 0

We recommend BitLocker, actually. It's baked into windows, and works seamlessly with the system. Additionally, the "Automatical unlock" option works very well with the pool.

 

 

However, a lot of people do not trust BitLocker.

And TrueCrypt, it's forks and a few other encryption solutions bypass the VDS system altogether. Since that is a big part of DrivePool... they don't work. And would require a nearly complete rewrite of the code JUST to support these products. 

 

I'm not trying to start a debate, but just stating this and explaining why we don't support them.

Link to comment
Share on other sites

  • 0

Hi,

 neither I will start a debate on this. My paranoic mind thinks too that bitlocker has a weakened encription.

 I will change my question: are you aware of an open source encription tool that respect Windows APIs and it could be as traspearent as bitlocker ?

 

 Giuseppe Chillemi

To be honest, I haven't really looked. 

I use BitLocker on my blue iris (IP Camera) server, mostly in case somebody steals it.

 

 

As for something as transparent as BitLocker, I'm not sure. The best one I've see is "Disk Cryptor", and that's not seamless.

Link to comment
Share on other sites

  • 0

So, we have only bitlocker or mounting a single encrypted drive as drive after Drive Pool has stared...

 

Hope Disk Cryptor could be more supported. People is really paranoid those times, even for simple personal data/media, and there is an high request for encryption and software which support encryption.

 

Giuseppe Chillemi

Link to comment
Share on other sites

  • 0

So if i want to encrypt lets say 5TB of data on a single HDD that is part of the pool and i want to use VeraCrypt or Truecrypt, i will create fully encryted drive or a container, mount it and then DrivePool will from now on understand it as a standard drive that can be connected to the DrivePool.

- when there is sudden disconnect of such a mounted encrypted drive that is part of the pool, i will then again mount the encrypted drive/container manually using veracrypt, it will possibly fix ntfs filesystem (if it detect issues) and DrivePool will safely detect drive again and join it to the pool? (most probably no breaken filesystem of the pool)

- what about Windows 10 computer suspension and awake? this will not break anyhow connection of the mounted encrypted drive with DrivePool?
Currently VeraCrypt works good in this regard on my Windows 10 PC, unsuspension keep the drive mounted. I am trying to ask if i can face any such significant annoyances or issues that can hurt data safety?

Link to comment
Share on other sites

  • 0
On 3/16/2019 at 8:39 AM, postcd said:

So if i want to encrypt lets say 5TB of data on a single HDD that is part of the pool and i want to use VeraCrypt or Truecrypt, i will create fully encryted drive or a container, mount it and then DrivePool will from now on understand it as a standard drive that can be connected to the DrivePool.

Nope. This will not work.  TrueCrypt and it's forks bypass the normal disk system, so the drive doesn't show up to StableBit DrivePool.  Because of this, the disk CANNOT be added to the pool. Period.  

Tools like DiskCryptor work because they use a file system filter to encrypt/decrypt the data as it's being written/read from the drive.  So, it works with StableBit DrivePool. 

Link to comment
Share on other sites

  • 0
On 1/26/2015 at 10:12 AM, GiuseppeChillemi said:

Hope Disk Cryptor could be more supported.

Does the DP have any problem with Disk Cryptor? Your saying gives tha timpression to me..

On 4/3/2019 at 12:45 AM, Christopher (Drashna) said:

Nope. This will not work.

So it is not possible to encrypt DP pool data using Tru€crypt/V€racrypt? You recommend Bitlocker (or if unwilling, then DiskCryptor), but i will not use Bitlocker (My computer does not have hardware support for the bitlocker and when i was researching i got an impression i give up on bitlocker. Moreover i do not fully trust it).

So what is the best way to encrypt all the data that i save on the pool?

This?:

Create encrypted drives one by one (using DiskCryptor) and then one by one decrypt & mount, then DP will detect them as the part of the pool?

Link to comment
Share on other sites

  • 0
On 4/14/2019 at 8:38 AM, postcd said:

Does the DP have any problem with Disk Cryptor? Your saying gives that impression to me..

No, it shouldn't.  It uses a file system filter to encrypt and decrypt the data, so it should be invisible to StableBit DrivePool.  We've had a few people use it, in the past. 

On 4/14/2019 at 8:38 AM, postcd said:

 So it is not possible to encrypt DP pool data using Tru€crypt/V€racrypt? You recommend Bitlocker (or if unwilling, then DiskCryptor), but i will not use Bitlocker (My computer does not have hardware support for the bitlocker and when i was researching i got an impression i give up on bitlocker. Moreover i do not fully trust it).

Nope.  TrueCrypt and it's forks bypass the normal disk system, so  StableBit DrivePool doesn't see the drives. Period. 

As for BitLocker, you don't need hardware support for it.  However, it does make it a bit more of a PITA to use without a TPM module. 
https://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/
But there is a good 

As for not trusting it, is there a specific reason for it? 

 

That said, I personally use BitLocker on my desktop system.  But if you don't want to use it, then I would recommend DiskCryptor then.  It's free, and open source, as well. 

Link to comment
Share on other sites

  • 0

Sorry for reviving this 2019 thread...

I just looked for a substitute of the not good working windows 10 dynamic soft raid / mirroring and found drivepool as interesting and flexible option including maybe later cloud as maybe second mirror.

But, non-bitlocker encryption is essentiell for me, too (and I would favour veracrypt, too). 

As I understand there is no good way (beside bitlocker) of getting full encrypted drives to drivepool. (Maybe Disccryptor, but not 100%..)

Would another approach be possible?

Could I go with drivepool to make mirroring of data (to protect for hardware failure) and host on that pools unecrypted non-sensitive data and also a few (bigger) veracrypt-file-containers? So for example two big hard drives build one big data pool D:. On this a lot of unecrypted normal stuff and lets say 2 big (4 TB each?) veracrypt-file-conatiner (that would be two big 4TB-files). This two encrypted file containers should be mounted with veracrypt on need as e.g. drive E:/F: with veracrypt. 

-> Would that work???

Link to comment
Share on other sites

  • 0

Yes, I guess it should work. Keep in mind, that DrivePool cannot split single files into chunks, so your physical drives that make up the pool must be large enough to host those 4 TB files (DrivePool works on file level, not on sector level!). But if you have for example two 10 TB drives, I guess it should work well.

The performance characteristics will differ from RAID or dynamic discs, storage spaces and whatever, but if in doubt, maybe just give it a try. DrivePool doesn't need formatted drives, any existing partitions will do fine and creating a pool on them will not harm the existing data.

For completeness, I can maybe add that there is even another possibility to have encrypted data stored on a DrivePool for redundancy:
Instead of VeraCrypt, you *could* also use StableBit CloudDrive to create a "Local Disk" cloud drive inside your pool, which will act as if your local DrivePool drive was a cloud provider. As CloudDrive (as opposed to DrivePool) creates an encrypted virtual drive that is based on chunk files, you will have both Encryption (CloudDrive) and Redundancy (underlying DrivePool) in a nicely clean virtual NTFS drive with just software from the StableBit bundle. But honestly, I'm using that solution because I thought it was clever (it is more friendly to file-based backup than having 4 TB files), but - despite it works conceptually well - perceived performance is unfortunately an order of magnitude slower than just using a VeryCrypt container. I'm hoping for some optimization by the devs there... but I guess, as CloudDrive was made for, well: the cloud, it will never be as fast.

Link to comment
Share on other sites

  • 0
On 1/21/2022 at 6:54 AM, 42Andreas said:

As I understand there is no good way (beside bitlocker) of getting full encrypted drives to drivepool. (Maybe Disccryptor, but not 100%..)

DiskCryptor should work for this, yes.

Also, StableBit CloudDrive's local disk provider would also work for this.

Link to comment
Share on other sites

  • 0
On 1/31/2022 at 8:31 PM, Christopher (Drashna) said:

Also, StableBit CloudDrive's local disk provider would also work for this.

Might be OT but what's the performance hit of CD on local disks for unencrypted and encrypted CD? I'm using this to create "virtual disks" off my large drivepool and it seems to be crawling the system. It would have been better if I could add the same drive to multiple Drivepools.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...