Can I play games and listen to music from an encrypted hard drive (encrypted with Veracrypt)?

[Eddie58]

With SSD's spreading hte data over multiple chips it'd be like removing drives from a RAID array - the odds of recovering that data intact are very very slim if it's been continued to be used after the data was deleted

Slim but not impossible. If the data you're encrypting is sensitive then it should never be temporarily stored unencrypted on an SSD.

If the government REALLY wants something, they've got infinite money to throw at the problem

Infinite money can't magically break encryption.

There is a much more simple thing around here... court order to comply.

VeraCrypt has hidden volumes for plausible deniability. You could hand over a decoy password if ordered under duress which would decrypt another volume with unimportant files, and there's no way to prove the existence of a hidden volume.

 

[lexluthermiester]

I do not need to touch my sensitive data often. Games and audio files are a weird thing to encrypt in the first place imho as it is a legal copy of your owned item from a cloud, that has the same in millions copies.

You might be missing the point. It not about what is being encrypted, it's about data security as a whole.

If your veracrypted drive dies you are on your own and all data is lost. So what we need? Sensitive data without backup?

Backups are important regardless of data encryption. A user who fails to make backups will be just a screwed with an unencrypted drive as they would be with an encrypted drive. So your point really isn't one.

 

[Mussels]

Infinite money can't magically break encryption.

money means faster hardware and time to spend on the issue
If you throw a supercomputer cluster at it, it's gunna be faster than guessing with a keyboard


Using my example of your bitcoin wallet key and password above, you'd want a local copy, an encrypted online copy, and then an offsite local copy
That way it can never be lost, and should never be found and used against you either - the larger the file sizes the harder this gets, which is where it gets silly to encrypt unimportant things (games, videos, etc)


You can get a text document, throw it in a folder a bunch of gifs of dancing cat gifs, 7zip it, rar that, rename it to homework.docx and then upload that in a passworded zip file and no ones going to figure it out in any hurry - you'd need to be specifically targeted, they'd need to know where to look, and what to look for to get it

A single drive with all contents encrypted behind one password, is entry level security - and risks all other data on the drive potentially for no reason

 

[Eddie58]

money means faster hardware and time to spend on the issue
If you throw a supercomputer cluster at it, it's gunna be faster than guessing with a keyboard

A supercomputer might be able to reduce the amount of time to brute force my password from 3 hundred sexdecillion years to 1 hundred quindecillion years, but I hardly think that will matter in my lifetime.

Using my example of your bitcoin wallet key and password above, you'd want a local copy, an encrypted online copy, and then an offsite local copy
That way it can never be lost, and should never be found and used against you either - the larger the file sizes the harder this gets, which is where it gets silly to encrypt unimportant things (games, videos, etc)

If you had a Bitcoin wallet you'd be making a serious error if you had an encrypted online copy. Ideally you would want to use a hardware wallet like Ledger and the seed should never under any circumstances be entered into a normal PC. Also, if you encrypted your entire drive with VeraCrypt there's nothing to stop you from using 7z or a VeraCrypt file container to backup a small number of files online, so your point about larger file sizes doesn't make any sense.

 

[Eddie58]

I'd like to offer a differing perspective: is there any reason to use Bitlocker/Veracrypt at all? Are you storing sensitive information on your secondary drive in a device that could potentially be physically accessed by a malicious party (eg: a laptop)? If you're worrying about surveillance by law enforcement/intelligence, are you a big enough "target" to even warrant their attention?

If you're asking about doing this with the reason being "I want to", that's perfectly fine. But if it's because of the above reasons you might want to sit down and work out your attack surface area and if it's worth the additional complexity (and potential breakage followed by stress) to your current way of working.

To give an example: I have a laptop I cart around with me at all times, which contains my personal data, that has Bitlocker enabled. But on my gaming rig at home, which has the same data? It's a gigantic, overly heavy computer tower, in a room which is spitting distance away from my bedroom, with difficult to remove drives, in an apartment which is inside a gated complex. The chances of someone getting access to it and exfiltrating anything on it (with or without my knowledge) are slim to none. The chances of anyone even bothering to try ARE none. So I don't worry about Bitlocker.

(I ask these questions because I went through a period of intense paranoia a few years ago which led to a lot of precautions including the above. A friend asked me the same questions and helped me shift my perspective. I am a lot calmer person now!)

Found a perfect example of why a non paranoid person like yourself should be using encryption. Someone with an expensive new SSD can't RMA their drive because it's locked in read only mode and it has personal information on.

https://www.reddit.com/r/hardware/comments/10spvxg/_/j756jy6

 

[R-T-B]

If the government REALLY wants something, they've got infinite money to throw at the problem

It isn't even money anymore. If they really want your info, a nice threat of jail or physical harm of some sort tends to make passwords materialize.

and there's no way to prove the existence of a hidden volume.

There used to be, but that hole was patched.

 

[lexluthermiester]

If they really want your info, a nice threat of jail or physical harm of some sort tends to make passwords materialize.

Only for morons who don't know their rights, think law enforcement can't lie to them and don't know when to shut up.

Say it with me folks: NEVER, EVER, talk to law enforcement! Tell them you want an attorney and then shut your hole. Otherwise they will try to put you in one. It's their job. They're not your friend.

There used to be, but that hole was patched.

That was a decade or more ago during the Truecrypt haydays..

 

[trparky]

It isn't even money anymore. If they really want your info, a nice threat of jail or physical harm of some sort tends to make passwords materialize.

Obligatory XKCD...

538: Security - explain xkcd

 

[R-T-B]

Only for morons who don't know their rights, think law enforcement can't lie to them and don't know when to shut up.

Not everyone lives in the first world.

 

[lexluthermiester]

Not everyone lives in the first world.

Right, but most most people who are going to use encryption do.

 

[R-T-B]

Right, but most most people who are going to use encryption do.

I would not bet on that, honestly.

 

[lexluthermiester]

I would not bet on that, honestly.

I would. I've been in the "third world", very few people have PC's and even fewer encrypt. Trust me on that.

 

[claes]

Wouldn’t even have to go to the third world, I know all sorts of people doing illegal things that rely on sms etc. Not that there aren’t people who are more thoughtful everywhere, just saying