TrueCrypt & SyncToy & Mozy - Almost a Great Idea

calendar Posted on April 4, 2007   comments 5 Comments

Recently, the Security Now podcast took a question about security and online backups. Steve Gibson had some thoughts:

[...] TrueCrypt would be a perfect solution. You configure TrueCrypt in that mode where it uses a file as its container, and then you mount that as a drive. You see a drive from your perspective. On the outside, the operating system just sees a file. That one file is then what you keep synchronized with your offsite backup facility. Anytime something happened, you would be able to get that file back and apply your TrueCrypt passwords in order to decrypt it. Only you in the world would be able to make any sense of that file. And it’s just a cool solution because basically you see a drive letter. Everything that you’re storing there is encrypted in that container, always stored, as we know the way TrueCrypt operates, always stored in an encrypted fashion, never in the clear.

I thought this was a rather clever idea and vowed to write a tutorial to make this easy for folks. After all, a lot of folks are quite nervous about backing stuff up to a 3rd party.

We just need just 3 components:

  1. TrueCrypt: I first wrote about this over a year ago and have been using it ever since. As Steve mentions above, it is a free disk encryption package that can make an encrypted file look like a drive. Very easy to work with, very slick.
  2. SyncToy: Microsoft’s free file synchronization powertoy. I wrote an article on how to make a nightly mirror of My Documents last fall. That article is currently number 2 in the “most viewed posts” list and would fit very nicely into this tutorial.
  3. Mozy: (referral link) This is the online service I first discovered last August and have been using since (initial article). It’s easy to use and very low-key. And speaking of key’s, you can specify your own key for your data encryption.

However… TrueCrypt is almost too clever and as a result, I don’t think this will work. I see two primary obstacles.

  1. You have to pre-determine your TrueCrypt container size. And that’s how big the file will be from day 1, regardless of contents. Mine is a 2GB container, currently holding about 800MB. The actual tc file is 2GB. That would have to be backed up.
    1. There is the option of creating a “dynamic” volume, if you get past the performance warnings. Although it is dynamic, it reports the size as the maximum size. I didn’t go this route due to the performance warning, but it might be worth looking into.
  2. TrueCrypt container files don’t get the timestamp updated when contents change. From a security perspective, that seems wonderful. But if you’re backup software looks at timestamps to determine what’s changed… well, there may be a problem.

Now, I don’t actually know what Mozy uses to determine if a file has changed, but I’d think it starts by looking at a time_stamp or archive flag. But at first glance, this looks like a deal-breaker. And I’m out of time, need to get to work.

So alas, no nifty how-to this morning, but perhaps there’s a clever idea germinating in there.

tags Tags: , , , , , ,

Related Posts Possibly Related Posts

Comments

5 Responses to “TrueCrypt & SyncToy & Mozy - Almost a Great Idea”

  1. Rich G. on April 4th, 2007 10:12 am

    I haven’t used Mozy for some reason. I think I just keep using box.net as my backup but do it by hand along with USB drives, but mozy… can it be scheduled to back-up on a schedule? then time stamp wouldn’t matter, just back up at 2am regardless of whether or not anything changed.

  2. Chris on April 4th, 2007 10:18 am

    It runs on a schedule and only saves the modified files (I don’t want to have it uploading 800+ MB every night!). In fact, I’m not sure there’s an option to do a complete backup each time.

    I like the “hands-off” approach. It’s set so that every time it sees me idle for more than 3 hours, it does a quick backup of the changes.

  3. Rich G. on April 4th, 2007 10:33 am

    No reason it can’t upload 800Meg a night… this is the 21st and a half century, bandwidth isn’t an issue. I realized as soon as I got to the site again (Mozy) why I don’t use it… it’s gotta sit in my task bar, ugh. I can’t waste cycles like that. I’ll stick with USB and box.net.

  4. Chris on April 4th, 2007 10:38 am

    /nod. Valid enough.

    I’ll stick with not having to worry about forgetting to remember. :-)

  5. S Semke on November 1st, 2007 3:01 pm

    You can configure TrueCrypt to update timestamps on file containers via settings/preferences.

Leave a Reply




Have you read the Comments section on the Disclaimer page?

About

Wandering the Internet, looking at all things bright and shiny. Playing with many, writing about some. More …

Recent Posts

Recent Comments: