Well, as it is fitting, I’ve spent dinner eating and playing with TrueCrypt 5… coding theory can wait a few minutes longer =) So here’s my first 30 minutes with TC for Mac¹

There are 4 flavours of TC, one for every ‘modern’ combination of OS/Arch available (i.e. I have Tiger/PPC, the lower end of the spectrum). Comes in a standard DMG with an Installer package inside. If during install it says that it will perform an upgrade, it’s because you have MacFUSE already installed - this also hints that TC uses fuse for the file system mount. Click, done, start the app.

The interface looks Mac-like enough on my machine², though it is very similar to the Windows version I saw a while back, so maybe they are not quite following Apple’s Guidelines. Simple dialogs, wizards for the basic things you need (like creating volumes) and pretty intuitive as to what it does, overall. Which is a good thing, considering that encryption is a hard-sounding thing to do, and TC aims at simplifying it. I created a 128MB test volume using all the encryption methods (AES-Twofish-Serpent) and a keyfile and it took about 2 minutes on my iBook 1.33GHz 1.5GB RAM, running on the battery. So larger volumes on better machines shouldn’t take too long to create.

Once your TC volume is created, you can mount it. TC is smart enough not to ask you for anything more than a password, even though a keyfile might be needed and you need to check that option yourself. If you do use a keyfile, make sure you don’t alter it (such as changing mp3 tags for an mp3 keyfile or a space in a text document) or your data will be go-o-gone. So, select the file that represents your encrypted volume, a slot in the mount list of the main window and click Mount.

Once you mount it, it’s like any other volume on your Mac, so drag files, work on them etc. Disk access speeds look about normal to me, although I haven’t tried any really big files to see how they are handled. Everything is encrypted on-the-fly, and that’s why I’ve been so eager to get TC on the Mac. You don’t need to remember to do anything before you unmount and that is awesome. On the other hand, pulling out the USB stick on which your encrypted volume is stored without proper unmount operations will most likely result, again, in your data being go-o… you get it. There are no backdoors³ so if you lose your password or your keyfile or you screw up your keyfile or you jumble your encrypted volume - no way to get it back. You have been warned.

My laptop went into sleep while I was writing this. The encrypted volume had been ejected, however the main TC UI does not show it as such⁴. I remounted it and everything looks fine, so this is a pretty good security measure I think.

All in all, I’ll be using TC quite a bit I think. I was also looking forward to hidden volume support, but this seems to be a feature for the future for both Linux and Mac versions. Still, a superior and finally cross-platform⁵ offering for the security-conscious out there.

The dirty technical details are available on the TrueCrypt website. I have omitted many of those interesting aspects in this quick review, but if you want to know why I’m excited for hidden volumes, want to know why plausible deniability is, or why I think the volume generation is relatively fast, head over to their site.

1. I’m focused on the Mac version because the others have been around for some time now [↩]
2. Which has applied the Uno UI modification [↩]
3. This is an open-source project, so if you don’t believe me, go find one yourself [↩]
4. Same happens if you manually eject [↩]
5. I fear BSD does not have an official port, though, but at least the other 3 major operating systems now do [↩]