Those of you who follow my blog will have seen my previous post detailing my reasons for phasing Truecrypt out when it comes to protecting my personal data and why I recommend you do the same.

There are a range of free and open source tools out there to help keep your information safe from prying eyes.

In the first instance it will be important to consider your threat model and what kind of information you want to keep safe. The alternatives I discuss here are mainly for information you want to protect within your home or business e.g financial records so aren’t particularly suitable for sending information across the internet. If you want to be able to communicate securely with other people my best advice is to use Torchat which I will touch on in another post.


LUKS (Linux Unified Key Setup) allows you to create encrypted containers for files as well as encrypting entire USB sticks with a password via a program called Disk Utility. Once you have set the password, the system will simply prompt you for it each time you plug it back in.

There is an excellent step by step guide on how do this in TAILS (a “live” operating system which I strongly recommend to keep your data private) and newcomers to Linux will be reassured that there’s no need to use the command line, making this option ideal.

This also makes up for the inconvenience of using a “Live” system like TAILS as usually any data in the system would be lost when you shut down the computer – this way you can safely save any files or links to the stick to preserve data between sessions.

N.B When you use Disk Utility to encrypt a stick in this way, in TAILS at least the default options are AES-XTS-Plain 256 Bit. If you don’t know what this means then I would suggest sticking with these default options. If you do know what this means and/or would like another layer of security, I would suggest reading my post on using LUKS to create encrypted containers using the program ‘cryptsetup’ which allows you to choose different ciphers and key lengths.  For further reading please see the Cryptsetup FAQ

LUKS can also be used to encrypt your entire Hard Drive on a Linux Machine. Although this can be done manually, the installation DVDs for both Ubuntu and Linux Mint (arguably the most user friendly flavours of Linux for beginners), allow you to choose to encrypt your hard drive with a password during setup.


While gpg is mainly known for allowing people to send each other e-mails safely it also can be used to encrypt files. This can be done from the command line but for novices I’d recommend reading the excellent guide for my favourite program GPG4USB which will allow you to encrypt and decrypt files with a few clicks of your mouse. (A step by step guide is available from the good people at Security in a Box here.) GPG4USB will run on both Windows and Linux, in case any of you are still hanging on to Windows.


Another favourite program of mine. Although as stated in my previous posts, I am suspicious of Truecrypt itself and have stopped using it, tcplay is capable of creating and accessing Truecrypt containers using a stripped down version of Truecrypt’s Source code (full details here).

Unlike Truecrypt we do know the name of the developer, a lovely man named Alex Hornung, and also unlike Truecrypt, his software tcplay is free for anyone to use as they see fit.

Unfortunately the manual for tcplay is a bit thin on the ground and even contains some errors. Fortunately for you all old Machello has done some tweaking and has written a post on how to use tcplay instead of Truecrypt.