Jump to content

Drive encryption (asking for a good friend)

Recommended Posts

5 hours ago, DuckToller said:

I am a total noob when it comes to encryption.
Are you guys using drive encryption for your Backup, NAS and PC and
which effect does it have on streaming from live machines?
Is there any particular software that does it better than others ?


Yes, all my drives are encrypted.


And as long as software uses the hardware implementation built into modern CPUs, it is super fast.


Signalyst - Developer of HQPlayer

Pulse & Fidelity - Software Defined Amplifiers

Link to comment
2 hours ago, DuckToller said:

Are there any known problems in interoperability between Linux and Windows operated systems regarding the encryption layer?


Well, if you use the software layer like BitLocker on Windows, FileVault on macOS or LUKS on Linux, these are not compatible at all but completely OS specific solutions. Although there may be software available for Windows/macOS to read LUKS encrypted containers.


However, most new SSD drives and some new HDDs have built-in hardware encryption. In these cases, the password is asked by the BIOS before the OS starts booting. These are then completely transparent to the OS itself which doesn't even know about the encryption then. Many times these hardware solutions are not completely secure though, it has been possible to extract the encryption key from the hardware.


2 hours ago, DuckToller said:

If I undestand correctly the encrypted state does exist usually before as system is started (it should then decrypt the hardware for the live system use and encrypt it when shutting down) and file access to a live system via SAMBA or NFS does not encounter problems?


Yes, once the system is up and running it is transparent layer and doesn't affect SMB/NFS use or such. NFS doesn't support encryption on the network traffic, while SMB does (IIRC starting from v3 or so).


2 hours ago, DuckToller said:

I would assume that using HQP with on/with encrypted machines/drives would not add more demand for processing power ?


If you do software encryption by the OS, it does add some more processing power demand, but it is so little amount that it is not really notable since the amount of storage I/O done during playback is not high bandwidth. Since the encryption is handled by the operating system kernel using AES-NI instructions.


2 hours ago, DuckToller said:

Which is the best practise for ensuring the safety (storing) for password / passphrase / keyfiles ?


You can have a recovery key stored in some safe place, either on paper or storage media.


For passwords and PIN codes I can really recommend using a good and secure password manager such as F-Secure ID Protection.


Signalyst - Developer of HQPlayer

Pulse & Fidelity - Software Defined Amplifiers

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...