Points I found very powerful in the TrueCrypt Project
are the Disk/Container encryption and also the Pre-Boot Authentication.
The Former Truecrypt Developer writeed on the previous
TC-Forum that they do not intend to introduce any options to make Pre-Boot
Authentication with SmartCards or Tokens possible.
My question is, if there could be possible to have the
option to chose in the install process or/and by the Configurations process from
a list of Tokens (aladdin etoken for example) or a list of SmartCard Readers
(HID Omnikey for example) for the Pre-Boot Authentication with SmartCard/Token and
If someone has already bayed some Tokens or Smartcard
Reader then the necessary drivers are already available.
This Pre-Boot Authentication option with Smartcards or Tokens would give CipherShed
a Next Level Security on the Fly.
NSA will be where unhappy with this because they will
not just wana get to that data when they will have already get some encrypted hard
disk or some encrypted computer with pre-boot authentication. The y will have
to find also some stupid smartcards or tokens and get the right pins or
passphrases , and this will not be so easy on low profile. For the NSA this
means probably more problems to solve, to pay more money for the effort and to
get more employees . On any country when there are discussions about money then
there are also the question if it worth the effort.
For sure NSA and others like them will not be amused