I am aware of TrueCrypt and I will take the time to check it out. The main reason I am using goSecure is is that it makes it very easy to encrypt individual files and folders... there is no fussing around with encrypted volumes and the like. Setting up TrueCrypt may be somewhat daunting for the average computer user. You are correct to call it an "adventure."
For my needs 256-bit AES is plenty of protection. This is from the TrueCrypt documentation:
"In June 2003, after the NSA (US National Security Agency) conducted a review and analysis of AES, the U.S. CNSS (Committee on National Security Systems) announced in [1] that the design and strength of AES-256 (and AES-192) are sufficient to protect classified information up to the Top Secret level."
And this is from the
Wikipedia entry on password strength:
"Bit Strength Threshold
Some basic benchmarks have been established for password bit-strength to protect against certain types of password cracking. In 1999, an Electronic Frontier Foundation project broke 56-bit DES encryption in less than a day using specially designed hardware.[5] In 2002, distributed.net cracked a 64-bit key in 4 years, 9 months, and 23 days.[6]
Currently, distributed.net estimates that cracking a 72-bit key using current hardware will take about 403,784.9 days or 1,105.5 years.[7] No currently expected increase in computer power will be sufficient to break 128-bit or 256-bit encryption using random keys via a brute-force attack.
Due to currently known limitations in physics, there is no expectation that any digital computer (or combination) on Earth will be capable of breaking 128-bit or 256-bit encryption via brute-force.[8][citation needed] Whether or not quantum computers will be able to do so in practice is still unknown, though theoretical analysis suggests such possibilities.
As a result, there can be no exact answer for the password strength required to resist brute force attack in practice. NIST recommends 80-bits for the most secure passwords, which can nearly be achieved with a 95-character character set (e.g., original ASCII) with a 12-character random password (12 x 6.5 bits = 78).[4]"
The weak link is usually the password used to protect the data... My standard password may be only twelve characters (some experts recommend longer passwords, but a long password isn't very practical if the only way to remember it is by writing it down...) but it contains upper and lower-case letters, numbers and punctuation marks. It is short enough that I can easily remember it
And considering that it is safe to assume that the vast majority of computer users do not encrypt their sensitive data files, anything that makes it easier for folks to do so, even if it costs a little money, is worth considering. For example, I have goSecure as an "Open with..."option in my Finder contextual menus via FruitMenu. Encrypting a file/folder is as simple as selecting it, navigating to the "Open with..." contextual menu item, inputing the password twice and clicking "OK."
Most of us are protecting data from common thieves and the like who have neither access to a super computer nor the inclination to attempt to crack an encrypted file, so
any level of encryption is going to be better than none.
