https://www.kayoubi.moe/Recent content in Homepage on Kayoubi13Hugoen-usTue, 28 Apr 2026 00:00:00 +0000https://www.kayoubi.moe/posts/veracrypt/Tue, 28 Apr 2026 00:00:00 +0000https://www.kayoubi.moe/posts/veracrypt/<p>if you carry sensitive stuff on a flash drive and it&rsquo;s not encrypted, you&rsquo;re one lost USB away from someone reading everything on it. that&rsquo;s not paranoia, that&rsquo;s just how it works.</p> <p><a href="https://veracrypt.fr">VeraCrypt</a> is free, open source, and one of the most widely trusted tools for this. it&rsquo;s been around since TrueCrypt died in 2014. works on Linux, Windows, BSD, macOS.</p> <p>what makes it actually good:</p> <ul> <li><strong>audited</strong> - QuarksLab audited it in 2016, and Fraunhofer/BSI examined parts of it in 2020. issues found were fixed publicly. that&rsquo;s how it should work</li> <li><strong>strong defaults</strong> - AES encryption, high iteration counts that vary by config; newer versions support Argon2id which makes brute force significantly harder</li> <li><strong>hidden volumes</strong> - you can have a decoy volume and a hidden one inside the same container, each unlocked with a different password. hand over the decoy password under pressure, real data stays hidden</li> <li><strong>cross-platform</strong> - your encrypted drive works on any OS that runs VeraCrypt</li> </ul> <p>for a flash drive specifically you create an encrypted container or encrypt the whole partition. mount it, use it like a normal drive, unmount it when done. data at rest is completely unreadable without your password.</p>