I'd recommennd LibreCrypt.
It has an Open Source license; works on both Linux and Windows; and uses the standard Linux LUKS architecture; which has been more vetted by third party security researchers than pretty any other full-disk encryption alternative (including bitlocker).
> which has many 'eyeballs' on it since its's open source
4 contributers, 3 of which have 2 or less commits and 60 tickets with only 19 closed is hardly "many eyeballs". Also no updates in 6 months and a ticket open asking where the maintainer has gone
Too late for this time --- but moving forward, if you use Full Disk Encryption just change your passphrase to something huge and random. I like LUKS for Linux and LibreCrypt (which is a port of LUKS to Windows) for Windows.
But don't trust the full-disk-encryption built into the hard drives --- those are known to have so many serious weaknesses that they're probably intentional back-doors.
>>> Overall we analyzed 6 different hardware models spread and well-distributed in the global market. We show the security concept intended from WD and present vulnerabilities on different hardware models. These findings range from easy eDEK leakage s to perform off-line password brute-force to complete backdoors and plain KEK storage, resulting in complete security bypass. ... We were able to extract the bridge’s firmware and eDEK in every hardware model with ease by software and/or chip-off ... The preinstalled VCD software that runs on hosts was found to generate weak key material .... The RNG generator of the JMS538S has been shown to be predictable, as it returns 255 different bytes in a specific order ... Further analysis showed that the factory set DEK on JMS538S d evices are attacked with a simple table lookup attack ... The weakest hardware model in terms of security is the INIC-3608 bridge. The chip does not support hardware accelerated AES encryption, and it’s main purpose is the bridging and user authentication. The authentication is done by a simple memory compare matching with a stored plain KEK ... We were also able to bypass the ATA password set by the USB bridge with commercial tools, allowing data-access.
TL/DR: Next time use F/OSS software-based full-disk encryption
You can use LUKS/dm-crypt with NTFS or FAT32 on top and mount it under Windows with LibreCrypt
As for your second question:
Try if the Windows built from the official repository is portable, otherwise: No
> despite the PR campaign to smear it,
The whole community around truecrypt always seemed a bit odd, though -- with their not-quite-open-source license, no open standard disk formats with third party applications, and not a lot of transparency regarding who was working on it.
I much prefer the approach taken by the LibreCrypt project.
It's Open Soruce, and works on Windows, but uses the standard Linux LUKS architecture; which has been more vetted by third party security researchers than pretty any other full-disk encryption alternative (including bitlocker).
TL/DR: check out LibreCrypt for a project taking a better (more transparent) approach
Disclosure: I am the maintainer of https://github.com/t-d-k/LibreCrypt
What Natanael_L says is correct, it's an encoding issue. In fact, you can use non-ascii characters in the password, and the container will open fine on a PC with the same default encoding.
At some point it will change to use pure UTF-8 internally, but that will be non-backwards compatible, so for now it's safer to only use ASCII.
if you are serious about it being 'invisible' you should use a encryption system with 'deniable' encryption.
Truecrypt/Veracrypt supports a single 'hidden volume' which in theory cannot be detected without the password, and LibreCrypt supports multiple ones.
It is also possible to hide a disk in Explorer using a hack.
You can with the doxbox.sh script included with LibreCrypt. This automatically calculates an offset and uses it for a 'plain' dm-crypt volume, hidden inside a LUKS or dm-crypt volume. LUKS volumes themselves can't be hidden because it has a distinctive header.
If you prepare the external drive as a LUKS encrypted partition, you can access those partitions from Windows using LibreCrypt which is open source. VeraCrypt also supports reading LUKS partitions.
old question & solution here
​
~~Isn't the encryption just LUKS?~~
~~I dont have a card on hand to try but afaik that is what is used so you should be able to pop it into a cardreader and copy it to your new card.~~
If you don't have access to a linux machine i guess it gets a little more complicated tho. On windows i have good experiences with LibreCrypt(https://github.com/t-d-k/LibreCrypt)
No clue on mac .. You could run a linux VM on either if you're desperate ..
My understanding is not full on the topic, but Truecrypt offers this functionality, and there's also LUKS, which some Linux distros offer you out of the box upon install, and I also just found LibreCrypt, which seems to be relevant to the topic.
Whilst natively supported in most linux distros, a companion app in windows would be required such as FreeOTFE or DoxBox from librecrypt, I suggest doxbox because FreeOTFE is abandonware and host by sourceforge (eugh!) DoxBox: https://github.com/t-d-k/LibreCrypt
Don't use TrueCrypt. It's defunct and no longer safe. http://truecrypt.sourceforge.net/
VeraCrypt is good: https://veracrypt.codeplex.com/
There's also LibreCrypt: https://github.com/t-d-k/LibreCrypt