Anyways, it got me to wondering this...
If a person wanted the safest of safe end-effect from *software* Full-Disk Encryption (FDE), would that mean that the FDE software should be installed on a "virgin" machine before it was ever used, OR could you have a computer with tons of personal data on it - including residual data that was "deleted" yet not truly erased off the face of the HDD - and still encypt every last bit on the HDD??
(To clarify, this would be for a conventional magnetic HDD, and NOT one of the newer Flash drives.)
My fear is that if I installed something like TrueCrypt on my 4-year-old laptop, that there might be sector or blocks with: Old Cache Files, Data Deleted but not Erased, and so on that might somehow escape being encrypted?! (It seems like *software* FDE encrypts maybe 99% of your HDD, and I am worried about that last 1%...)
Does that make sense?
I am asking this for two reasons...
1.) I hope to buy a new MacBook Pro later this week, and I want to know if I need to set up FDE *before* actually using it to get the best effect?
2.) I have this ancient MacBook that has maybe 400GB of data on it, and I'm curious how effective installing something like TrueCrypt on it would be? (Would doing that so late in the game really protect ALL of my data, or just most of it?!)