Basic Concepts

This chapter gives a quick overview of all the major components of the BestCrypt data encryption system and provides an introduction to a few basic concepts that are used throughout the rest of this guide.

BestCrypt Component Overview

To achieve its goals in providing the best in data protection BestCrypt utilizes three major components:

Let's take a closer look at each of these components.

Control Panel

Control Panel is the main BestCrypt command and control application. Virtually any function supported by BestCrypt is available through its functions and dialogs, which include:

Control Panel provides a wide variety of functions, all of which are fully explained in the BestCrypt Control Panel section.

To launch the Control Panel, find BestCrypt in your Applications and double click.

Minimized View

By default, when you close Control Panel, BestCrypt continues to run in the background with its' main functions available for quick access through the icon in the taskbar:

The pop-up menu that appears upon right-clicking on the BestCrypt taskbar icon incorporates the following controls:

Files integration

BestCrypt provides common container functions directly into your workflow:

Double-clicking on any BestCrypt container file from the Files window will mount this container. The item in Files context menu called Open With BestCrypt Control Panel has the same functionality.

Container File

The main unit all BestCrypt components operate on is called the BestCrypt Container File. True to its name, it represents a file on your system with a specific default .jbc extension and the icon shown below:

This file contains all encrypted data stored on the virtual disk contained within it. Each container file stores at least one main virtual disk and can also store a number of additional hidden disks. You can imagine a container file as a collection of encrypted disk images with all data required to verify passwords and perform all other operations.

Understanding the basics of BestCrypt container file format will allow you to perform advanced operations that bring data protection and reliability to a brand new level. Suffice is to know that BestCrypt container file consists of two main parts:

BestCrypt provides a number of operations that deal with container file's service header specifically including backing up key data and header encryption. These operations are explained in more details in other sections of this guide.

Some versions of the container file format are declared deprecated and can't support newer functionality. Of course, by default only latest format is used when creating new containers.

For help with creating new container files, refer to Create new container

Virtual encrypted disk

Encrypted data stored inside a container file can be mounted with the correct password and accessed from a virtual encrypted disk. This disk emulates an ordinary removable device (like a thumb drive) with the exception that all files written to it will be stored encrypted in the container file this disk was mounted from. When reading existing files from the disk, all data will be read from its container file and decrypted.

Every single application -- be it Files, a text editor or even Terminal -- will work with virtual encrypted disks as usual. All encryption and decryption is performed transparently for every single bit of data located on each encrypted disk. This allows BestCrypt to easily and seamlessly integrate into your day-to-day workflow, while you simultaneously get automatic and transparent data protection.

Mounting and ejecting containers

The process of decoding a virtual encrypted disk from container file is called mounting. There are several ways to mount a BestCrypt container:

No matter how you've chosen to mount your container, you will be greeted with the Container Mount Dialog:

Simple view contains:

Advanced view contains:

After the container password and selecting all desired options, click Ok to verify the password and mount the container.

All mounted disks, real or virtual, are attached to a file system hierarchy. New disks can be attached to any folder in this hierarchy, as long as they are accessible.

In BestCrypt for Linux the default mount location is "home/user/BestCrypt". A subfolder is automatically created for each new disk and the disk content becomes accessible from this location. The mount location can be changed at any time. BestCrypt virtual encrypted disks behave like ordinary removable devices.

Linux disk applications can be used to create partitions on the drive. The mount location of the partitions will be default, as the current version of BestCrypt doesn't allow users to set customized mount locations for these partitions.

Since BestCrypt virtual encrypted disks behave like ordinary removable device for the rest of the system you can use Disks application to partition this disk into 2 or more partitions. BestCrypt, however, will not be able to mount all partitions of such disk at a custom location. Currently only first partition will be mounted. You can use default system location to mount all disk partitions as usual.

Ejecting a Container

Encrypted disks can be ejected by using one of the following methods:

BestCrypt can go even further by providing automatic forced ejection of all mounted encrypted disks. In case of emergency use the “Eject All” button from the Control Panel, taskbar or just set a hotkey to protect all your encrypted data in a single keystroke. This option can be activated in Settings.

Forcing the ejection of a BestCrypt disk when using the “Force Eject” or “Eject All” buttons may result in corruption or loss of unsaved data, in addition to damaging the structure of the virtual disk file system. These are the same risks that exist when physically removing a storage device without ejecting it first. We recommend forcing ejection only in case of emergency.

See also:

Quick start guide
BestCrypt Control Panel