Are there any free encryption software systems?

I second the choice of Truecrypt. It is a solid performing encryption solution, and provides options for whole disk encryption and folder contents encryption.
I have been using Truecrypt's folder encryption for almost a year on a project dedicated laptop with potentially sensitive state agency information, and have not had a single problem with drive access or data integrity.
I can easily lend my professional recommendation to this software, and it is easy for you to download and test to ensure it meets your needs. As stated, it does not directly support poison pill wipes if your laptop is lost or stolen, but since you are encrypting your data, you might find a laptop lo-jack type program to supplement your security needs.
And kudos for including the process to protect your mobile laptop data, I wish everyone was this conscientious.

To my knowledge it does not have the “kill pill” remote wipe feature

There are no plans to add it. The reason is with it being a software based solution, an attacker can simply run his own modified copy without the kill facility and try attacking the drive forever. It is not meant to address physical security issues beyond theft with a system in the powered off state, or media or file containers in the unmounted state.

There are cold boot attacks that can be attempted. One such attack is freezing the memory of the computer up to 30 seconds after power down to maintain the contents, then putting the frozen memory in a reader and extracting the decryption keys directly. This method has been proven to work, however the practicalities of an attacker ripping a system case off and freezing the memory within 30 seconds of power down are less clear.

There are also possible attacks against TC itself. It does not compromise TrueCrypt but merely the way it works. The solution here is to use a trusted boot solution, or store the boot partition on a flash drive you keep on you all the time and start the system that way.

These attacks are not unique to TC, but highlight issues with software-only based encryption solutions. Hardware makes it slightly harder, but there are possible attacks against that, too.

If the attacker is really desperate, he'll just kidnap the user. In this instance, you need more than just encryption.

Robin, I agree with you, your first post _is_ correct!

Encryption is built-into Windows. It's free, and I recommend using it.

It's true, Truecrypt is one of the best software you may encounter for this matter, and it's cross platform.

Microsoft's Bitlocker works fine as long as you have the ultimate and enterprise version.

You may also want to check dcrypt for other versions of Windows.

Still, all of them are vulnerable to cold boot attacks.

Depending on the required secrecy of your data, it may be enough but better security is achieved using hardware methods, like harddrive embedded encryption in some laptops, and the proper use of TPM modules in your software.

Much research is going on over TPM and there are hardware encryption devices already available.

I hope it helps.

I don't know why my previous response was marked down - it is technically and factually accurate.

The problem with MS BitLocker is that it is presumed to have a backdoor into the encryption. Before the release of Windows Vista in the UK, and Europe more generally, the the product head of Windows Technologies was called to see the British Government to address concerns over the security of BitLocker in Vista.

The FBI has recently been found to have compromised IPSec back in 2000, though an agent purporting to have been one of the developers concerned with subverting the code has denied it worked, though they do not deny they tried. As a result, the developer of OpenBSD has been analyzing the IPSec codebase to see where the problem resides.

There is currently on on-going investigation to see if any court systems have been compromised by the FBI, as a potentially compromised version of IPSec was used by the DoJ.

The issue with backdoors generally, is that they are not exclusively available to the party who added the backdoor in the first place. It then enables other attackers, aware of such a backdoor, the same access to encrypted data as can be accessed using that backdoor. As most backdoors are designed to leak key material, this opens up all communications secured with the compromised code.

As a result, BitLocker can't be trusted to be secure. Worse still, the source code is not available for examination.

At least in the case of TrueCrypt, you can get the source code and examine it.

Thanks Reda!