I owe Dr Skip a long round of applause for this one.
Thanks, Doc!
- - -
I have to haul around personally owned files, such as
PCB layout tools, invoice writers, password manager,
documentation editors of several types. I consult on
product designs, like many of us here. Dragging around
a laptop was the normal way to do this, but carrying
it around my neck would be better.
So, I decided to use a USB Flash drive for windows
XP, since all my clients use that O/S.
I purchased a U3-compatible 4GB Flash Drive. It
works adequately but there is no security... what if
I LOST the flash drive, and an evil person (or my
wife) got it?
What I decided was needed was a U3-like setup that
could be folded up and tucked away between uses.
Dr Skip suggested the use of a TrueCrypt container
to hold all of the applications and working files. This
means that when you no longer need any file from
the container, the container is encrypted properly
into background noise. Then if your flash drive
falls into evil hands, NO damage is done.
I've been testing this for several days at home and
at two offices, and it works GREAT. Even better,
it is sourceforge and FREE.
I built the 3.5GB container, then filled it with portable
applications (http://www.portableapps.com) (apps that will
operate within the flash drive and not spill over into
other areas.). Not everything can operate from a
flash drive, but my PCB layout software and most
everything else will.
BTW, I stripped U3 out of the hard disk before I
went to TrueCrypt; its another bloated $MS thingy
and I decided it wasn't for me.
> I built the 3.5GB container, then filled it with portable
> applications (http://www.portableapps.com) (apps that will
> operate within the flash drive and not spill over into
> other areas.)
So why do you feel the need to encrypt freely downloadable
apps? Am I missing something?
> I owe Dr Skip a long round of applause for this one.
> Thanks, Doc!
> - - -
>
> I have to haul around personally owned files, such as
> PCB layout tools, invoice writers, password manager,
> documentation editors of several types. I consult on
> product designs, like many of us here. Dragging around
> a laptop was the normal way to do this, but carrying
> it around my neck would be better.
>
> So, I decided to use a USB Flash drive for windows
> XP, since all my clients use that O/S.
>
> I purchased a U3-compatible 4GB Flash Drive. It
> works adequately but there is no security... what if
> I LOST the flash drive, and an evil person (or my
> wife) got it?
>
> What I decided was needed was a U3-like setup that
> could be folded up and tucked away between uses.
>
> Dr Skip suggested the use of a TrueCrypt container
> to hold all of the applications and working files. This
> means that when you no longer need any file from
> the container, the container is encrypted properly
> into background noise. Then if your flash drive
> falls into evil hands, NO damage is done.
>
> I've been testing this for several days at home and
> at two offices, and it works GREAT. Even better,
> it is sourceforge and FREE.
>
> I built the 3.5GB container, then filled it with portable
> applications (http://www.portableapps.com) (apps that will
> operate within the flash drive and not spill over into
> other areas.). Not everything can operate from a
> flash drive, but my PCB layout software and most
> everything else will.
>
> BTW, I stripped U3 out of the hard disk before I
> went to TrueCrypt; its another bloated $MS thingy
> and I decided it wasn't for me.
>
> And thanks again, Dr Skip!
>
> --Bob Axtell
>
William "Chops" Westfield wrote:
> On Jan 15, 2008, at 8:14 AM, Bob Axtell wrote:
>
>
>> I built the 3.5GB container, then filled it with portable
>> applications (http://www.portableapps.com) (apps that will
>> operate within the flash drive and not spill over into
>> other areas.)
>>
>
> So why do you feel the need to encrypt freely downloadable
> apps? Am I missing something?
>
> BillW
>
>
Yes. You missed the one about your personal data, such as passwords, emails,
downloads being known to other people, especially if you lose the flash disk
itself. The apps themselves have no worth, of course.
In other words, I can download my personal business email using my own
copy of Firefox, using my own passwords, etc while on another person's
computer. I download to the protected container itself, not to the TEMP
file of the other person's system. To prevent a keylogger from learning
my Truecrypt password, I use keyfiles as well.. no tracks.
Bob Axtell wrote:
> I owe Dr Skip a long round of applause for this one.
> Thanks, Doc!
> Dr Skip suggested the use of a TrueCrypt container
> to hold all of the applications and working files. This
> means that when you no longer need any file from
> the container, the container is encrypted properly
> into background noise. Then if your flash drive
> falls into evil hands, NO damage is done.
>
> I've been testing this for several days at home and
> at two offices, and it works GREAT. Even better,
> it is sourceforge and FREE.
Bob Axtell wrote:
> ...
>
> I built the 3.5GB container, then filled it with portable
> applications (http://www.portableapps.com) (apps that will
> operate within the flash drive and not spill over into
> other areas.). Not everything can operate from a
> flash drive, but my PCB layout software and most
> everything else will.
>
>
>
Bob,
I tried this - and it worked but when I go to another computer without
TrueCrypt, the flash drive just looks like an unformatted flash drive.
I'm thinking you have to make a container in the flash drive, not make the
whole flash drive a container. Then put the TrueCrypt program on the flash
drive but outside the container. Or ???
Thanks,
Carey
> > I built the 3.5GB container, then filled it with portable
> > applications (http://www.portableapps.com) (apps that will
> > operate within the flash drive and not spill over into
> > other areas.). Not everything can operate from a
> > flash drive, but my PCB layout software and most
> > everything else will.
>
I did not try the latest portable thunderbird, but 2 years back, my
experience was that the flash drive could not take the beating of portable
thunderbird. Prior total failure, on the first occurance, the Imation flash
could be reformated. And on the second failure, the flash was totaly gone.
> Bob Axtell wrote:
>
>> ...
>>
>> I built the 3.5GB container, then filled it with portable
>> applications (http://www.portableapps.com) (apps that will
>> operate within the flash drive and not spill over into
>> other areas.). Not everything can operate from a
>> flash drive, but my PCB layout software and most
>> everything else will.
>>
>>
>>
>>
> Bob,
> I tried this - and it worked but when I go to another computer without
> TrueCrypt, the flash drive just looks like an unformatted flash drive.
> I'm thinking you have to make a container in the flash drive, not make the
> whole flash drive a container. Then put the TrueCrypt program on the flash
> drive but outside the container. Or ???
> Thanks,
> Carey
>
You are correct. Truecrypt needs to be in the root of the flash drive. I
also put the SYS and the
FORMAT there as well. I then created a container sized 3.5G (leaving
500Mb for Truecrypt and
other stuff. When I power up, I click on TRUECRYPT then identify the
container, providing a password.
That's all it takes.
BTW, if you don't use the container for an hour or so, Truecrypt
disconnects the container.
On Mon, 2008-01-21 at 07:08 -0700, Bob Axtell wrote:
> You are correct. Truecrypt needs to be in the root of the flash drive. I
> also put the SYS and the
> FORMAT there as well. I then created a container sized 3.5G (leaving
> 500Mb for Truecrypt and
> other stuff. When I power up, I click on TRUECRYPT then identify the
> container, providing a password.
>
> That's all it takes.
I tried Truecrypt on the weekend. While typical of OSS in that it's got
probably thousands of options that aren't described in the most simple
way, it was actually VERY simple to set up.
I told it to use the whole drive, it asked for a password, and that was
it? Inserting the hard drive in a PC results in the drive not appearing
to have any data on it. Start up truecrypt, pick the volume, supply the
password and boom, working without a hitch. VERY impressive!
Only complaint I have is it severely slows down drive speed. I copied
about 40GB of data to my now encrypted hard drive and it took well over
an hour. As a result I wouldn't recommend Truecrypt be used with it's
default settings on your primary volume. I'm sure there is a way to
speed things up, but for my purposes it is perfect, and multiplatform to
boot!
On Mon, 2008-01-21 at 17:01 +0000, Alan B. Pearce wrote:
> >I copied about 40GB of data to my now encrypted hard drive
> >and it took well over an hour.
>
> And how long would it take without encrypting it ???
Well, that particular drive sustains about 30MBps (I've benchmarked it
in the past), so:
40GB/30MBps ~= 22 minutes
Most of the files are large (very minimal seeking), so worst case it
should have taken perhaps 45 minutes. My gut tells me it probably was
faster then that, but lets be conservative.
I didn't benchmark the truecrypt copy, but it was easily over an hour
and a half, very likely longer then 2 hours, I didn't watch it
continuously.
So, say 1/2 to 1/3 the speed, for my particular case.
> That sounds quite acceptable to me for that volume of data, being massaged
> along the way.
I would agree, except the CPU was barely being used, which is what
confused me. If the CPU were chugging I'd understand the slowdown, but
the CPU usage barely went over 10% on the copy. I guess I'm just curious
WHY it was slow, what was holding it back? Raw HD bandwidth wasn't the
limit, CPU power wasn't the limit, what was it? :)
Again, I didn't read any documentation for truecrypt, it's entirely
possible that the default settings result in something more secure but
less speedy. For me the speed is fine, I don't do the offsite backup
that often, I usually just let it copy and walk away anyways.
I was impressed by how easy it was to get working though, both on Linux
and windows. My only gripe there was it required a reboot of my linux
box to work, but I didn't notice any message stating a reboot was
required. I probably missed it... :)
> On Mon, 2008-01-21 at 07:08 -0700, Bob Axtell wrote:
>
>> You are correct. Truecrypt needs to be in the root of the flash drive. I
>> also put the SYS and the
>> FORMAT there as well. I then created a container sized 3.5G (leaving
>> 500Mb for Truecrypt and
>> other stuff. When I power up, I click on TRUECRYPT then identify the
>> container, providing a password.
>>
>> That's all it takes.
>>
>
> I tried Truecrypt on the weekend. While typical of OSS in that it's got
> probably thousands of options that aren't described in the most simple
> way, it was actually VERY simple to set up.
>
> I told it to use the whole drive, it asked for a password, and that was
> it? Inserting the hard drive in a PC results in the drive not appearing
> to have any data on it. Start up truecrypt, pick the volume, supply the
> password and boom, working without a hitch. VERY impressive!
>
> Only complaint I have is it severely slows down drive speed. I copied
> about 40GB of data to my now encrypted hard drive and it took well over
> an hour. As a result I wouldn't recommend Truecrypt be used with it's
> default settings on your primary volume. I'm sure there is a way to
> speed things up, but for my purposes it is perfect, and multiplatform to
> boot!
>
>
Just about my experience exactly. But I didn't find the flash drive to
run too slow...I noticed that
the 4GB drive by Sandisk (the one I use) seems to load pretty fast. I'm
happy with it.
On Mon, 2008-01-21 at 12:57 -0700, Bob Axtell wrote:
> Just about my experience exactly. But I didn't find the flash drive to
> run too slow...I noticed that
> the 4GB drive by Sandisk (the one I use) seems to load pretty fast. I'm
> happy with it.
Hmm. Well, FWIW I was using a hard drive. I've noticed most flash drives
are pretty slow when writing to begin with, so I'd believe you not
noticing a difference in performance.
Funny thing is a quick check makes it look like read performance isn't
that bad, haven't really benchmarked it, more of a "it feels just as
fast" sort of thing.
Oh, finally, the hard drive is a USB2.0 hard drive, hence the only about
30MBps I get without Truecrypt.
Herbert Graf wrote:
> On Mon, 2008-01-21 at 12:57 -0700, Bob Axtell wrote:
>
>> Just about my experience exactly. But I didn't find the flash drive to
>> run too slow...I noticed that
>> the 4GB drive by Sandisk (the one I use) seems to load pretty fast. I'm
>> happy with it.
>>
>
> Hmm. Well, FWIW I was using a hard drive. I've noticed most flash drives
> are pretty slow when writing to begin with, so I'd believe you not
> noticing a difference in performance.
>
>
Oh, sorry, no all are the tiny SanDisk USB Flash Drives. I have a 1G and
a 4G, both work very well.
> Funny thing is a quick check makes it look like read performance isn't
> that bad, haven't really benchmarked it, more of a "it feels just as
> fast" sort of thing.
>
I believe the Truecrypt decryptor/encryptor is written in assembly.
--Bob Axtell
> Oh, finally, the hard drive is a USB2.0 hard drive, hence the only about
> 30MBps I get without Truecrypt.
>
> TTYL
>
> -----Original Message-----
> From: .....piclist-bouncesKILLspam@spam@mit.edu On Behalf Of Bob Axtell
> Sent: Monday, January 21, 2008 6:02 PM
>
<snip>
> I believe the Truecrypt decryptor/encryptor is written in assembly.
Herbert Graf wrote:
> I would agree, except the CPU was barely being used, which is what
> confused me. If the CPU were chugging I'd understand the slowdown, but
> the CPU usage barely went over 10% on the copy. I guess I'm just curious
> WHY it was slow, what was holding it back? Raw HD bandwidth wasn't the
> limit, CPU power wasn't the limit, what was it? :)
>
It had to upload your data to Google for indexing first.
;)
-
Martin
linuxha.com
