Seeking USB stick crypto

2008-02-14

in Geek stuff, Internet matters, Security

A piece of software that does the following would be very helpful to me:

  1. Creates an encrypted archive on a USB key
  2. Does so using a credible open-source algorithm, such as AES
  3. Ideally, is open source and well scrutinized by competent members of the security community
  4. This archive can be read using software on the key, on either a Mac OS X machine or a Windows XP box
  5. The software that does the encryption and decryption does not require administrator priveleges to run.

Do any such utilities exist? TrueCrypt is cool, but requires an admin account. SanDisk’s CruzerLock is Windows only, and has a really awkward interface. The disk encryption feature of PGP cannot be run off a flash drive. The encrypted disk images created by Mac OS cannot be read using a Windows machine.

{ 5 comments… read them below or add one }

Milan March 21, 2008 at 9:20 pm
. August 2, 2009 at 4:39 pm

30 July 2009, 11:31
Bootkit bypasses hard disk encryption

At the Black Hat security conference, Austrian IT security specialist Peter Kleissner presented a bootkit called Stoned which is capable of bypassing the TrueCrypt partition and system encryption. A bootkit combines a rootkit with the ability to modify a PC’s Master Boot Record, enabling the malware to be activated even before the operating system is started.

Available as source code, Kleissner’s bootkit can infect any currently available 32-bit variety of Windows from Windows 2000 to Windows Vista and the Windows 7 release candidate. Stoned injects itself into the Master Boot Record (MBR), a record which remains unencrypted even if the hard disk itself is fully encrypted. During startup, the BIOS first calls the bootkit, which in turn starts the TrueCrypt boot loader. Kleissner says that he neither modified any hooks, nor the boot loader, itself to bypass the TrueCrypt encryption mechanism. The bootkit rather uses a “double forward” to redirect I/O interrupt 13h, which allows it to insert itself between the Windows calls and TrueCrypt. Kleissner tailored the bootkit for TrueCrypt using the freely available TrueCrypt source code.

. May 29, 2014 at 2:40 pm

True Goodbye: ‘Using TrueCrypt Is Not Secure’ http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/

. December 23, 2016 at 3:12 pm

I noticed you’ve shared TrueCrypt on this page https://www.sindark.com/2008/02/14/seeking-usb-stick-crypto/, as you may be aware, development of TrueCrypt was discontinued back in 2014 and has subsequently not been maintained. A number of security flaws have been uncovered and as a result we are reaching out to people to highlight a list of alternatives.

Here’s the list (along with further details about TrueCrypt no longer being maintained) – https://www.comparitech.com/blog/information-security/truecrypt-is-discoutinued-try-these-free-alternatives/, when you update your page it could be a useful resource to point your visitors to.

Just me December 31, 2016 at 6:09 am

Just to let you know that “I noticed you’ve shared Truecrypt on this page” is spam… I get the same message and so did many other :-(

Leave a Comment

{ 1 trackback }

Previous post:

Next post: