You are here

The Needed USB Flash Drive Hider & Encryption

48 posts / 0 new
Last post
Wooops_Phil
Offline
Last seen: 14 years 2 months ago
Joined: 2009-06-18 23:25
The Needed USB Flash Drive Hider & Encryption

Hello,
OK I´m going to be the more strightforward as i can. Actually it is very important to be able to secure your data (encryption) as well as hiding it, wich has in my opinion several advantages above the encryption, this is that someone who watch to your data will actually never know that "sensitive data" existed, so it can be even a more secure way to protect it. In the other hand, an encryption volume its like a shout telling that you have important data that you want to keep secret. So the simpliest question, in the first place is why to let other people know we have sensitive data? and second if they anyway discovered it or if they try to get data with hack tools, there it comes the encryption. So privacy and secure data are hand-to-hand.

Now for me this is a priority. So on i have searched throught interminable directories, lists, google searches, net of blogs, ranks , etc etc And so far I haven´t meet an app working that fits the bill.

The closest i have find is Rohos Mini Driver, but this app lacks in several aspects. Its definitely not discret, installing itself in the root of the flash drive. Also it has several usability lacks (by the time i tested it, it didnt stored its launching settings:( ) ....

I could go on with the list but what it matters now is what features are most important to the business (accordingly with its use). So here there are the features i would some day like to see.

* The basic: to hide a volume or folder with password protection and hopefully encrypted.
* To optionally display the hidden/encrypted volume as a "partition of the flash drive" for more compatibility.
* A portable and discret** launcher of the app prompoting the users password. The best would be the ability to camouflage it, giving an appearence of a text file or another user defined type file, as well as to be able to locate the launcher in a different place than the root.
* Support for fast keys in locking/hiding the volume.
* And for the last as an advanced feature, to predefine a different password from the main wich unlock differents files. This would be a kind of profile managemnt in case (kind of extremly)that you may be forced to release the password. Saving it from reveal your actual sensitive data and making believe you have actually nothing or of no concern in your protected volume.

Well i know there is a dev. in a encryption app on the fly wich is great. Also i get that there are a lot of apps to maintain and stuff to do. Anyway i hope there will be a place for this in the portable apps suite.

Wow this has been long! enough i ´m tired.. well hope you can get at least new ideas about what a complete and powerfull encrypting/hiding app may be like.
...and may i ask if something is under the hook?

Cheers

Phil D.

Jimbo
Offline
Last seen: 4 years 2 months ago
Joined: 2007-12-17 05:43
And, as we say every time people ask for this

It cannot be done without administrator access. Period. In any way whatsoever.

Other than that minor(?!) issue, Truecrypt does pretty much exactly what you want.

First of all, there is no way to "hide" anything on a disk that isn't trivially easy to recover for anyone halfway competent. So, if you're just going to rely on filesystem capabilities, you may as well attrib +h +s the truecrypt container. Presto! it is hidden.

It can / will mount the container as a drive, but only with admin rights. This is a windows limitation, no app will ever get around it. They all need either pre-installation by admin, or to run as admin at the time.

You can launch the truecrypt process with all required parameters on the command line, so you can easily write any sort of camouflage app that you like which accepts the password and opens the volume.

It does indeed support hot-key dismounts.

And finally, it supports hidden volumes, which means that you get two different passwords, each of which opens a different view of the same container, and, if you follow the simple guidelines on the truecrypt homepage, it is not possible to determine whether there is a hidden volume hiding within the normal volume for which you have volunteered the password. Total plausible deniability.

So, to sum up, I'm afraid that you're not asking for anything new, but it will never quite arrive in the way that you hope due to windows limitation that enforce the requirement for admin access to manipulate the volume list.

For now, the best you can manage is Truecrypt and TCExplorer, which will open the container for copying files in and out of, even without such rights, but that then leaves plaintext versions of them around. Not ideal.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
conform all said

by Jimbo, those requests are present so many times here.

One more alternative to TC is FreeOTFE, behave simlar way, also has an reader/explorer coming with it in the case you have no admin rights.

The problem can not be solved on software side alone. Either folder is encrypted and has to be decrypted before use, well this is simple , but not ergonomic and not what people want.

Other method would be to use software residing in the actual controller of the stick. This is done many times, one can simply buy one of those $$$$ Sticks with that feature buit in. (Ironkey for example)
But also here sometimes this can be used only with admin rights. I have one stick, which needs admin rights to enter the password to the sticks controller for example, making it useless then.
And such soloutions are fixed to the particular stick and of no use on other stick with different controller.

Recently, I followed some threds in the real thunderbird forum, technical solutions for at least encryption of the profile were the theme. But so far nobody could create something which would work on all cases. Well yes, small files can be simple decrypted when opened, but what if someone has 10Gb of mails in it?
The on the fly encryption is limited (windows) so again, attempts for that will cause trouble in one or other way.

Otto Sykora
Basel, Switzerland

Wooops_Phil
Offline
Last seen: 14 years 2 months ago
Joined: 2009-06-18 23:25
Thank you for your answers. I

Thank you for your answers. I forgot to mention the no admin point, besides that Truecrypt is pretty good. The reason that I thought it was posible its becouse there are no admin encryption apps, but maybe in order to hide or repartitionate the drive you need anyway them.

So far then, there is no ideal solution beside spending some $$$$ in a stick Sad

Cheers

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
no admin encryption

>The reason that I thought it was posible its becouse there are no admin encryption apps,

Otto Sykora
Basel, Switzerland

casaschi
Offline
Last seen: 3 years 4 months ago
Joined: 2007-12-16 16:29
without administrator access?

I read more than once what you say here: "It cannot be done without administrator access. Period. In any way whatsoever."

However, the Rohos mini drive app claims to create an encrypted volume on a file (not an encrypted partition) that then you can mount without admin rights.
http://www.rohos.com/products/rohos-mini-drive/

What is the catch with this approach?
What do I miss compared to the apps that require admin rights?

Jimbo
Offline
Last seen: 4 years 2 months ago
Joined: 2007-12-17 05:43
You cannot access it as a drive letter

You can create the container, you can open it in their app, you can copy files in, you can copy files out.

But you can't see it as a drive letter, or get other apps to access the encrypted files directly, only by copying them out, saving them unencrypted somewhere, and then opening them from there.

To assign the drive letter, you need admin access.

jamcomm
Offline
Last seen: 14 years 6 months ago
Joined: 2009-07-24 14:51
So what?

So what? The whole point is carry my encrypted files around with me, and access them when I want to.

jamcomm
Offline
Last seen: 14 years 6 months ago
Joined: 2009-07-24 14:51
Not true

That's not true. FreeOTFE allows you to use a virtual disk if you have administrator rights, but still allows you to work if you don't via FreeOTFE Explorer.

Going through your list:

  • Encrypts data...
  • It has full support for command line parameters as well...
  • It supports hotkey dismounts as well...
  • Hidden volumes? Yup has that too...

    But administrator rights? Doesn't need them!

    ...And best of all - it works with portableapps.com! It's amazing the number of applications which do - but it's such a good idea and allows me to carry both my software and files around with me!

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
FreeOTFE Explorer

@jammcom: I may have missed it - but I didn't see any response to this post.

I did try FreeOTFE Explorer - but couldn't get it to work, despite looking through the rather long pdf manual.

If you're following this jammcom, care to post an idiots' step by step guide to the correct method of installation of which precise program files, and then how to get your sensitive stuff into the volume or partition you create, then how to close and how to reopen again, all without administrator rights? I'm afraid I found administrator rights demanded when I attempted to close...

David

digitxp
digitxp's picture
Offline
Last seen: 12 years 6 months ago
Joined: 2007-11-03 18:33
Here

Insert original signature here with Greasemonkey Script.

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
Ah Now I see (I think...)

Thank you digitxp.

I had installed FreeOTFE on my stick, and was attempting to do everything from there. Now I see you need to create your encrypted volume on your desktop/laptop first, and only then copy it to your stick.

There were still a couple of puzzlers in the linked instructions, however. One was how you copy the volume across when you have already dismounted it and it is therefore invisible to My Computer? That can't be right, but it seems to be what the instructions are saying. The other concerns the need to have a copy of the 'portable version'? of FreeOTFE on your stick in order to be able to access files in the volume you have created, or move files to it. Thus

1) "After you finished working with the files and dismounted the volume, you can copy that newly created volume file to any media, a CD, a USB stick, or a memory card and carry it with you wherever you go" ... And.......
2)"You can also copy a portable version of FreeOTFE (from Tools> Copy FreeOTFE to USB drive) to access the files from a computer which doesn’t have FreeOTFE or another decryption program"... Presumably meaning accessing the files on your usb stick that are in the encrypted volume.

I'll probably understand how this works, and what to do, only by trying it. So, no sweat - I'll try. Likewise, I presume point (1)above is a simple mistake - it would have to be mounted in order to find it to copy it across? No?

David

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
Grrr... Tried it every which way... but

Well, copying the new volume from the main computer across is no use because you are copying across something that still has the original drive letter attached to it - even though the vol file appears as a virtual disk labeled, in my case, H - but it copies across as D\etc,etc, where D happens to be the drive on my main computer onto which the new volume (H) has been mounted - and it was impossible to move something from the other part of the usb drive into it. No error message - just ... nothing happened.

The other thing I tried was to create a new vol (5GB!) directly onto the usb drive. OK - so far so good. That worked. But then I found I still couldn't get a directory from the rest of the usb drive into it either by copy or by move, neither by using the Freeotfeexplorer menu, nor by dragging. Just didn't happen. At least I got error messages this time! Unfortunately I've forgotten what they were...

Edit: Access Violation at 00000something

Thus while the first part of the instructions provided by the makeuseof link above worked like a dream, using firstly freeotfe and (after no joy copying) secondly freeotfeexplorer, the instructions for copying something into the new volume on the usb drive are sorely lacking - at least, for this newbie.... I'm presuming it can be made to work. But definitely there is a need for more detailed instructions on how, exactly.

David

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
In Light of Silence, Presume FreeOTFE/Expl Won't Do It Either

Thassall folks!

David

Sublime865
Offline
Last seen: 14 years 3 months ago
Joined: 2009-12-30 22:26
Well, while we are on the topic of encryption...

Well, while we are on the topic of encryption without any effect on the host system, or any risk of the host system infecting your drive, or the host system logging your access...

It *ABSOLUTELY CAN BE DONE*

If you have sensitive data to take care of, then it is rediculous to try and rely on a hodge-podge DIY software hack and an insecure $30 thumb drive.

Enter IronKey. https://www.ironkey.com/

Basically everything the OP described and more can be done on the IronKey. I won't allude to it being cheap, not at $300 for a 16GB, but if you have *mobile* data to secure, its the only option. If you are just trying to hide pics of your ex from your girlfriend or phone numbers from your roommate or something, then I wouldn't say its worth it, but then again, that's not for me to know or decide.

As for the hidden volumes, I haven't played with truecrypt enough to really play with the volume encryption, but you cannot see any file (even filenames) on the IronKey until it is unlocked. It shows up like an empty CD-ROM drive would (not the device type but in behavior) in that until it is unlocked, windows will prompt you to "insert a disk into the drive". IronKey also features full compatibility with Mac and Linux. Also, it has an application launcher that is better than the Portable Apps launcher, you don't have to have an exact directory structure to add the app to the launcher. Now, I still use the launcher on my other drives and use the portable apps from here on my IronKey, they all interoperate very well with each other.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
yes sure

you are completely right, most of us know the existence of this $$$ gadget.
Thera are meanwhile number of other similar products on the market, all which do some reasonable job have one thing in common: they only work on that specific brand of flash stick or better say on a specific brand of controller.
So those solutions are often called hardware encryption thoght the term is not 100% correct.

Otto Sykora
Basel, Switzerland

NathanJ79
NathanJ79's picture
Offline
Last seen: 4 years 1 month ago
Joined: 2007-07-31 15:07
JPEGs?

How big's this sensitive data? Are we talking about some text, like your phone contacts, maybe some love letters? Or are we talking about video, like a home video you wouldn't want anyone to see?

If it's the latter, you're on the right track. Big files that don't compress well are hard to hide. But if you have some text, some images, whatever, apparently you can stash them in a JPEG or in some JPEGs, and the picture will still show up. I'm not sure how all this is done, but I've heard it plenty often that it should show up in a Google search.

Also look up Wrapster, now that I think about it. If it's still around, that is. It wraps anything you want in what looks like an MP3 file. Won't play though. The original Napster only allowed transmission of MP3 files, and folks would use this to trade other stuff. Napster's check on the file integrity was decent, but far from complete. These files gave a nonstandard bitrate (40?) that could be searched for, and since no MP3 could actually have that bitrate, anything that did was a Wrapster container. Put a bunch of your favorite songs in a directory and put a few Wrapster containers among them. Not sure what encryption Wrapster offered, if any.

Dagenham
Dagenham's picture
Offline
Last seen: 1 year 2 months ago
Joined: 2007-03-23 06:19
Steganography?

I'm not quite sure what are you talking about here:


But if you have some text, some images, whatever, apparently you can stash them in a JPEG or in some JPEGs, and the picture will still show up.

You either mentioning a simple copy trick here (read the LifeHacker article here), or methods involving steganography, which is a much more complex process to hide sensitive data.

The first one - the copy trick - may help in cases where you aren't dealing with professionals. Steganography methods are much harder to break, but not impossible - if you have some really sensitive data, you may want think about developing your very own methods, because the well-known steganography attacks working mostly with the already well-known hiding methods.

Nathan9222
Nathan9222's picture
Offline
Last seen: 2 years 5 months ago
Developer
Joined: 2007-12-06 22:35
K well I did a quick search

K well I did a quick search and found this freeware utility http://www.winmend.com/folder-hidden/, It looks nice but idk how well it functions as ive never used it. But I would only suggest you install it on a personal computer. As with .jpg hiding I agree that that can be a good solution for hiding stuff but only if it is relatively small and if you wrote a script that would do this for you. Else it would take a long time constantly going to the command prompt and extracting the files. I wrote a script that can do this search "FileinPic" without quotes and you should find it. Though i will say that it is still in beta and sometimes it doesnt work well. But I will try to fix this script once i get around to it. Hope this helps ;P

An eye for an eye makes the whole world blind.
Mahatma Gandhi,
Indian political and spiritual leader (1869 - 1948)

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
hide folder

Somewhere I downloaded one day a 'software' which told me it will hide folders and only unhide them when password is entered. Hmm, fine I thought, the functionality will be here only if I pay the 21.50 usd or so. OK, I took the risk, paid by credit card and what did I found? The so called software was simple script setting hidden attribute ..... So this just for experience.

As far as steganogrpahy concerned, I have somewhere such nice GUI programs even in 16bit windows versions, will have to search at home where they are. One definitely was simply called HIDE, one HIDEUNHIDE and one was called SNOW. The snow was funny, it was hiding things inside simple text files. Today there are software like stego, dealing with almost all files and combinations of it, hiding picts in other picts. Even on my old Psion5mx, I have software hiding files inside sound files or jpg. It takes sometimes 20 minutes there, but it works.
But one thing has to be mentioned. Due to the fact how the jpg compression is build, it is simple to insert a file to it, but it is not something considered secure today. This is no more steganography in its original meaning which would be that you can hide the file in it and others can not even recognise that there was something in it. Qualified software will immediately recognise that this jpg is no more jpg in its original form, the compression calculation is disturbed by some means and the points of disturbance are apparently easy to be found by any forensic software today. The same applies apparently to MP3.
More secure , I was told, will be in this matter hiding files in things like WAV, since here mostly no fancy and predefined compression takes place, so one bit more or less on each sample is very difficult to recognize. Same will be probably with simple uncompressed bitmap picture.

Otto Sykora
Basel, Switzerland

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
here from my archive

I searched my old computers, found few things, here one of them:

http://www.box.net/shared/kyps16cogq

and funny is the SNOW, it is just command line, but gives an idea what steganography is about.

http://www.box.net/shared/8hnx3lprm6

Otto Sykora
Basel, Switzerland

Wooops_Phil
Offline
Last seen: 14 years 2 months ago
Joined: 2009-06-18 23:25
Thank you! it´s always

Thank you! it´s always interesting to know apps like those or at least its funny Smile

In the end I gues I´m going to buy Kingston DataTraveler Locker, it says "no admin rights or application installation required" so i supose there would be no trouble.

Well, before i tried an idea that came up. It was to partitionate my kingdton with BootIt by "fliping" my drive and then on changing my drive name to CD Unit and changing the icon, kind of a rude fix and not much secure...
all well except the partition part Sad anyway I learned something.

Thanks again and sorry for the delay.

Phil

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
the snow

>Thank you! it´s always interesting to know apps like those or at least its funny :)In the end I gues I´m going to buy Kingston DataTraveler Locker, it says "no admin rights or application installation required" so i supose there would be no trouble. kingdton with BootIt by "fliping" my drive and then on changing my drive name to CD Unit and changing the icon, kind of a rude fix and not much secure...

Otto Sykora
Basel, Switzerland

Undintel
Offline
Last seen: 12 years 4 months ago
Joined: 2006-07-08 11:41
Also you can take into

Also you can take into consideration the program called PenProtect, it's doesn't need administration right, only bad thing you need to pay a licence fee for it, but except that it's work great, it's stay a trial version to try, here the link :

http://www.penprotect.com/

crux
Offline
Last seen: 3 years 4 months ago
Joined: 2008-06-13 18:10
I don't understand

I thought you needed steganography or hidden volumes.

If you can boot from your media, would that solve your administrator issues? Can you bring your own live CD/DVD and boot from it?

Hidden Operating System
http://www.truecrypt.org/docs/?s=hidden-operating-system
A hidden operating system is a system (for example, Windows Vista or Windows XP) that is installed in a hidden TrueCrypt volume. It is impossible to prove that a hidden TrueCrypt volume exists (provided that certain guidelines are followed; for more information, see the section Hidden Volume) and, therefore, it is impossible to prove that a hidden operating system exists.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
hidden OS and hidden file

are not exactly the same.

You can hide some data inside other data, this will be called steganogpraphy in general. You can hide a text inside other text etc.

If you have bootable media as CD, or bootable stick and the hardware and bios does support booting from such media, then the admin issue would be solved.
To have XP or Vista run as hidden OS from removable media, theoreticaly possible, but it is lot of work behind it.
True Crypt produces also whole disk encryption meant for normal harddrive inside a PC, where in empty space hidden volume can be set up in a way it can host the operating system. This thing is not really meant for running from a stick media, though after some affords it could work, but probably very slow.

That TC uses kind of steganography for their disk encryption is probably the result of once having suitable encryption system, then why not use it for this and that too.

Haw far it is really 'impossible' to find those volumes I dont know, they use free space to create one volume and use this volume to hide other volume in it. So it is not just some random other data they use as carrier, but their own volume file.

Otto Sykora
Basel, Switzerland

Jimbo
Offline
Last seen: 4 years 2 months ago
Joined: 2007-12-17 05:43
That's now how hidden volumes work

There is no steganography involved at all, whatsoever, in any way.

Basically, an un-decrypted truecrypt container file (or partition) is a huge stream of data that cannot statistically be demonstrated not to be random. Since TC does not use any sort of header or magic number to mark its containers, it cannot be proved that it is actually a valid truecrypt container unless you have the password. When you apply the password to the (first I believe) block that has the IV and key in it, it gives you a key that can then be used to decrypt the rest of the container, and it looks like a filesystem. Without that key, all you have is random noise for no good reason.

Since it is implausible that you would have a huge random file around, it is not unsurprising that people can guess that you use tc (or something similar).

However, it is equally not possible to prove (or disprove) that for a given container, which has a normal password, pass1, that you could not also decode the next-to-last block of the container using some other password, pass2, that would also allow you to decode the disk, back-to-front, as another entirely separate volume that is made up of the free-space on the first volume.

It can, if used correctly, give totally plausible deniability, since you could just be using pass1 to access the files in that volume. The danger is that if you write to that normal volume, you may write into the freespace, and overwrite files stored on the hidden volume, though, if you know the second password, TC has a mode to protect against this.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
right Jimbo

appart that when some data is placed in other data amount not making it plausible to recognize that the data is hidden here is called steganography.

So since TC is placing some data in other information container and it is not obvious that such data are contained in this information container it is steganography.

"steganography serves to hide secret messages in other messages, such that the secret's very existence is concealed."
from Bruce Schneier, Applied Cryptography

And here from main TC website:
'Provides plausible deniability, in case an adversary forces you to reveal the password:
Hidden volume (steganography) and hidden operating system.'

For the rest, well we would have to read lot and get lot of more infos on how exactly their algos are chained together. Since TC does not exist for so many years yet, the attcks are not so many described as for number of other crypto things. I tink when I have one day few weeks leave, I might download some papers from TC and some potential attackers so to find why they think it is all so much better then similar other things. But they have good reputation anyway, for general purpose things this is very well suitable thing. And probably more advanced then many commercial products.

And again, I mostly tend to trust any open cryptosystem, since it is open, everybody has simple access to all attack experiments and is welcome to try all sorts of cracking etc. In closed and 'sectret' systems, one newer knows how much the security by obscurity helps or not.

Otto Sykora
Basel, Switzerland

crux
Offline
Last seen: 3 years 4 months ago
Joined: 2008-06-13 18:10
What I was trying to say

Why would Wooops_Phil buy the Kingston drive when it does not do the things he said he needed. It looks like he needs a steganography/plausible deniability. To make that work portably, and to avoid being compromised by a proactive system administrator, a driver and preferably a bootable solution is needed.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
yes right

>Why would Wooops_Phil buy the Kingston drive when it does not do the things he said he needed.It looks like he needs a steganography/plausible deniability. To make that work portably, and to avoid being compromised by a proactive system administrator, a driver and preferably a bootable solution is needed.

Otto Sykora
Basel, Switzerland

crux
Offline
Last seen: 3 years 4 months ago
Joined: 2008-06-13 18:10
Assumptions

The scenario you put forth assumes all of those things are true. It depends on where one is and what one needs to do. The best solution is to try different things and learn (unless trying things will have bad consequenses).

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
if you take

the very old tool snow, it will hide ascii text inside other ascii text. How?
Well try and then open such file let say in winword, and switch on the formating marks.
You can see, that there are some spaces added at the end of some lines etc. This is the 'hiding' of the additional text.
Many, many years hiding info inside other info is common, transporting infos inside books looking like normal book or transporting info inside pictures is very old way of hiding and transporting information others should not be aware of.

Otto Sykora
Basel, Switzerland

jamcomm
Offline
Last seen: 14 years 6 months ago
Joined: 2009-07-24 14:51
Partitioning USB drives

You mention that you want your encrypted data stored on a partition on your USB flash drive? Sorry - that's not possible. MS Windows can't handle this. Just try creating one without encryption - Windows can't see anything other than the first partition

Natalia
Offline
Last seen: 14 years 5 months ago
Joined: 2009-10-28 10:00
File Virtualization

Hello,

Firstly, I'd like to thank Wooops_Phil for considering Rohos Mini Drive the closest application he finds to fit for portable encryption.

By the way, regarding enhancing the application I should mention about File Virtualization feature that works like Virtual Drive.

This feature works in portable Rohos Disk Browser - You can double click and open say a Word doc, and then save it back to encrypted container on the fly, without leaving any un-encrypted data on the disk. So no more hassle with "extracting files out, opening in an app and then importing back to container."

More about File Virtualization could be read here
- http://www.rohos.com/2009/10/on-the-fly-encryption-without-admin-rights

Very soon we also want to implement "Virtualize Folder" function that will allow to virtualize many files and folders right into Windows File Explorer. Actually right now Rohos Disk Browser is able to run portable applications (from this web site collection), we have problems only with the main PortabLeApps Menu panel (doesn't start well). We encourage you to test it.

Well, our future development also includes possibility to create secured volume right from Disk Browser also. There are a few more steps to take and Rohos Mini will make your dream come true.

tstites
Offline
Last seen: 4 months 1 day ago
Joined: 2007-10-30 16:34
Rohos Mini Drive

A couple of months ago I came across this nifty program. I put the file in the root of my thumb drive, created a simple batch file and used bat-to-exe and put that file into a sub folder under PortableApps called "Rohos" to initiate the program. Works like a charm. I even put Thunderbird Portable in the virtual drive and did the same thing about creating a batch file turned into an exe in the normal Thunderbird folder under PortableApps. The only issue I think I would have is if the drive letter I have assigned for the Rohos virtual drive is already taken, then my batch file would not work for Thunderbird.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
rohos

yes I have the rohos on my stick too, but this is in fact just simple file encryption and packer. We can use some sort of zipping tool as well, they have AES encryption on board today too.
OK, you can kind of hide the container with rohos too, but it is not much more then that.

Otto Sykora
Basel, Switzerland

Natalia
Offline
Last seen: 14 years 5 months ago
Joined: 2009-10-28 10:00
Rohos Disk Browser

Otto,
the old Rohos Disk Browser worked like encrypted WinZip, yes.
But here I am talking about all new version that offers on-the-fly encryption principle.

The benefits is obvious :
- for example you can double click a MP3 file in Rohos Disk Browser and it will be opened in MediaPlayer and played immediately without decrypting into temp folder.
- you can even play an AVI file in such manner.
- you can open a DOC file, make some changes, and just press File->Save from MS Word to save it back (changes will be saved to the encrypted container on-the-fly).

This is unique feature that most users expected/wished to have.

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
ok will test again

however this was about what I meant with the zip similar, at least as far as the behaviour for the user is concerned.

Most self-contained software will run from zip container file in similar way.
Yes there are also things which will not run this way, but then such are not portable in first place.

Otto Sykora
Basel, Switzerland

Brando212
Brando212's picture
Offline
Last seen: 5 years 7 months ago
Joined: 2007-04-26 17:09
It can be done

I will just say it can be done with the style U3 encrypts their drives, with partitions

Never knock on Death's door: ring the bell and run away! Death really hates that!
Matt Frewer

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
yes sure

you can build a controller chip on your own, then creating the right firmware for it and finish.
(the whole fun of U3 is that it works with dedicated sandisk chipsets only)

And otherwise: its not big deal to create a stick with one additional fake drive and a iso-cd partion on it. There tools around doing that. And yes you can see then an additional cd drive and a disk drive in windows.
But this is about where the story ends. You will not come very much further here.

For the rest , you need firmware for the controller in your stick to do the whole job, otherwise you end up with pure software solution running on your PC and not on inside the stick, so this is where you find truecrypt and similar.

Otto Sykora
Basel, Switzerland

Brando212
Brando212's picture
Offline
Last seen: 5 years 7 months ago
Joined: 2007-04-26 17:09
it works with any flash-drive

the U3 encryption works with any flash-drive, i know this because my friend got U3 on another non-U3 drive of his by running and update and removing the U3 drive and inserting a regular flash-drive before pressing start, that tricked the updater and installed U3 on the non-u3 drive

any way, the password encryption worked flawlessly on the non-U3 drive

Never knock on Death's door: ring the bell and run away! Death really hates that!
Matt Frewer

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
ok if you know

then use it, but we all here know better. Only sandisk made controller in the stick is capable of the U3 function.
So if you have a sandisk controller, yes there are ways to enable the function and not only produce the fake CD partition.
There is simply no way you can insert this firmware to any other make of controller.

While it might be possible to copy this and that part of software to a non sandisk flash, the key functionality is given purely by the hardware and can not be inserted because it is not a software bit, it needs hardware inside the stick and this can not be loaded via serial bus... as transistors and resistors do not fly through the usb connector so easy Wink

Otto Sykora
Basel, Switzerland

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
Encrypting USB Drive

I have a Sandisk with U3. OK - it's not industrial strength - but it suits me fine - and no administrator rights needed. What would be truly lovely would be a Portable App type app which did more or less the same thing, with no fuss, on any USB pen drive. For instance, I can plug in my Sandisk, and ignore the U3 part of it after I have logged in, and just use the other partition to install my PortableApps apps. No 'normal' person can get into my drive to access any of these (especially my emails on Portable Thunderbird, or my Portable Firefox with its saved logins/passwords) without my U3 password. So, can we please, please have a PortableApp which does the same thing. I, for one, would not object to 'contributing' (ie paying) for this... Please, pretty please?

David

ottosykora
Offline
Last seen: 1 day 8 hours ago
Joined: 2007-10-11 17:48
this is not software matter

this is hardware solution. This works only with sticks made specially for that purpose by sandisk, the software runs in the controller. For each controller you need other firmware for that.
So the same functionality can not be done by any software run on the stick. Therefore there is no way to create same functionality for any stick.
U3 runs firmware in the sticks controller using a way that there is a communication possible with CD at some stage rather then with a fake harddrive. From there on it will more or lees turn all bits belonging to the file system and partitioning so that they appear to be all 1, thus we read FFFFFFFF for the whole disk from the view os the user. Simple and efficient for that matter.
But it needs the special sandisk controller and its firmware on it.

Otto Sykora
Basel, Switzerland

digitxp
digitxp's picture
Offline
Last seen: 12 years 6 months ago
Joined: 2007-11-03 18:33
Autostart

Simple. Set to programs into the U3 menu, and set them to autostart:
1. A program that launches the PortableApps platform.
2. A program that kills the U3 menu.
And set up the password. Done!

Insert original signature here with Greasemonkey Script.

mirmos192
Offline
Last seen: 9 years 10 months ago
Joined: 2009-11-06 14:35
USB Flash Drive Hider & Encryption

Thanks Otto. OK - I get it. Not possible. Needs something on the chip of the flash drive.

(@Digitxp - Sorry you misunderstood me. I wanted something for a non-U3 drive which does the same thing. For my needs, I have no problem on U3 drives using the non-U3 partition, which, happily, still requires the U3 password to be accessed.)

But now I see it is not feasible...

David

Brando212
Brando212's picture
Offline
Last seen: 5 years 7 months ago
Joined: 2007-04-26 17:09
it works with any flash-drive

the U3 encryption works with any flash-drive, i know this because my friend got U3 on another non-U3 drive of his by running and update and removing the U3 drive and inserting a regular flash-drive before pressing start, that tricked the updater and installed U3 on the non-u3 drive

any way, the password encryption worked flawlessly on the non-U3 drive

Never knock on Death's door: ring the bell and run away! Death really hates that!
Matt Frewer

John T. Haller
John T. Haller's picture
Online
Last seen: 5 min 45 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Not Quite

It only works on specific drives with specific controllers, and these are relatively rare outside of Sandisk now that U3 is no longer supported by other vendors.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments