Hello. Sorry if this question has been asked before, or if this is the wrong forum to post it in...
I want to:
1. Partition my USB thumb drive (Kingston DT 2.0, 4GB) so that i can install PortableApps on one of the partitions.
2. Make the PortableApps partition "read-only", so that viruses do not attack that partition.
(You know those filthy viruses that create autorun.inf files in the usb drives, so i don't want that stuff !)
Please guide me step-by-step. Thanks in advance. Help really appreciated 
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
As far as I know there is no possibility to partition USB drives. Besides that, there are some apps that cannot be run from a read only medium. Some might work, some need to be copied to the ram and then deleted.
"What about Love?" - "Overrated. Biochemically no different than eating large quantities of chocolate." - Al Pacino in The Devils Advocate
You can partition a flash drive, but Windows will only read the first partition. It is possible to partition a flash drive so that the first section is a normal windows drive while putting a linux distro on a second, bootable partition. The second partition is hidden from windows.
Can you please tell me the procedure for this?
I booted from a Puppy Linux Live-CD and used GParted (a Linux partitioning program). I used it to delete the original partition and create two new ones. Then I set the flag on the second partition to "bootable".
Lastly, I used the Puppy universal installer on the live cd to install it to the second partition. Then I changed the Bios setting in my laptop to give me an option to boot from the USB drive.
I have no idea if this sort of thing can be done from Windows.
I have to say I was surprised at how easy some things in Linux are. It has a reputation for being overly technical, but some of the newer Live distros are very easy to start up and use. GParted is a major improvement over the windows Disk Manager.
Thank you so much for the extensive detail. I have a request...
I need a step-by-step USB partitioning procedure using GParted. Can you please post a link? (or if you can write it yourself, that would be really nice of you!)
You're a genius. I have searched everywhere, on how to partition a USB flash drive, and didn't find any procedure. People say they have done it, but no one tells the procedure. You're the first one telling me HOW it is possible. So thanks a LOT!
Please (if convenient) let me know the procedure...
start gparted
click on partition on your stick, select partition, delete
partition, new, set size for partition 1 and file system
partition, new, set size for partition 2 and file system
click on apply (green tick sign icon)
done
hope you are serious, since gparted is absolutely self explaining GUI operated software.
BUT!
the use of such partitioning is the real question. What do you want use it for?
Windows will recognize only one partition, this is a fact.
Depending on which distro of linux, it may recognize 1 or 2 partitions if the file system is readable for linux.
But then what you want do what with it? Have one partition read only? How? Mark folders and files read only attribute? LOL! Everybody , everything (virus etc included) will take care of that as first task and make it writable again.
Simple: you can not make any partition read only by just setting some bits on it is certain pattern since if you can do so , everybody can.
OK, there are usb sticks with kind of two partitions and both can be read and one is kind of read only. Those are known as U3 sticks from sandisk. One partition there is pretending being a CD drive with a CD in it, thus read only for the moment, the other is normal drive with FAT32 partition on it.
However the controller can write what ever to both partitions, U3 software does it too, so why should not any other software do the same?
So your intention to have some kind of write protected partition is just a dream, it simply can not be done.
You may run a live system from a CD, well the CD will not be changed obviously, but one can not say this is something 100%+++ sure.
There is no operating system known which will run from CD. Not even DOS (well, grufties like me will know what I am talking abt) will do any reasonable function this way.
Before wave of flames comes up:
Life CD systems are copied into a ram drive first and run from there then. Or you have never seen the initramfs file on the life CD linux?
This operating system in ram is read-write, mostly not using any special authentication, all is root rights by nature. Such systems do often connect to net, even dedicated antivirus life CD does it, simply to fetch the latest antivirus signatures. By that time nobody can really tell you anything abt the status of such life system in ram.
BTW: to make a partition bootable, you have to provide master boot record (MBR)to the first 512bytes of the partition. Gparted will only set bootable bit mark, which is unfortunately misinterpreted by many operating systems and has mostly no function at all. Partition to be used for booting has to be set also active if it is created as primary partition. If two primary partitions are on the drive and you want boot from it, then the second should be marked as hidden first.
To insert an MBR and operating system loader, partition needs to be prepared by a special installer (like the one from puppy for example) or be formated first by the a tool creating first sectors and proper partition table with a copy on the stick. This can be also done with the HP usb formating tool (google for it).
Otto Sykora
Basel, Switzerland
U3 software does it too,
That is incorrect. The U3 Launchpad does not write to the U3 CD drive.
There is no operating system known which will run from CD.
That is incorrect. I run BartPE from a CD (and USB sticks, and etc) and I don't mean as an ISO loaded into RAM or with a FBWF installed.
To insert an MBR and operating system loader, partition needs to be prepared by a special installer (like the one from puppy for example) or be formated first by the a tool creating first sectors and proper partition table with a copy on the stick.
PEtoUSB works well loading BartPE to USB sticks as does the newer RMPrepUSB.
Ed
U3 software does write to the CD part indeed. They need to store there some small information about particular software installed, part of licensing keys for example. (probably to make it more difficult to recover the keys from the stick system ??)
BartPE does not run from CD, sure it does not. It will produce ram environment and run from there. There is no way it can run from CD only, since it needs set up lot of configuration, finding out which drivers should be configured with what etc. The whole operating system has to be set up initially and this can not happen from CD.
A helper system will first create the protected ram space, copy all essential there and hand over to the real system which will then start to operate from there, probe all hardware, set up full virtual system simply.
Yes there are number of installers today, which will take care of the proper formating of the usb devices. Most of them have will do all the job, but will format the whole drive. Some are more clever and are able to use preformated partitions too. The mentioned puppy was able to do so last time I played with it really without reformating the whole drive.
Otto Sykora
Basel, Switzerland
U3 software does write to the CD part indeed.
The U3 Launchpad store keys, someplace other than the 2 visible drives. Probably the same place as the drive's password. I have looked and nothing changes on the U3 CD drive.
BartPE does not run from CD, sure it does not.
When BartPE is run from a CD the system drive is not writable, if it was in RAM it would be. BartPE uses RAM when booting just like regular Windows does but nothing gets written back to the CD. For apps that require a read/write environment they are copied from the CD to a RAM drive, which is created with a separate driver in BartPE, and has a different drive letter than the CD, and executed from there.
And it can run on systems with 192MB of RAM. When ISO booting is used you need systems with 1GB of RAM or more.
UBCD4WIN uses the same approach. And though I haven't tried the other PEs I suspect they all run the same way.
Ed
what you are looking for on U3.
The drive password deos not need to be stored at all, it is just an entry for the controller resident firmware to switch off the plain data transfer, in fact all bits look like set to 1 when blocked.
Definitely depending on what you install, the contents of the CD fake portion will change. I have spent lot of time checking all , comparing etc, when installed some apps, result was, that the CD portion did change after key entries.
As far as BartPE:
you have seen yourselves that even if you had no hard drive in the computer at all, then when you boot from the CD, the result will be that you have a virtual system drive and the actual CD is still mounted as CD drive with CD in it.
Possibly you also misunderstood me slightly. I am not telling you that life systems do boot from an iso image!
No they certainly *do not* create an iso image of the cd and copy it somewhere.
They create virtual file system drive, with small helper system (run from CD) copy all essential system structure to the virtual file system and the operation is then handed over to the 'real system' run from the virtual file system. There is no other way of doing it.
The fact that you see two different drives, one of them CD and the other just 'hard drive' proves to you that the system is not running from the CD.
The apps in fact may be less of a problem, the operating system itself needs read/write media to operate at all, to configure itself, to probe the hardware, to pull up drivers needed etc. So all things the BartPE does needs to run in the ram drive. It will not write anything to the CD sure, the CD remains same after that.
Normal windows will do all the job just once and store all configuration, driver set up, simply the whole system at the particular hardware.
Life systems can not do that since read only. Therefore they have to create virtual environment and run from there. There is no real way to bypass it.
So all life systems , work the similar way, regardless if it is PE based system or some linux or what ever.
Otto Sykora
Basel, Switzerland
when you boot from the CD, the result will be that you have a virtual system drive and the actual CD is still mounted as CD drive with CD in it.
...
The fact that you see two different drives, one of them CD and the other just 'hard drive' proves to you that the system is not running from the CD.
That is incorrect. The system drive and the CD are the same drive letter, X:. It contains the Windows PE folders and the Program/apps folders.
Ed
you see it as CD drive with CD media in it, you can access those as a CD, means that you have a virtual system running, configuring all the drivers for you so you can operate it.
BartPE is nothing else then the MS installation CD core which does work this way , it has to work this way, otherwise it would not be able to make any assessment of hardware it has to be run on. The CD is visible as CD, the system is different.
If you try, you will see that you can make changes to the system while it is running, you can to some extend even add items to be run, thought real installation may not be possible except adding the proper module to the whole distro in advance due to restrictions of the scaled down system. I was told that this is due to the restrictions of the kernel, since it is not the real one from windows.
This exactly the way of flames I was expecting, since most people seem to believe the same, running full operating system just by loading few dll to protected ram section. This was not so simple with dos either, however the few drivers we had to configure there, we were able to set them manually before starting via config.sys and autoexec. Not doing that, fun would be very restricted, trying to run only kernel in few kb low memory only.
OK, let leave it here, you seem still to belive what you believe, the things are clear and known, but have your fun, I can not help you further with it.
Otto Sykora
Basel, Switzerland
All OSs run in RAM, real RAM, not virtual RAM and not a virtual drive. So yes, PE runs in RAM and can be changed while running, screen resolution, additional drives can be mounted, etc. But the changes are read from the CD drive, X:\I386, just like a normal OS reads drivers and Registry entries from a hard drive. So if you want to think of all systems that run in RAM as virtual systems you're correct. DOS ran in RAM so it was a virtual system also. And the virtual systems do not have a drive letter assigned to their RAM usage.
Real systems that did not use RAM were tab machines and card sorters. Their processes were controlled by boards wired to control them. No RAM involved.
PEBuilder is a free app, if you have an XP CD download the app and build a BartPE system CD and see for yourself. The CD is not writable, the OS is running and can be changed, the running files in RAM are not addressable and the amount of RAM used is not equal to or greater than the CD files.
Ed
I have still 6 CD here , made some years ago. All work still, start them , can even remove the CD, they still work, sure can not pull up new apps from the CD then, but all works fine, drivers still work , even network continues works after CD was removed. Will ordinary OS survive this ?(if bios allows it )
Those are very old PE builds I did with some AV apps that time. (avira and so)
It will not read the registry entries from the CD however or better say just generic frame, it does create them as it configures the system, the drivers configs, text or binary are also created during the hardware probing. I was also able with some of the AV tools to make update of the databases life, directly from net. We have also in PE systems something I call helper, this would work probably slightly like dos core only did, just bios functions, no other io abilities, no hardware support beyond 'IBM-compatibe' frame. Only today, or even 10 years ago, we had far other possibilities with bios functions then they had with the ibm-compatibles.
OK leave it, it is simple, OS is a dynamic system of software, it has to be configured, new files has to be created, registry has to be reconstructed according to the functions and drivers actually used, if needed also apps have to be connected to system and probably to some hardware too, this all is dynamic work which normal OS will set up once and write it to some media. As life system can not do this that way, it has to use similar structure somewhere else.
ok by
Otto Sykora
Basel, Switzerland
I've never seen any guide to GParted anywhere. It's a very simple program to use, with a good GUI. Everything I know about using it, I learned in about half an hour of experimenting.
What Ottosykora posted is everything you need to do. The only important thing I'd add is to make sure that your first (windows) partition needs to be FAT or FAT32 so that you can read it in Windows. The second partition can be any file system that your choice of Linux supports. For Puppy, I used ext2, but I could have used almost anything. BTW, only one partition can be bootable, so if you want to put more than one OS on the drive, you'll need to use some sort of boot manager. I don't know much about that myself, but you can find a lot of info here:
http://www.pendrivelinux.com/
I'm hardly an expert on Linux. I do most things in Windows, and use Puppy primarily as a rescue disk or to take care of odd things that Microsoft doesn't want touched.
Most apps of import you'll want to use like web browsers and IM clients require that their data exists in a read/write location. Many even require that the app files themselves exist in a read/write location. So, when run from a CD, we actually have to copy the data files and sometimes the app files to the local machine and run them from temp.
Sometimes, the impossible can become possible, if you're awesome!
Going read only is not going to work but you can make your USB effectively have partitions with encrypting containers. And yes, you may even have the option of mounting it as a read only drive.
I need to keep certain programs and diagnostics secure and one of the nice things about the U3 software was its ability to password protect the USB partition. Hardware encryption is still too prohibitively expensive.
There are a few encryption programs that will work in a portable environment on a USB drive. Basically you create encryption containers on your USB drive that become individual drive volumes to Windows when you unlock them. To be truly portable look for programs that either install to your USB or can set up containers on your USB and allow them to be unlocked 'without' Administrator rights.
I use a program that is installed on my computer and can make encrypted volumes on either my system drives or portable drives. When an encrypted volume is set up on a portable drive it puts a small executable in the root of that drive. You run the executable and after you give it your password you now have access to that data as a drive through Windows on any host machine without Admin rights.
So just look for USB encryption programs and choose one that will do what you need (ie. free versions vary in size of volumes they will do). I use a 4GB stick with 2 - 900MB encrypted volumes that show up as drives after giving my passwords effectively giving me 3 partitions. As far as I am concerned, a stick that is not encrypted is a toy and not a tool anyway. You lose your stick and you better have it encrypted if you have anything important on it.
All I've seen so far by googling is tips to lock down the autorun.inf file but that doesn't really help when you're running PortableApps does it? And I don't understand how encrypted volumes would help, can't the malware just infect the decrypt/encrypt executable and inject itself through there? Sorry for the questions my understanding of malware is minimal
Sorry I forgot to search the forum before posting. I see now this question has been asked before! I'm off to install automemscan then.