TrueCrypt is great but lacks an important feature. Mounting to folder instant of drive so it wouldn`t need admin rights.
Is there already another tools which can do this?
New: DesktopSnowOK (Jan 6, 2025), Platform 29.5.3 (Jun 27, 2024)
1,100+ portable packages, 1.1 billion downloads
No Ads Nov/Dec/Jan!, Please donate today
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
I believe the issue is not that it is mounted as a drive that requires admin access. The fact that the encryption happens transparently to the applications is what requires the admin access. If I am not mistaken you could think of the encrypted data as a foreign file system type. To read it (mounted to a folder or drive) you would need to load a driver. Apps interface to Windows, Windows interfaces to driver, driver interfaces to encrypted data.
The only way that I think it could be done would be to create a wrapper around an app that you want to give access to encrypted data. By intercepting that app's calls to access the filesystem it could be possible to 'inject' an encrypted mount point in there.
I could be stupid and or wrong. If I am please show me the light.
Key ID: 0xDAE3095F
Fingerprint: 5D98 65D2 1844 21A5 76C1 F0F6 4BE6 D689 DAE3 095F
Everything that mounts something needs a system driver (.sys). Every system driver needs Admin rights...
The system driver needs Admin rights to be installed. Once it is installed, like all the other drivers on the computer, it is available to most non-Admin users.
The only non-Admin encryption we've identified is on certain USB drives with the encryption in the drive's firmware. The driver they use is the standard storage driver that comes with Windows, and thus doesn't need to be installed.
MC
Yep, once installed for example TrueCrypt, it doesn't need admin rights to be used. This might be an issue however on machines without TrueCrypt pre-installed.
But one might agree that if the content is encrypted it's for use on trusted PC's where the user has have admin rights or the encryption driver is installed. And on untrusted PC's one should not expose its encrypted data anyway.
Still I have encrypted FileZilla to protect my FTP account data.
I did check out the Remora USB Guard Pro trial. It has nearly this functionality. Just can`t encrypt on the fly.
Well, seams there is no such tool yet. But I think it could be possible.
it will be possible if the Windows includes a kernel-mode cyphering solution, that doesn't happen right now.
There is an old trick (used on unix before Windows existed) to do this.
(by "this" I mean "mount a filesystem without admin rights")
It is simple really: the app that wishes to expose a file-system runs a small network server that serves a known protocol that the OS can use and mount (without admin rights). In old times this was NFS, now SMB/CIFS could be used, but WebDAV is much simpler and is almost as good.
So the crypto app opens the encypted container file and exposes the content over WebDAV. The user then just mounts a WebDAV "network" drive using standard OS tools (Windows supports WebDAV since XP).
There is an example (more a proof of concept, but it works) here: http://www.heise.de/ct/artikel/SecurStick-Verschluesselung-ohne-Admin-Re... (german)