I would like to see an application that locked the USB Drive so that no files could be accessed and no programs ran unless authentication is entered. I have seen some programs that claim to do this, but I haven't been to impressed. I am thinking of something like the u3 password interface.
this moment you can't, unless if you use smithtech's Mod...
Please use the search feature at the top of this page... this is the most common topic posted...
If a packet hits a pocket on a socket on a port,
and the bus is interrupted as a very last resort,
and the address of the memory makes your floppy disk abort,
then the socket packet pocket has an error to report
Actually you can do this with many flash-drives,depending on the controller
it uses and if the manufacturer/retailer has provided the required software.
A good way to check if your hardware supports security-features is to either
have a look at the mfg-website or get the 30-day free trial version of CarryItEasy
from here : http://www.cososys.com/software/carryiteasy+plus.html
It's simple : you plug your flash-drive in and run the program.
If your drive is supported the software will load, if it isn't you will get a message,no harm done, nothing to "un-install" .
Maybe we should start nagging the flash-drive manufacturers a bit?
Many drives have hardware-security but try finding a documented DAPI ..
This isn't an app solution, but rather a hardware solution to the problem which works well for me. The Corsair Flash Padlock Drive:
http://www.corsair.com/products/padlock.aspx
Well, unless you can rely on having Administrator privileges wherever you plug in, you need some sort of hardware solution. Sigh.
The Corsair looks fairly secure, although it doesn't appear that the files are encrypted. Before I stored nuclear secrets on it I'd want to know whether a forensic analysis (e.g. taking the flash memory out and using your own electronics to read it) would make the data available. But that's a lot of work, so maybe this would be good enough to keep my love letters secure.
MC
The Corsair doesn't encrypt. And while I haven't pulled mine apart to do any "extreme" tests to see if data can be extracted off of it, here's a review in which they did:
http://www.legitreviews.com/article/552/5/
It's nice to read, though I do think that he's being a hair optimistic. Given the right know-how and tools, I would imagine that someone could get your data off of the "secure" drive.
But as I'm not carrying any nuclear secrets either, I feel pretty good about carrying my data around on a Corsair Flash Padlock. Besides, I keep my really crucial stuff encrypted on the drive in KeePass Portable anyway....
This seems pretty solid (and a bit expensive):
https://www.ironkey.com/
And I strongly considered it. But while I love the hardware, I resent having to pay yearly for the internet service, and to a certain extent the user loses control over what apps they are running, when they can upgrade, etc.
But if you gave me the IronKey hardware and allowed me to run the PortaleApps suite, and didn't charge me for an internet subscription, I'd be very happy. But as it stands, the Corsair Flash Padlock will have to do for my needs...and it's a whole lot cheaper.
Check out these guys:
Encryption in hardware (AES256), hardware evaluated strong passwords.
Fully compatible Windows Vista, XP, 2000SP4 and through VMware (Linux, MacOSX)
All data is encoded, always. No extra fees.
http://www.blockmaster.se
/rassgat
I use TrueCrypt to password protect my files on a pendrive.
It has an option to make a encrypted file that you could mount as a drive. And program can create a traveler disk that is automounted on insert and typed password.
TrueCrypt is the perfect solution, except for public computers where you don't have Administrator privileges.
MC
You can us Kaka software, is a freeware :
http://www.kakasoft.com/
and work perfectly without need of administrator privilege
It doesn't say what kind of encryption it uses, so it could be anything.
Toucan encrypts things too, with a strong and standard encryption algorithm.
I thought the word kaka was something not suitable for family sites?
The benefit of Truecrypt (or hardware encryption) is that files are always encrypted, even during use. If the power fails or the drive is pulled free, information is still encrypted, whereas with the individually encrypted/decrypted files, if you pull the drive out while the files are decrypted, they stay that way. Temporary files are a problem too; with Truecrypt they can be stored on the encrypted volume, whereas with individually encrypted/decrypted files, temporary files might contain confidential information that isn't completely removed or erased, even if the original file is re-encrypted.
Encrypting individual files is about the only solution available via software (without Admin privileges), but it can't compare to a hardware or software encrypted volume.
Of course, individually encrypted files may be "good enough" for many uses. As long as you know the benefits and liabilities, you can make a good choice for your own situation.
MC
some of the folks at PortableFreeware.com are putting it through its paces.
Looks like something for very mild protection from casual snoops.
http://www.portablefreeware.com/forums/viewtopic.php?t=2705
was reading the entire thread on portablefreeware and it's enough for me (I'm not hiding atomic plans... yet ) but what I'm looking for is an file/app protector with the ability to autorun a specific file when unprotected... such think exist?
BTW, whit no admin rights (and portable of course)... I know that smithtech MOD do it from an encrypted partition, but it needs Admin rights...
If a packet hits a pocket on a socket on a port,
and the bus is interrupted as a very last resort,
and the address of the memory makes your floppy disk abort,
then the socket packet pocket has an error to report
Ewwww.
The executable is called "lockdir". And sure enough, it looks like it is obscuring the directory rather than encrypting. Or maybe they are actually encrypting the directory structure, but if it and the files can be recovered with undelete programs, it's not very effective.
Since they don't reveal what they are doing (what technique to hide the directory, what encryption algorithm) it leaves them open to speculation. The discussion in PFW seems to be more speculation than experience, but still, if the vendor had actually put real and trustworthy information in the description, there would be no need for speculation, either way.
I wouldn't trust this very far.
MC