Many people have suggested solutions of combining PortableApps and TrueCrypt. I also have one at http://webandlife.blogspot.com/2007/11/build-secured-and-portable-pim.html
Such solution has all features of U3 in respect of security and GUI. However, it required a few more mouse clicks and keyboarding.
1. When inserting the USB, the VBScript will ask for a drive letter to mount the TrueCrypt container.
2. Before gracefully unplug the USB drive, I need to first close Portable Apps Menu and other portable applications, then unmount the container.
3. Two tray icons are used.
At the moment, I can only use VBScript to glue two completely separated programs together. This is how far I can go for good usability upon security.
I just wish, the developments of PortableApps and TrueCrypt can go closer in order to provide secured portable solution with better usability -- easy to initialize and easy to use.
I am not a C/C++ programmer now. I wish respective developers can improve PortableApps and TrueCrypt to support such UI design:
1. When inserting a USB, a dialog will appear with a list of available drive letters. The user may use a default highest one or pick up one, if the default one might be used by local computer policy later.
2. After the user answer the password, the container will be mounted. Only PortableApps tray icon will be shown.
To unplug gracefully, I just need to click on the PortableApp tray icon and select exit. If there are portable applications running (launched from PortableApps' program files area), PortableApp should prompt a warning and give me a chance to close those programs, or portableApps will close all these programs. Eventually the truecrypt container will be dismounted as well by portableApps.
If I unplug the usb drive disgracefully, PortableApp should pop up an message, so I may re-insert the useb drive to exit gracefully.
To initialize a USB drive, I will have a shell program to create all needed stuffs, for example (I think you might come up with better designs):
1. Run PortableAppsTrueCryptSetup (PATC) from PC's local hard drive.
2. Prompt for creating TrueCrypt container. Actually the container is created on local hard drive first by default for performance. Then PortableApps Menu will be copied to the container.
3. Prompt for optionally selecting portable applications to install into PortableApps Menu.
4. Prompt for selecting which USB drive or other portable storage to use. The Truecrypt container will then be moved to the portable storage, and a proxy program will be copied to the root say "U:\".
5. Prompt for test run.
How do you think?
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
Besides the two shortfalls mentioned in the original blogpost, there's one more. The poster used VBScript which is disabled on some machines. Using a batch file would be a better idea.
IMO, until someone comes up with a way to do what Truecrypt does WITHOUT admin rights, these little "hacky" ways of doing things won't be used by many people.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
The fact that you need admin rights to use TrueCrypt seriously limits its audience for use in a truly portable situation, but, due to the nature of Windows filesystem drivers, the only ways that anything that provides whole drive encryption can work are to have a driver pre-installed by an administrator, or for the current user to be an administrator.
So, until Microsoft roll some equivalent into their OS, and until people actually trust it (which could be a long time given MS's past history with security issues), then there won't be a method that doesn't require administrator rights.
So, in the mean time, I have a drive in my pocket that I can only easily get to my private data on if I have admin access to the machine. But that is a price I am prepared to pay to ensure that nobody else can get to it if I lose the drive.
For now, though, there are at least two PAM clones that have TrueCrypt support
Smithtech's menu https://portableapps.com/node/9739
and
geek.menu https://portableapps.com/node/9883
Personally, I use geek.menu, simply because I found it first, but I'd suggest that the OP checks those two out, as well, to see if they offer what he's looking for.
Thank all who answered. I am glad people actually had invented the wheel before I asked. Both Smithtech menu and geek.menu look like the one I want.
Basically I need portable applications between my computers at work and at home, both with admin access and I use both in LUA. Hopefully MS will come up with API for secured portable application without admin right to initialize.
Andy Wong
you checked the PAM Mod's? R3x and SmithTech's, both have something more and less as you describe it...
If a packet hits a pocket on a socket on a port,
and the bus is interrupted as a very last resort,
and the address of the memory makes your floppy disk abort,
then the socket packet pocket has an error to report
While there are ways to integrate Truecrypt and portable apps on a removable drive, I'd expect that Admin privileges would not be available on many public computers. It seems risky to invest a lot of time or effort into integrating the two if you won't be able to use the resulting drive except where you can get Admin privileges -- unless you can reasonably expect to have Admin privileges wherever you go (or have the Truecrypt drivers pre-installed).
MC
Geek menu!
Because GeekMenu will be able t use both, a encrypted part and if no privileges a regular one.
that means you can't access certain stuff. (Usually the important stuff)
Insert original signature here with Greasemonkey Script.
The lets hope GeekMenu include TCExplorer in cases you cannot have admin rights.
http://sourceforge.net/projects/tcexplorer