I have written something for my company to help them secure documents on a USB stick. I'm getting on in years now, and never really progressed from the days of DOS batch scripts, so this is what I end up using, its not elegant, not clever, but it just about does what they want.
Today I found Portable Apps, and wondered if its something that I could use because its so much better than anything I'm likely to be able to create.
I haven't fully read round all the forums sections yet, but intend to continue on, but wanted to post a message here in case someone can give me a pointer or some help with what I need to do.
Scenario:
USB Stick contains a directory lets say /Secure
My batch file app, asks for a password (hidden input), compresses the files in the /Secure directory with encryption using the password given into a file called Secure.dsk in the root directory, and then deletes the entire /Secure directory.
When they want to use the files on the stick again, another Batch file prompts for the password and then uncompresses the Secure.dsk back into /Secure.
Thats it, nothing clever really, the only input I want from the user, is to start the process and enter a password. I couldn't find anything out there to do it. There are lots of encryption programs, and ways to secure USB, but nothing as simple as I required.
The idea behind this being that if the stick got lost, no one would be able to (easily) read the files.Its not designed to be 100% perfect, just to do a job, because the people here seem to lose the sticks endlessly.
I realise this is a very specific requirement, but I'm willing to try and adapt anything that you folks think might be useful as best I can, but I'd love to be able to have it in a nice interface like the Portable Apps, and we might even be able to offer the people here added functionality like the backup facility at the same time.
If anyone can get me started in the right direction I'd very grateful for your help, because I really need to move forward from my 1980's DOS Batch scripts.
Thanks for your time reading this and any help you are able to offer.
Feel free to ask me anything if you need more info!
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
The only way I can help is by pointing you to another place. I was reading on how to create a batch (or vbs script) to mount a TrueCrypt volume and do other things. I found somewhere (I think on Lifehacker.com) a way for a command window to ask for your password. The password you typed was completely hidden, not even ****. You might want to google for a TrueCrypt script for that.
Also, all that writing will really ware down the flash drive wouldn't it?
---------------
"I hear and I forget. I see and I remember. I do and I understand." -- Confucius
"In three words I can sum up everything I've learned about life: it goes on." -- Robert Frost
"In three words I can sum up everything I've learned about life: baby ain't mine." -- Adam Holguin
I am pretty sure I looked at TrueCrypt once before but will do so again, I have a feeling that I hit a problem with it because it mounts the encrypted volume as a disk, which requires administrator rights, and we don't give our users that.
I did rummage and find a mention of a batch to exe converter which I have tested and seems to work fine. So now I have 3 .exe files which I just need to make available via a menu system. So now I'm off to see how I can add my files into the Portable Apps menu perhaps.
You can use 7zip to create the zip (or 7z) file. I really don't use it as often, but I think you can zip files/folders and it will encrypt it if a password is used. The vbs script that I mentioned before is from Security Musings and it has the vbs script at the bottom.
---------------
"I hear and I forget. I see and I remember. I do and I understand." -- Confucius
"In three words I can sum up everything I've learned about life: it goes on." -- Robert Frost
"In three words I can sum up everything I've learned about life: baby ain't mine." -- Adam Holguin
BCArchive:
BCArchive is a freeware (but not Open Source) encryption program that does exactly what you just wrote above and more. Put the BCArchive files onto a USB key and you're set to go. All desired files are first copied into a "vault" (just a file). The original files can be securely deleted via the options. The "vault" size is not predetermined so you can add as much as you want and the file size increases/decreases with the quantity of information/files that you put into the vault.
Once inside the vault, the interface is like a classic WinZip archive, except that you can see graphical folders, etc. Double-click on any file to work with it. The target file is unencrypted and uncompressed into the user's Windows temporary directory and is AUTOMATICALLY opened using the associated program (a very nice touch). The user works with this file as much/long as he/she wants. When the user is finished, he closes the file and BCArchive automatically recompresses/re-encrypts the file back into the vault and AUTOMATICALLY secure-wipes the file in the user's Windows temporary directory. The user closes BCArchive.
It does not require administrator rights and can work directly off a USB key. It is not stealth because it creates registry entries. But this can be taken care of by a NSIS launcher (I have one if you are interested -- based on Klonk's Portable Application Launcher 1.4.2). It also does not create any stray files outside of it's application folder. See the following website for more details. I am not affiliated with them.
It is important to note that with all portable applications, the extensions should not be registered or associated so double-clicking on the "vault" will only open up a dialogue box. If you want to open the "vault", you should open it through the program (but there are options to do this automatically). Also, BCArchive will let you check out only one file at a time. Finally, if the user works with programs that save intermediate/back versions of the files like MS Word and Excel do, the temporary/backup versions are not encrypted, wiped, or anything...but this is a general Microsoft problem and not specific to BCArchive.
http://www.jetico.com/index.htm#/bcarchive.htm
Truecrypt:
This is in the TC documentation.
I think that if an Administrator installs TC on your User's computers, they will be able to use it without Administrator rights. So your users will be able to use TC at work. If they are at home, they will be Administrators so can install TC (free) at home. If they are elsewhere and do not have Admin rights, they will be SOL.
Hope this helps. CD
I fail to see any real difference between this and an encrypted 7z archive.
Vintage!