I'm not talking about data that affect national security here, just the regular stuff one carries around from day-to-day.
The question is, is there a way of ensuring that the enemy can't access my stored files should I misplace the USB stick?
Is there a way of, for example, making it so that the contents of the memory stick can only be accessed upon input of a password?
Does such a program exist? Anyone used such a thing? Effective & user-friendly?
Any thoughts & ideas are gratefully received. Cheers!
We use encrypted sticks at work...
[url= http://www.ciao.co.uk/Kingston_DataTraveler_BlackBox_USB_flash_drive_2_GB__6917337 ]Kingston Black Box[/url]
They don't come cheap though
Truecrypt (.org). It's free. Either do the whole thing, or create an encrypted file on there which the software can mount as a virtual filesystem. If you do that method, you can keep a copy of the software on the unencrypted bit too to use on other computers.
^ what he said, in fact what both said.
TrueCrypt volume for ease of use on cheap memory sticks
Encrypted sticks (lots of them around now) if you don;t fancy that.
We've found a few along the way and its quite impressive what you can recover off them (even when deleted) 👿
There are all sorts of encrypted discs, I've got Softek & Integral AES 256BIT ones myself. Didn't cost that much really, if keeping stuff safe matters to you.
truecrypt, cost nothing, can only be broken if they are cutting your fingers off
[i]We use encrypted sticks at work...
Kingston Black Box[/i]
you might want to let your company know that they're exploitable.
[url] http://www.darkreading.com/security/storage/showArticle.jhtml?articleID=222300819 [/url]
(Mac user) I keep an encrypted .dmg disk image on mine to store 'sensitive' files (octop0rn)
Not useful if you need access from windows, but thought someone might be interested.
+1 for Truecrypt.
"truecrypt, cost nothing, can only be broken if they are cutting your fingers off "
Even then, truecrypt allows you to password protect the data you really want to keep hidden, and a create a second password which, when entered, reveals a second data area for you to keep stuff you don't mind sharing, so should duress be used you can appear to unlock the drive, but your stuff stays secret. And because of the way it works, it's imposible to tell whether there's more suff on the drive, or not. Brill.
You really need to have put [u]only[/u] encrypted data on the stick from the word go for it to be passably secure. Encypting a stick which has already had data on can leave any remnants of that data vulnerable.
[url= http://www.ironkey.com ]Ironkey[/url] secure USB is great, Works on Mac and PC. Hardware-based. Self destruct. Physically secured. etc etc.
Or, you could just not use a USB drive.
TrueCrypt is really really good. As Johnny Panic describes it can protect you even in situations where you are forced to give up the password.
And because of the way it works, it's imposible to tell whether there's more suff on the drive, or not. Brill.
Although not if the person looking at your drive is an expert - I understand* that there is some analysis they can do to detect the hidden partition. But unless you're involved in a criminal case of some kind, probably no one involved is going to be capable of doing it.
Joe
*I don't know how common knowledge this is, but I know for certain of at least one person who has done this, and I did get the rough details, but it was all a bit too clever for me.
There is a bit about it on wiko, under 'identifying truecrypt volumes'
I use Axcrypt for our archives which seems to do the job but I'm going to wander over and have a look at Truecrypt.
Cheers Samuri, I have just mailed your link into work.
We purchased a ton of them. They all had to be recalled. Cost us a lot of money. I've watched the exploit in action, it's insanely easy to reproduce and Kingston are far from the only affected company.
mmmm. Our ICT made a big show of ensuring we all had them, and at £62.40 for a 2gb they aren't cheap. It will be interesting to see how they respond - but typically they are IT experts and don't like to be told that they may have made the wrong decision.
(We have only just moved from GroupWise to Outlook, we used Word Perfect suite until pretty recently!)
Pictures of you and the Pope is it?
Ironkey impressed me the most at the security conference I went to last year.
Once devices start appearing on the CAPS listing then we'll consider them. I think Integral disks might have made it onto there by now and they were pretty cheap.
How about leaving the data on your servers, and VPN in to get to it? (OK: not much use if you want offline access, but given you can be compelled to reveal USB keys by law enforcement (e.g. US Customs) it might be a better solution.)
I really like [url= http://keepass.info/ ]keepass[/url].
As well as holding all my website passwords, I also store
any other files or info I want.
Using it I have different and totally random passwords for all websites.
Another great advantage is that there is no software to install on the pc. It all runs from the memory stick.
