Flash Drive Powerhouse Part I: Encryption
Flash drives are easily lost. You need to do all you can to keep it on your person (come up with your own system to remember to keep it with you), but accidents do happen. Better have a backup plan.
First of all, let’s imagine a scenario where you lose the flash drive and someone comes across it. This person is curious yet honest and looks at it. Maybe he could piece together information from your files to figure out who it is, but this honest person can help you if you just add a small file in the root of your flash drive.
Create a text file called REWARD IF FOUND.txt. In it, include a very brief message asking them to call your phone number. Make sure the root of your flash drive isn’t cluttered, so he’ll find it easily. If this person is honest (or even just looking for a reward), then he’ll call you up. It might also be good to write your phone number on the drive itself.
But sadly, life is not always so perfect, and many of those out there are less than Good Samaritans. Some, driven by curiosity, may want to snoop through your files. And the malicious will actively go through your documents to try and damage your reputation, or worse.
That’s why you need encryption.
Now, I have to admit that I haven’t been able to find the perfect fit for USB encryption. Folder-locking and encryption software are usually non-portable and commercial. There is one kind of encryption that is almost perfect — on-the-fly encryption, or OTFE. TrueCrypt is a program which gives an awesome amount of encryption by having everything saved in an encrypted volume which is then mounted as a virtual disk and can be used like any other drive. Excellent program, except for one tiny problem: it doesn’t work unless you have admin access on the computer you’re using. This may not be a problem depending on what computers you’re planning on plugging your flash drive into (like a home computer), but it makes it unusable for school computers or internet cafes. And don’t bother trying to search for other OTFE programs that work without admin access — by definition, such a thing isn’t possible, since OTFE requires device drivers to be installed — an admin-only operation. Well…you could get it to work by having an administrator install it first, then use it to mount the encrypted image…but don’t expect to be able to do that on every public computer you’re using.
I’ve spent over a dozen hours, and there’s nothing that works just right for a flash drive. So, on to plan B — our backup plan to our backup plan, if you will.
We can’t encrypt the whole drive, since using any encryption program will take too long when trying to encrypt and decrypt all your programs. It’s probably the best plan to only encrypt the files that you wouldn’t want anyone to stumble upon. Use your own common sense here.
Download Portable 7zip and extract it to a folder in your USB drive. Now, it may say it’s a French version, but don’t worry — it’s English, actually. 7zip is a program much like WinZip, and it’s best to have a portable version on your flash drive so you don’t have to worry about not having it installed on the host computer.
Open 7zip and navigate to the folder with the soon-to-be-encrypted files. Select the files, right-click and go to 7-zip >> Add to archive…. Name the archive what you want (like NothingToSeeHereMoveAlong.7z).
I’d recommend you save it in .7z format instead of .zip. This is because it’s not as common, and since the program is portable, double-clicking on it won’t give away that it’s an archive. That should keep some of the more dim-witted intruders away.
Where it says Password, put in the password you want to use to access it. Now here’s the important part: Make sure “Encrypt file names” is checked. This makes you have to put in the password to even open the archive; otherwise, anyone could browse through any folders in there and read the filenames. Even if he couldn’t read the letter to your secret crush, “TiffanyMyLove.doc” may say enough.
You can just go into 7zip and double-click on the file you want open to view it. It’ll stay encrypted there unless you specifically extract it. Remember, though, that when opening it, it opens a temp file in a folder in C:\Documents and Settings\[user name]\Local Settings\Temp\. This can be a security issue, but when you close the file, the temp data is deleted.
Oh, and there’s a good alternative if you just have a couple small files or a text file in particular: Yadabyte has a few great programs for the tiny things. Check them out; they should be helpful for much of what you need encrypted.
So, that’s that. It’s certainly not a perfect solution, since applications are far too large to efficiently be encrypted and unencrypted on a regular basis. But maybe you can get around it by making sure your browser bookmarks and IM passwords aren’t saved in there but in an encrypted text file.
Of course, I wish there were some free programs that could do a better job, something like TrueCrypt (which is great for home use, by the way), but without that annoying admin restriction. If you find out about something like this, let me know!
This concludes part 1 of this series. Next I’ll talk about some of the best portable programs to have with you, so you can do most of your regular tasks from the flash drive itself.
