February 22, 2007 3:15 AM   Subscribe

I am about to install TrueCrypt for the first time. My aim basically is to encrpyt the files in my USB stick. However, during the process of creating a volume, there is a notice that states: "if you encrypt a partition or device, all data currently stored on the partition or device will be erased." What is the best way to create a volume in a device like USB stick without losing the data already in the stick ?
posted by Yiba to Computers & Internet (8 answers total)
Copy that data onto your computer's hard drive, erase the USB stick, encrypt the USB stick, and then copy the data back from your computer's HD onto the (now-encrypted) USB stick.

Then erase the data from the computer's HD. Bonus points for a method of erasing that 'scrubs' the data on the HD; Mac OS X has this functionality built in as "Secure Empty Trash," but I don't know if Windows does.
posted by ikkyu2 at 3:21 AM on February 22, 2007

For Windows, you could use the open source Eraser to securely wipe the files from your HDD after doing as ikkyu2 suggests.
posted by monkeyforest at 3:37 AM on February 22, 2007

Or use this tool instead.
posted by yclipse at 4:11 AM on February 22, 2007

Just create a volume on the stick, rather than encrypting the entire stick. Copy the files from the regular USB stick partition to the new encrypted volume.
posted by Jairus at 5:10 AM on February 22, 2007

If your usb stick is full, do what ikkyu2 says. If it is not full, then do what Jarius says. The volume you create is a file on the usb stick. The program will mount that file as a drive on your computer. So if you have 200 MB free on your stick, create a volume about that size and then you can move your files to the encrypted volume. I have an encrypted volume on my usb stick, plus room for stuff that does not need to be encrypted.
posted by fhqwhgads at 5:48 AM on February 22, 2007

I made a FPP a while ago on autoplaying a truecrypted thumbdrive.

To avoid needing erase tools you could create the truecrypt volume on your hard disk; move the files from your thumb drive to the encrypted volume and then move the encrypted volume to the now empty thumb drive.
posted by Mitheral at 10:29 AM on February 22, 2007

I recommend encrypting the entire device. You might create a temporary container on your hard drive while the flash drive is being formatted. Then you don't have to worry about securely deleting anything.

Just so you know: flash drives use a sort of constant-wear writing method that writes first in one place, then in another. Over time this will create several hidden "copies" of your TC container that an adversary can use to gain information about the contents of your encrypted container. Also, this means that using a secure deletion tool on your flash drive will not work as well as when it is run on a hard drive. (This was not what was suggested up-thread though.) For extra security you should disable your page file (or encrypt it) while using any files from the encrypted container.
posted by philomathoholic at 10:13 PM on February 22, 2007

I would just want to point out that (AFAIK) if you do encrypt the entire partition (assuming your USB device is formatted as a single partition), and not as a file-based volume, then if you want to use the encrypted USB stick on another PC, it will need to have TrueCrypt installed on it to be able to use your USB stick.

(Unlike a file-based volume, where you can include some unencrypted stuff like the actual TrueCrypt software; like TrueCrypt's own Traveller Mode does.)
posted by insipidia at 6:18 PM on February 23, 2007

« Older How do I develop a friendship with my favorite...   |   Is there any way I can get back the money my... Newer »
This thread is closed to new comments.