TrueCrypt.

You can use it to make a totally portable encrypted drive, so you won't have to have TrueCrypt installed on the PC where you want to access your data. Only catch is you have to have admin-level access, otherwise the software must be installed on that box.
posted by middleclasstool at 2:35 PM on September 22, 2007

XP's Encrypted File System (mentioned first) isn't usually recommended for USB thumb drives, since:
1) You have to use the NTFS file system, which requires some tweaks in XP, and
2) the encryption method relies on encryption keys stored based on user account, so unless you are have multiple machines in the same domain using your logon credentials, you won't be able to access the drive from another location.

Unless you back up your main system, a hard drive crash could make your USB drive inaccessible as well.
posted by curse at 2:41 PM on September 22, 2007

You can always reformat the drive to FAT32.
posted by deeaytch at 2:41 PM on September 22, 2007

Use TrueCrypt
posted by null terminated at 4:48 PM on September 22, 2007

If TrueCrypt won't work for you, try Cryptainer LE.
posted by RussHy at 6:39 PM on September 22, 2007

The reason why admin rights are needed is because the encrypted volume is mounted as a separate drive, which I believe means that TrueCrypt has to run drivers. Windows will not allow you to do this unless you have rights to the computer, because this is extremely low-level access to the OS that could allow malware to really fuck up a system. I'm hell and gone from being an expert on this, so take this with a grain of salt, but there's no good crypto software I know of that doesn't have this limitation -- either you need admin rights, or the software must be installed on the machine by someone with admin rights. The only way it would work is if it didn't have to mount the encrypted volume as a separate drive, but my limited exposure to this kind of software hasn't revealed any products that can do this.

Here's a discussion on PortableApps.com about this issue.
posted by middleclasstool at 7:45 PM on September 22, 2007

You could use any portable encryption software. GPGshell and dscrypt are some that I use. Portable 7-zip has a strong symmetrical encryption options.

Any sufficently hostile PC to which you expose your data could copy it. With 7-zip or GPGshell you could have a simple click-to-encrypt click-to-decrypt option. You just have to remember to do it.
posted by a robot made out of meat at 7:45 PM on September 22, 2007

Well, it's not the most efficient option because it means decompressing your data before you use it, but installing Portable 7-zip on your drive (you can find it on portableapps.com) as a robot made out of meat suggested and making an encrypted zip file of your data is a good way around this limitation.
posted by middleclasstool at 11:06 AM on September 23, 2007

middleclass: as the portable apps thread suggests, when you "delete" something on a flash drive it doesn't really get rid of it. They have an unusual file system to make sure that usage is consistent across the device. Because writing burns them out, they will fight you tooth and nail in your attempt to rewrite over sensitive data.

The solution is do decrypt on the fly, but that needs rights to mount the device. Alternatively, you have to decrypt to a hard disk, then delete from the disk. That's workable, but something you have to remember.
posted by a robot made out of meat at 3:17 PM on September 24, 2007

Good point, and I hadn't caught that. I work off a portable HD, so I tend to gloss over flash-specific issues in those discussions.
posted by middleclasstool at 4:51 PM on September 24, 2007

america4, this is awesome and may thoroughly fit your needs. I can't tell for sure, but it looks like you don't have to have admin access to mount it. It has software that runs when you plug in the drive, and if the Windows installation is configured to block autoplay, then you can just run it manually through My Computer.

The goddamn thing even has a "self-destruct" feature, ffs. WANT.
posted by middleclasstool at 1:01 PM on October 4, 2007

This thread is closed to new comments.