[SATLUG] Re: USB device encryption

Brinkley Harrell jbharrell at fusemeister.com
Fri Jan 11 16:19:00 CST 2008


John Pappas wrote:
> On Jan 10, 2008 7:41 PM, Brinkley Harrell <jbharrell at fusemeister.com> wrote:
>
>   
>> TrueCrypt works fine on Windows with or without a an admin account. You
>> do have to be admin to mount the encrypted drive on Linux in some cases.
>>
>>     
>
> Is that on a system on which truecrypt was already installed?  It is my
> understanding that both OS's require a kernel driver.  I have just gotten
> some new dells, so I will give it a try.  Linux is easier as live cds are
> pretty common.
>   
My mistake -- I apparently had the TrueCrypt driver loaded on my system 
and I did do that as 'admin'.
I specifically created a test user under a clean version of Windows XP 
SP2 with no specific permissions other than generally do limited to do 
bland user stuff (i.e. member of 'Users'). I get prompted to do the 
basic install as administrator.

I have TrueCrypt installed in the USB thumb drive. The top level 
directory contains the following:

       * autorun.inf with a file size of 4KB
       * StorageArea with a file size of 1.9GB
       * TrueCrypt directory containing
             - Configuration.xml file
             - TrueCrypt Format.exe Windows binary executable
             - truecrypt-x64.sys binary file
             -TrueCrypt.exe Windows binary executable
             - truecrypt.sys binary file

The 'autorun.inf' file contains:
       [autorun]
       label=TrueCrypt Traveller Disk
        icon=TrueCrypt\TrueCrypt.exe  
        action=Start TrueCrypt
        open=TrueCrypt\TrueCrypt.exe
        shell\start=Start TrueCrypt
        shell\start\command=TrueCrypt\TrueCrypt.exe
        shell\dismount=Dismount all TrueCrypt volumes
        shell\dismount\command=TrueCrypt\TrueCrypt.exe /q /d

If the driver has been previously installed then, when inserted, the USB 
drive will automatically open the Windows dialog box asking you what you 
want to do and, then, will start and execute TrueCrypt.exe if you tell 
it to.

It hasn't come up as a discussion before because all of the computers 
I've used it on are "owned" as local administrator by the user account 
I'm using (domain computer or otherwise). Sorry for the mis-information.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Brinkley Harrell
http://www.fusemeister.com



More information about the SATLUG mailing list