Is it possible to password protect data (folders or the stick itself) on a memory stick, in case it should fall into enemy hands ??

cheers Ginge

some memory stick have built in encryption software, like s.a.n.d.i.s.k. for Folder in mswindows, there are utilities like dirlock.

Have you looked at TrueCrypt (http://www.truecrypt.org/)? It's an Open Source project, which means that there's no cost, and also means that the source code is open to inspection for security holes or backdoors. I haven't tried it myself, though - so far I've only tried native Linux methods (LUKS) with varying degrees of success, but maybe I should, since TrueCrypt works on Linix and Windows.

As said you want to use TrueCrypt.

I work in the IT Department in a college and the software you get with these pendrives is not encryption. If you can use some tools to view the contents easy. With TrueCrypt you cant do that it is encrypted and hard to crack. The only problem with TrueCrypt is that you need to install it on every computer you intend to use the drive on. The good thing its compatible with Mac, Windows & Linux & its 100% free!

I use it and would recommend it.

TrueCrypt FTW :ok:

Incidentally, you don't need to install it on each PC. You can set it to autorun a non-installable version of itself, which means no mucking about at all.

cheers chaps.

source code is open to inspection for security holes or backdoors
Yeah, right. This crypto stuff is so obscure that even with proper documentation and tech support it's not exactly easy to drive ... nobody but a serious mathematician (which doesn't include me, I gave up after two years at Cambridge) has the remotest chance of validating the source code.

TrueCrypt works well, and is excellent for the paranoid - you can hide stuff at two levels: one that you give away under duress to MI5 when they are torturing you, and one that you don't reveal.

If you forget and write lots of stuff to the "non-hidden" part of the stick, it can sometimes overwrite the encrypted bit. I've not got that far into it, but a friend of mine lost a load of case notes that way.

If you hide a LOT of stuff on it, MI5 will realise there's more there than you've revealed, but they are not likely to be able to crack it.

I gave up using it because i could never remember the passwords. Writing them on the wall rather defeated the purpose.

Keef, didn't the gentle ministrations of the MI5 interrogators assist with password recall?

The Fifth of November. Nobody would guess that.

GTW
Quote:
source code is open to inspection for security holes or backdoors
Yeah, right. This crypto stuff is so obscure that even with proper documentation and tech support it's not exactly easy to drive ... nobody but a serious mathematician (which doesn't include me, I gave up after two years at Cambridge) has the remotest chance of validating the source code.


Read the bible Amazon.com: The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet (9780684831305): David Kahn: Books (http://www.amazon.com/Codebreakers-Comprehensive-History-Communication-Internet/dp/0684831309)

not quite, but close. what he was asking for was 1st hand personal experience: not quite what you get from Google these days.

The key feature they installed on this forum just last year, where people, if they see a post they dont like, can just skip on to a different post/thread has been a tremendous help!

Hi folks,

I have zero experience of encryption but I have mastered creating and opening zip files.;)

I suspect that in the coming days I will have to encrypt / secure some Word / Excel / PDF files and send them off via e-mail. I also want to secure them on my Windows laptop and back-up memory stick in case they go for a walk.

The rub is that like me some of the people receiving these files won't be encryption experts and I have to presume that they won't be able to install any other software on their computers (Windows?). They may well be on a different continent so delivering them by hand is out. What I send must be simple for them to open and in a form that won't set off the anti-virus alarms etc. Knowing nothing about it I kinda imagine doing a zip like operation at my end and then phoning them up and giving them a password which they use to unlock the files once they have arrived?

This is to do with a fraud inquiry and at this stage I don't even know who I will be sending them off to, so I can't phone them up in advance. I would like to be in a position to have a simple working solution to the encryption / opening problem in advance.

Is this something that the recommended TrueCrypt can handle or is there another tool for the job?

Many thanks.

eticket

TrueCrypt can handle that, and is something you should at least have a play with in order that you understand it's ins and outs before attempting to support it yourself.

Incidentally, to comment for Gertrude the Wombat, i've just had a proposal to the NPIA for a secure system using TrueCrypt turned down for various very minor failings within TrueCrypt (not enough to trouble any but the most paranoid, but still a consideration for commercial secrecy). They recommend BeCrypt (which is a paid-for product) instead.

However, I would suggest TrueCrypt is good enough for all but the moon landing denialists.
:ok:

Thank you Mike I will have a look.

I am sorry - just tried to be helpful. In my experience it's a great way to hide a document or even a whole directory and thought maybe that's what original poster was looking for.

Post is now removed