Just thinking of losing a flash drive full of data is enough to make me feel apprehensive. Which is mostly why I do not carry a USB flash drive for fear of losing it. That was the case until I learned about
truecrypt provides on-the-fly encryption/decryption (OTFE/OTFD) with a multi-platform support.
If I have been able to go on without carrying a flash drive, why – on account of learning about truecrypt – start now? It turns out, I have suddenly found good reasons for doing it; never mind that others may find my rationalisation as a mere excuse. Here are three of my reasons:
- I need to carry data in a secure manner.
- I use multiple platforms: Linux, Mac, and Windows PC. Windows machines are on a separate network. Movement of data between networks is severely limited and USB flash drive is the best way for transport.
- It is an open-source software according to their licensing terms, and is likely free of hidden backdoor code.
A note about Portable Mode or Usage without Admin Privilege
Truecrypt provides an encrypted volume (or container) to hold data. In order to access the data in the encrypted volume, it needs to be mounted. This action provides the user with a clever view of a plain unencrypted data. There are two things that happen behind the scene to make this possible: the mounting of the encrypted volume, and transparent OTFE/OTFD of the data to and from the mounted volume. The OTFE/OTFD requires the driver to be installed across machines the user wants to use truecrypt on. The installation of course only being possible with an admin privilege. Once this is installed, only then can any non-admin user use truecrypt.
It does have a Portable Mode though. What this mode does is to give the user the option of running truecrypt without installing anything. Be aware that it requires admin privilege on the machine to run due to the OTFE/OTFD. The following method is how I would use truecrypt on different platforms:
- Install via
sudoon Linux box and use regular username to run it.
- Install via admin on Mac and use regular username to run it.
- Forgo install on Windows PC, and use Portable Mode instead. Run it using
Installers for Linux, Mac OS, and Windows can be downloaded from truecrypt website:
TrueCrypt 7.0a Mac OS X.dmg (Mac OS),
TrueCrypt Setup 7.0a.exe (Windows).
Installing on Linux is straightforward:
- Extract the installer from the tarball
truecrypt-7.0a-linux-x86.tar.gzand run the extracted
- The installation prompts the user with two options as shown on Fig. 1. Choose (1) to install truecrypt in
/usr/bin. This requires
- At the end of the license term agreement, the user will be asked for the
sudopassword prior to installation in
/usr/bin. as shown on Fig. 2.
After the quick installation, truecrypt can then be ran from the shell. The GUI is shown on Fig. 3.
Installing on Mac is just as straightforward:
TrueCrypt 7.0a Mac OS X.dmg
- Run the installer
TrueCrypt 7.0a Mac OS X.After a series of screens, it prompts the user for an admin username/password as shown on Fig. 4. The software will then be installed in
/Applications folder, run truecrypt. Fig. 5, shows the Mac version of the software.
For Windows PCs, I opt for Portable Mode. The installation is, again, a very straightforward affair:
TrueCrypt Setup 7.0a.exe.The installer displays the option as shown on Fig. 6.
- Choose Extract and provide the installer with the preferred directory.
- Choose a directory that the standard user has a read/write access.
Since it is in Portable Mode, the software can only be ran via an admin privilege. From a DOS prompt, I run it similar to the following:
runas /user:some-admin-user Drive:\ProgFiles\TrueCrypt
Fig. 7 shows the Windows version of the software.
truecrypt has been a very useful tool for my purpose, and I would continue using it for a very long time. Though if others carrying the software on a USB stick expect it to run on any machine, e.g.: public terminals, they will be disappointed. It simply can not run unless an admin installed the driver prior to using it, or in Portable Mode the user has admin privilege to run it.
Having read this I believed it was really enlightening.
I appreciate you spending some time and energy to put this information together.
I once again find myself personally spending a lot of time both reading
and leaving comments. But so what, it was still worth