This has made me ponder the question: Can you trust the encryption tools on a platform you can't or don't control? <br><br>As an admin, I lock out all admin level functionality from users on systems I am responsible for. So far, in all of those situations, the owner of the hardware had legitimate reasons to enforce a locked-down mode of use on those systems. In some situations, I was tasked with providing a keystoke-by-keystroke archive of all user activity on certain of those systems. In as much as that level of detail on ones staff is anathema to my personal morals were it to be done in secret, I was able to successfully make the case that this activity was to be made highly public knowledge so that the information would never have to be used against any one internally. The decision makers understood that full awareness would help cut down on the transgressions and the staff fully understood it could be used as a double edged sword as it was being implemented on ALL systems within a particular group.<br>
<br>Yet, the OP appears to be wanting to use a work system for personal use and that crosses a very fuzzy legal and security-awareness line. On the one hand, the convenience factor is immense yet the owner of the machine has full rights to the content and material that crosses that machine (that is most likely a clause buried in an employment agreement). So to attempt to use encrypted material, especially personal material, is to volunteer to give the employer both ownership of the content as well as the keys to that content. <br>
<br>So even if you use an embedded TrueCrypt drive system, the machine owner has full access to the drive contents by means of any keystroke logger an admin like me has been tasked with installing.<br><br>So the corollary question is this: on a machine where they don't you to install a printer driver why would you trust them with your private information so sensitive to you that you keep it encrypted?<br>
<br>Note: I do nothing on my work-provided equipment I wouldn't do in front of the CEO and the corporate lawyers. What you do is your business until you use company equipment. Then it's all their business.<br><br>
<div class="gmail_quote">On Sun, Apr 8, 2012 at 8:02 AM, JD <span dir="ltr"><<a href="mailto:jdp@algoloma.com">jdp@algoloma.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5">On 04/07/2012 09:39 PM, Tod Davis wrote:<br>
> Hi all,<br>
> I need an encryption solution for my external hard drive with<br>
> plug-it-in-anywhere password protection. I need to be able to read/write to it<br>
> from both Windows and Linux OS machines and without any software installed on<br>
> at least some of the computers. (my work WinXP laptop is locked down so I can't<br>
> install anything). Will TrueCrypt work for this or is there a better solution?<br>
><br>
<br>
</div></div>Encrypted ZIP files are pretty much it. Just be aware that tools exist to brute<br>
force these trying over a billion passwords per second (on a C2D 5 yrs ago), so<br>
you need a really long, random, passphrase. I think most computers support<br>
password, encrypted ZIP files.<br>
<br>
I'd look into portable apps for those pesky non-Linux systems.<br>
<br>
Depending on your underlying requirement, you may want to use variations of<br>
KeePassX/KeePass and store the data encrypted inside the password DB instead,<br>
then having a portable app for almost every platform wouldn't be as suspicious.<br>
Then again, accessing your password DB from an untrusted computer is dangerous.<br>
<br>
Truecrypt is cross-platform, but the file system selected under it may not be.<br>
For example, mounting an ext4 file system under Windows isn't likely. I've never<br>
tried mounting an NTFS FS under Linux from a Truecrypt partition. It definitely<br>
requires admin rights to run, even the portable version.<br>
<br>
Encrypted ZIP files are the best answer today.<br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III<br><br>As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as
they please, and those who survive will be left to contemplate the
outcome.<br>- <i><i><i><i>2011 Noam Chomsky<br><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br></i></i></i></i><br>