1 |
On 6/7/20 2:37 pm, Dale wrote: |
2 |
> William Kenworthy wrote: |
3 |
>> Hi Dale, I looked at Veracrypt and ran into the fact that it on windows |
4 |
>> Veracrypt MUST be installed by an administrator which is a blocker for |
5 |
>> using USB keys on computers I don't control (such as transporting files |
6 |
>> securely between locations - i.e., where there is potential to lose the |
7 |
>> usb key): |
8 |
>> |
9 |
>> see |
10 |
>> https://www.veracrypt.fr/en/Using%20VeraCrypt%20Without%20Administrator%20Privileges.html |
11 |
>> |
12 |
>> BillK |
13 |
>> |
14 |
> |
15 |
> Does that mean that on windoze a person can open a encryted USB stick |
16 |
> without a password? From what I read, it sounds like it doesn't put |
17 |
> the stick at risk, as long as you are not using key files or sharing |
18 |
> your password by storing it somewhere. It just means you have to be |
19 |
> admin to install Veracrypt but not to access a encrypted USB stick. |
20 |
> From the way it sounds, you insert USB stick, run Veracrypt, enter |
21 |
> password, do what you want with the stick, close it and then remove |
22 |
> the stick. Or am I missing something? |
23 |
> |
24 |
It means that an administrator must install veracrypt first - if you |
25 |
cant do that, you cant access the stick. It also makes the point that |
26 |
any adminstrator will have access to the sticks data - not just the user |
27 |
(same as root under Linux). The blocker for me was that I could not get |
28 |
veracrypt installed. |
29 |
|
30 |
> I might add, when I use cryptsetup and mount a external drive I use, I |
31 |
> do that as root. Since my password is only in my head, no password, |
32 |
> no access root or not, right? |
33 |
> |
34 |
Maybe, maybe not ... |
35 |
|
36 |
> I'm new to this encrypted thing. I'm learning but don't know all of |
37 |
> it and may never know all of it. I figured out the other day that |
38 |
> when I select a two part or three part encryption, it actually |
39 |
> encrypts the thing twice or three times. It's like having to pick two |
40 |
> or three locks on a door instead of one. Only they have to be done in |
41 |
> order and you don't really have a way to know if you did it right |
42 |
> until you figure out the rest. I bet that drives the NSA and other |
43 |
> Govts nuts. lol |
44 |
> |
45 |
> By the way, the USB stick will have instructions about things after |
46 |
> I'm buried or whatever. I plan to keep the USB stick in a safe and |
47 |
> share the password with the person that will be taking care of |
48 |
> things. When I'm gone, they can open the USB stick to access files on |
49 |
> what to do and such. Until I'm gone, they won't know what is on the |
50 |
> stick or have access to it. Getting older makes one think about these |
51 |
> things. :/ External drives will have things that when I'm gone, they |
52 |
> gone too. |
53 |
> |
54 |
Paper in a sealed envelope in a safe (bank safety deposit box etc) ... |
55 |
too many things to go wrong with an encrypted USB. |
56 |
|
57 |
|
58 |
> I just wonder how many encryption tools have been cracked that we |
59 |
> don't know about. It's not like they going to tell us or anything. |
60 |
> |
61 |
> Dale |
62 |
> |
63 |
> :-) :-) |
64 |
|
65 |
Yep :) |
66 |
|
67 |
BillK |