|
![](/i/fill.gif) |
On 18/08/2011 10:08 AM, Lars R. wrote:
> GPG and Truecrypt don't have to be “installed” but can be used directly
> from USB drive, sure.
GPG, yes. (I've done it.) Truecrypt, I couldn't say. Never tried it.
> But: If you have sensitive data on your USB drive you never ever should
> decrypt them on a foreign PC, in an Internet café etc. because you
> cannot trust them at all (keylogger, spyware etc.)
This is of course a valid point. If your drive actually contains
anything "sensitive" then no, you really don't want to be decrypting
that for arbitrary PCs.
If, on the other hand, the drive just contains your holiday photos that
you'd prefer random strangers to /not/ be able to access, then
encrypting the data will prevent that, and I wouldn't be too worried
about decrypting it in an Internet cafe.
As with everything security-wise, it depends how much security you need.
1. I keep all my favourite program installers on a flash drive. None of
it is encrypted, but then again, none of it is secret either. I don't
really care who can see it. Security is not an issue.
2. If I had, say, my holiday photos or something on there, which I don't
want random strangers looking at, I could encrypt it in various ways. If
the drive gets lost or stolen, nobody can access the contents. But
decrypting it on an untrusted PC is no big deal, really.
3. If I had something like my bank details on there, I would /not/ be
decrypting that stuff on any system except one that I set up myself. But
then, really, WTF would that be on a portable drive for anyway? I would
probably GPG encrypt, using public key cryptography rather than a mere
password to secure it. Since presumably only trusted systems have a copy
of my private key, I /can't/ decrypt the data from anywhere else, even
if I want to.
Post a reply to this message
|
![](/i/fill.gif) |