0
Why is it that Truecrypt cannot be configured to be 100% portable, unlike other Encryption Software?
Is it really that hard to do?
You cannot really use Truecrypt on computers unless you have admin rights or Truecrypt needs to be first "installed" there by someone else.
I know you can have definite answers on this, but why is it that other encryption software can be configured to work 100% portable, and Truecrypt cannot?
Multi Boot
Posted 2013-08-27T16:54:58.890
Reputation: 49
8
Because Truecrypt uses an IO driver for on the fly encryption/decryption. Drivers must be installed into the kernel on windows systems, which requires an administrators access.
Most other encryption platforms do not perform on-the-fly encryption, or use a piece of hardware to do it (like encrypted flash drives).
Frank Thomas
Posted 2013-08-27T16:54:58.890
Reputation: 29 039
1
Here is the truecrypt documentation to support this answer: http://www.truecrypt.org/docs/non-admin-users
– heavyd – 2013-08-27T17:03:48.643@ Frank Thomas: This reason keeps Truecrypt below compared to other encryption softwares, but still, there are no moves or plans of making it 100% portable. Why is that? – Multi Boot – 2013-08-27T17:06:07.237
1because a userspace solution would be much slower, and vulnerable to access by other userspace programs. by placing it in the kernel, the driver can be tweaked for highest performance, and protected from unprivileged programs. – Frank Thomas – 2013-08-27T17:07:59.777
@ Frank Thomas: Thanks for those information. Can you suggest any open source encryption software to me, which is 100% portable. Because I really can't use Truecrypt on a machine without me having admin rights. Thanks. – Multi Boot – 2013-08-27T17:14:01.413
@ Frank Thomas : What is that "single requirement" for Truecrypt to run on a machine without having admin right? 1.) To have Truecrypt installed on that system? Or 2.) To have just a specific driver written on the registry? – Multi Boot – 2013-08-27T17:42:01.850
The driver must be loaded in the kernel for Truecrypt to work but so far as I am aware, it is not possible to install just the driver, so the admin would have to install the whole program. – Frank Thomas – 2013-08-27T18:10:15.063
@ Frank Thomas: Is it possible to install Truecrypt to have the driver loaded in the kernel, and then, if we "uninstall" Truecrypt again, can we have the driver still remain/reside in the kernel, even if Truecrypt was uninstalled, is that possible? – Multi Boot – 2013-08-27T19:23:56.927
Truecrypt can be portable it just requires administrator permissions. Since it requires administrator permissions to install on the system this single requirement isn't that big of a deal. – Ramhound – 2013-08-27T17:01:42.840
@ Ramhound: It is really big for us. We intend to use Truecrypt at workplace, wherein IT Dept won't allow us any installations. By the way, what is that "single requirement?" To have Truecrypt installed on the system? Or just a specific driver written on the registry? – Multi Boot – 2013-08-27T17:21:24.197
Administrator permissions as explained in this article http://www.truecrypt.org/docs/truecrypt-portable if IT will not user installed software there is likely a good reason. Bitlocker is portable on any Windows installation after Windows Vista. If IT won't enabled Bitlocker or install Truecrypt there is likely a good reason, and it likely, is in the interest of the company NOT to use a portable encryption solution.
– Ramhound – 2013-08-27T18:11:26.393@ Ramhound : In the case of my company, they allow us to have our private files stored on each of our PC, provided that there will be no installations of any type, actually, we can do anything we want, that is the only condition, no installation of any type can be made since all the PC are locked, we are using it, like of a guest account. With that in mind, most of us are using Safehouse Explorer which is truly 100% portable. My only concern is that Safehouse is a proprietary software, which means closed-source. I don't feel safe using closed-sourced encryption, it might have some backdoors. – Multi Boot – 2013-08-27T18:31:10.617
If you don't have administrator permissions you can't use Truecrypt at all technically – Ramhound – 2013-08-27T19:14:22.517