this post was submitted on 29 Aug 2024
67 points (98.6% liked)

Privacy

31866 readers
240 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Not sure is this is the best place to post this question, but wondering what is the best way to encrypt a usb drive?

Want to be able to carry an encrypted flash drive with me but also be able to unlock it, if possible, on various OSes. Preferably with some kind of portable software. Something similar to the method that comes with the Kingston Data Traveler USB drives.

Edit: Seems like Veracrypt and Cryptomator are the best options to check out. Thank everyone!

you are viewing a single comment's thread
view the rest of the comments
[–] kali@fedia.io 4 points 2 months ago (2 children)

Probably far from the best option; but you could use 7zip? Put a 7zip portable exe & linux binary on the usb, put the regular contents in an encrypted .zip file, anyone with the password can decrypt. I assume there are much more secure options though.

[–] delirious_owl@discuss.online 3 points 2 months ago

7zip encryption is solid, but the problem with this is that you don't Mount 7zip, so you have to extract it. Once you extract encrypted files into a drive thats not encrypted, they may as well never have been encrypted in the first place.

Its better to use a tool that creates an encrypted filesystem that you can mount and read-write directly without copying the files onto another disk

[–] possiblylinux127@lemmy.zip 3 points 2 months ago (1 children)

Encrypted ZIPs are very trivial to break. I can break it with a simple python script.

For instance, Microsoft does that for all encrypted ZIPs

https://arstechnica.com/information-technology/2023/05/microsoft-is-scanning-the-inside-of-password-protected-zip-files-for-malware/

[–] Hirom@beehaw.org 1 points 2 months ago* (last edited 2 months ago) (1 children)

ZIP isn't a good way to encrypt, but what Microsoft is doing is simply reading the email, and decrypting zips with the password found in the email body.

All encryptions schemes can be trivially broken if you have the key. It's not even breaking, it's just normal decryption.

[–] possiblylinux127@lemmy.zip 1 points 2 months ago (1 children)

No, zip encryption is very weak. Thus is because million of combinations can be tried very quickly

[–] Hirom@beehaw.org 1 points 2 months ago* (last edited 2 months ago) (1 children)

While that's true, but there's no indication of Microsoft brute forcing with million of combinations.

The article you link says Microsoft is only trying a few obvious passwords: the filename, and words found in the plaintext message.

Proper encryption isn't just about using a strong algorithm. It's also about proper key management, ie not sending the password in the clear via the same channel as the encrypted files.

[–] possiblylinux127@lemmy.zip 1 points 2 months ago

Well no ZIP is not secure. There is a plethora of software that can brute force it.

Do not trust zip encryption. It is not secure and it will likely never be secure. It is like storing your passwords on a spreadsheet