Skip to content

Encrypting a Thumbstick that will accompany a set of keys

While working as an IT consultant I get the opportunity to delve into many different areas: some of which are entirely new –without a decent map or blueprint.

Unfortunately, I often can’t explore the depth of a thing as most opportunities have a kind of evaluatory limit or threshold. Without hours and weeks and months to spend I can only establish for myself a comfortable enough stance to deploy or navigate with less of an emphasis on understanding the totality of a thing –if that’s even possible.

The USB Key
Over the past week I’ve been exploring an area that I’ve had thoughts and questions on for awhile: namely, how does one carry around an encrypted thumbstick (having to be encrypted because it’s on a keychain leaving the data exposed -especially to theft- in any of the manner of different scenarios a thing gets stolen in). AND since a large majority of my work finds me at PC’s and Mac’s how do I pick a solution that can support both: mounts in both OS’s and isn’t cumbersome to mount on client computers (i.e doesn’t require (much of) a 3rd party add-on –a stand alone non-core-OS modifying application would be fine).

Options
There are a variety of different combinations I’ve explored so far but four contending solutions are:
1) Carry two thumbsticks: one encrypted with Window’s bitlocker and formatted as exFat for Windows computers; and, one formatted-encrypted as HFS+(encrypted) with Apple’s disk utility
2) Explore hybrid formats/volumes one one thumbstick
3) Carry one thumbstick encrypted with bitlocker and formatted as exFat and use M3’s bitlocker loader for Mac
4) Blah Blah Veracrypt/Truecrypt, etc (very specific system level mods with MacFuse req’d for this)

I’ll go into depth with #1 and #2 later (maybe #4) but #3 raises some interesting questions:

  • How fast is USB 2 and 3 copying in this scenario?
  • What other kinds of modifications come with M3’s application? How do i evaluate these? How do I evaluate their reputation and claims?
  • How will the licensing aspect of this work while copying from and to client computers?

I’m sure more questions will occur to me. Thus far I’ve been unable to find information on other seemingly independent users evaluating this kind of workflow but I have contacted M3 and they are based out of China.

Their website licence purchasing portal displays these credentials:

I’ve joined the Apple developer program and made a post in the forums delving into what displaying this symbol might mean on a site.
I’ll follow up with Norton and McAfee to attempt to evaluate this too.

When installing M3 bitlocker loader for Mac it asks the user to bypass the gatekeeper restriction in “security and privacy” and allow apps from:

But who is “Benjamin Fleischer” and what is his relationship with M3 Data Recovery?

In their about section they claim to have helped millions of users:

Thoughts

This kind of process really gets me to thinking about how an individual evaluates a particular software offering. Oftentimes, as an individual, we rely on our OS of choice and the access warnings they give us to determine how invasive a software is. What level of access are we granting? And as the kind of information we store on computers becomes increasingly MORE complex, private and revealing ARE we giving certain kinds of companies wholesale access to information we don’t know we are offering? How many (different) minds would we need to assess accurately how well a company’s claims match their actual SOFTWARE level modifications? How well does our OS of choice protect us? How are they evaluating the same claims?

In the 90’s I certainly remember certain kinds of Windows programs, once a user had granted access: the implications were so wide as to allow almost any ingress. These days it feels like that kind of exposure could and does cause the kinds of disclosures people certainly do not want. As people become more increasingly vulnerable to broadcasting parts (intentionally or not) of their lives that were traditionally private how do we as a society adjust to allow for wider acceptance of ways of being and living while protecting others from abuses? How do we allow for things that aren’t harmful but certain interest groups deem them to be so?

A favourite band of mine, The Chromatics, have a song called kill for love in which they sing:

everybody’s got a secret to hide
everyone is slipping backwards
[…]
in my mind, I was waiting for change
while the world just stayed the same
but I killed for love

Installation messages like this swirling in my mind and beneath my fingers:

Virgin doesn’t like to share Data.

You wouldn’t be able to guess from their condescending and vapid marketspeak but Virgin “doesn’t like to share” data between multiple devices on the same account.

Rogers, Telus and Bell have had this feature for years and in today’s multiple device quagmire this one is going “WTF”.

According to two different agents: one main support agent in the Philippines, and one technical support agent in Ontario: “Virgin Mobile – Canada CANNOT provide shared data between multiple devices in the same account”.

Obviously baffling: I’ve tweeted for clarification:

iPhone you turn on the red light

As detailed here and shown below you can use iOS’s >10 accessibility settings colour filters to modify the screen to emit a red (or other colour) rather than the main or night shift offering. Pair it with a single accessibility shortcut and we’ve got a quick way -three quick taps on the home or side buttons- to trigger this display light modification.

How to Turn it On

*click* CONTINUED for detailed exploration

(Continued)