Which one do I pick if I just want one that's not shit, but not more secure than the Pentagon?

 

I've had good luck with Ironkey flash drives, which are secure, though not crazily so. Mine is configured so that it doesn't immolate upon repeated password failure.

 

If a USB drive is "secure", meaning the block device underlying the filesystem is encrypted using XTS or ESSIV and the AES256 key is derived from the password using RIPEMD-160 (or something equivalent), how do you mount it on Windows, without first installing special software? Or does it have two partitions, one of which is a small possibly read-only unencrypted FAT partition which has the drivers necessary to mount the encrypted partition? That would work, if the drivers are signed by Microsoft (WHQL) and the network is not configured to disallow installation of drivers unless whitelisted or unless you're logged in as an Active Directory Organizational Unit admin.

OP: take a look at these charts for performance: http://www.tomshardware.com/charts/usb-thumb-drive-charts/benchmarks,109.html

 

I like your thought process wolfe but putting the ability to decrypt it on the same flashdrive seems rather insecure. That's like going through all that security and then leaving the key in the lock.

Another cool way would be to have two usb drives. One for installing the drivers you mention and the other for the data. Or even obtain the drivers from some secure place on the internet.

Any old usb drive is fine Inquisition. I've had a good experience with Kingston.

 

I've done fine with SanDisk USB drives from Wal-Mart. I used an 8GB one for a pretty long while before it was broken by accident (since then replaced with another 8GB one from some other brand they had, I forget), and I've had a 2GB one for even longer that I still use. I've never really been concerned about security with them though.

 

I don't understand what this means.

I did recently buy a corsair voyager, and I found that it works extremely slowly on my mac, while being fine on my PC. Considering I bought it to transfer files between the two, it's annoying as hell.

So I am looking for a type that works between mac and PC. And before you say it, yes I have drivers for the format installed, and other drives function just fine. It's this specific one.

Also, when I say slow speeds, I mean about 1 hour for a 300mb tv show file.

 

NO!!!

The decryption software is on the drive. The passphrase is not on the drive. The key to the lock is in your head. Or on a smartcard. But unless Windows got a lot smarter while I wasn't looking, it doesn't understand how to work with encrypted volumes. So it needs special software. Like TrueCrypt. Carrying around an installation CD for TrueCrypt does not mean your password is on it. I just said that the files to install the decryption software can be on the same thumbdrive, in an unencrypted part (to avoid catch-22).

@Ellisande:

I don't know anything about the internals of OS X, sorry. Possible explanations, in guesstimated order of likelihood:

1. That USB port is only USB 1.1 (mouse/keyboard, low bandwidth), not a USB 2.0 or USB 3.0 port (check user manual or verify that port will copy fast from another device).

2. The thumbdrive is USB 2.0 and the port is USB 2.0, but they have failed to reach the agreement to both use USB 2.0 speeds, due to a bug in the USB drivers in the OS or a defect in the thumbdrive's firmware (if so, an OS update might solve the problem by upgrading the drivers to either fix the bug or add a special case for that model of thumbdrive).

3. There is an electrical contact problem and the signal between the thumbdrive and the computer gets lost, then it retries a bunch of times, then it succeeds a little so it doesn't give up, but then the signal is lost again, so it retries some more, etc. So effectively it spends a minute retrying to establish a connection for every second that it's copying.

About not understanding what I wrote, you can read about how whole disk encryption works.

Disks on PCs are commonly partitioned into separate logical parts (in Windows, a C: drive and a D: drive on the same physical disk).

http://en.wikipedia.org/wiki/Disk_partitioning

Each partition (or a whole unpartitioned disk) are a block device.

http://en.wikipedia.org/wiki/Block_%28data_storage%29

Because humans suck at directly using a trillion sequentially numbered pieces of data, each exactly 512 bytes long, using only their sequential numbers to refer to them, OSs have file systems that provide, on top of block devices, features like files, directories, file and directory names, timestamps, access control lists and hard links.

http://en.wikipedia.org/wiki/File_system

Encrypting the contents of a single file will be enough for some uses, but if you want to encrypt a lot of possibly related files you want an encrypted filesystem. Whole-filesystem encryption, unlike single-file encryption, is provided by a layer beneath filesystems: a block device. An underlying block device (a disk, a partition, a designated file on another filesystem) can be "wrapped" in such a way that all reads and writes go through the wrapper: A write call provides a block of unencrypted data, the wrapper encrypts it using a key derived from the master key and the block's sequential number, and then transfers the encrypted data to the underlying block device, which stores the encrypted data in the block. A read call provides a block number. The wrapper asks the underlying block device to perform the read and gets the encrypted data for that block. It then decrypts the data using the master key and the sequential number of the block. The decrypted data is returned to the caller. Thus, the caller doesn't know anything about the encryption: it always sees the unencrypted data, but the underlying block device (disk) always sees the encrypted data. The caller is usually a filesystem, but can be swap or something else.

Each block device is encrypted (reversibly transformed) using a symmetric cipher, usually a block cipher in a mode that allows using a block cipher that works on 16 or 32 bytes at a time to encrypt whole 512 byte or 4096 byte blocks, securely.

http://en.wikipedia.org/wiki/Block_cipher

http://en.wikipedia.org/wiki/Disk_encryption_theory

Because humans suck at remembering 256 bits of the key to their data (64 characters, each 0-9 or a-f), what is usually done is that the human enters a passphrase which is passed to a one-way function called a cryptographic hash function. That thing outputs 256 random-looking bits, regardless of the length of the passphrase. That output is used as the encryption key. The chances of any other input resulting in the same 256bit key are much smaller than astronomical.

http://en.wikipedia.org/wiki/Cryptographic_hash_function

The key is never stored on the encrypted media. It is not a password that is stored and compared with what the user enters. Whatever the user entered is going to be made into a key and the disk is going to be decrypted with that kay. If the key is wrong, the decryption itself will not fail: it does not care. It's just that the data will appear to be garbage and no filesystem will be found on that block device, as if it's an unformatted disk. Each passphrase will give you a different permutation of garbage, and only 1 in (2 to the 256th power) is the right one. There are only (2 to the 80th power) particles in the universe, so brute-forcing this is impossible. Of course, rubber hose cryptanalysis is not obsolete, and government agencies will install backdoors into your computer in its decrypted state, that's why data-at-rest cryptography is still legal.

http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis

http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy

http://arstechnica.com/security/201...s-write-their-ownand-national-scandal-ensues/