how is this better than tools like TrueCrypt?

It's windows only, it's proprietary (Do i trust it? really?) and presumabily there is a price premium compared to or'nary Flash sticks, which will do as a vessel for a TrueCrypt volume.

It's bugger-all use to me, because I work with Linux and Mac systems.

I think I'll stick to encrypting my own files, thanks.

I have set up my drive to have a "mount" and "unmount" entry in the right-click menu for the drive when it's plugged in (autorun.inf hacking is fun). Not only is it just as secure, but I can easily back up the encrypted volume file on unprotected media to make sure I don't lose it. So the loss of the physical device causes neither a data leakage, or data loss.

And it works on Linux.

The only downside is you need to be an admin on the machine that you access it with, because of the on-the-fly installation of the file volume driver.

I can't see anyone paying that much for a 1GB memory stick... I bought a new corsair survivor for £86, but it's a 8GB GT so I think it was worth it.

Also comes with TrueCrypt anyway.

It would appear that SanDisk may have committed a rather basic error in the Enterprise disk. The password requirement on them is overly restrictive and specific.

If you know the password must have three each of lower, upper and numeric you can rule out a huge part of the key space. Accounting for regular user tendencies, such as picking near minimum password lengths and the native language used, you could build an optimized dictionary that would crack the majority of these keys in VERY short order.

AES still requires good password security or it is little better than DES...

"Only works with Windows" ... how idiotic. Does anything more need to be said? I have a LEXAR JumpDrive that has encryption software for the Mac. It cost $28 Australian. I primarily use Macs, have friends that use Linux, and keep meeting people who still use WIndows. I think that SanDisk must have hired the pointy haired boss from Dilbert and let him set this one up.

Does the device require the user to have admin access to the PC it is used on?

As far as I know there is no way we can use TrueCrypt because the users need admin access and in the enterprise we don't want our users to have this access level.

If you know of a way we can use TrueCrypt as a non privileged user then let me know please.

If you really are a system admin, then perhaps you should RTFM for TrueCrypt.

---

Using TrueCrypt without Administrator Privileges

In Windows, a user who does not have administrator privileges can use TrueCrypt, but only after a system administrator installs TrueCrypt on the system (or after the administrator gives the user administrator privileges). The reason for that is that TrueCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot install/start device drivers in Windows.

After a system administrator installs TrueCrypt on the system, users without administrator privileges will be able to run TrueCrypt, mount/dismount any type of TrueCrypt volume, load/save data from/to it, and create file-hosted TrueCrypt volumes on the system. However, users without administrator privileges cannot encrypt/format partitions, cannot create NTFS volumes, cannot install/uninstall TrueCrypt, cannot change passwords/keyfiles for TrueCrypt partitions/devices, cannot backup/restore headers of TrueCrypt partitions/devices, and they cannot run TrueCrypt in 'traveller' mode.

http://www.truecrypt.org/docs/?s=administrator-privileges

---

Easy as that.

Hi,

I'm not an admin, just trying to get a standard encryptable usb memory stick for my organisation.

As far as I can tell we need the "Traveller" for removable storage, any pointers gratefully accepted.

Tom

I have tested and deployed devices like this in house, and they also have management software available for central management. This provides the ability to set policy, lock the device instead of allowing an unauthenticated user to format the device. It also provides the ability to lock or format a device that has been stolen, or lost.