I apologize if this has already been discussed ... the only thread I could find close to it:
http://www.portablefreeware.com/forums/ ... f=1&t=5068
So I was working on an list of security tips for portable software. I came up with a list but I feel like I'm leaving out something obvious...
Prevent Viruses
* (Of course) virus check your files frequently using ClamAV.
* Avoid using autorun.inf files or hold "shift" when you insert the USB drive.
* Discard any changes made to your flash drive using the "Mirror" function in Toucan. Make sure the "source" is the trusted source and "destination" is the USB drive.
* Enable write-protect on your USB drive. Copy files locally.
Prevent theft / data loss
* Of course encryption using FreeOTFE or Truecrypt.
* Keep your USB drive on you at all times. Being attached to a key chain, lanyard, or built into some other device you use frequently like a watch. Extremely small drives can of course fit in your wallet.
* Choose an inconspicuous flash drive such as a frayed USB cable or lipstick (just google search for these and more). This idea made famous by the coffee container in the less-than-great Al Pacino movie "The Recruit".
* Back up your files daily using included Toucan (simple) or DSyncronize (advanced). DSyncronize will even do "realtime," or continuous, backups.
* Wipe sensitive files with CyberShredder or Eraser.
* Clean up leftover cache files using CCleaner.
* Take notes securely using only Crypditor. Be sure to save frequently as this program doesn't have an autosave function.
Paranoid
* Use multiple security tools together. For example: Firefox with NoScript and PortableTor for anonymity, PeerGuaridan with HTML blocking turned on as a (sort of) firewall, and AAST to prevent shoulder surfing.
* Only use public terminals to be more anonymous, although this is not more secure overall.
* Track down and kill individual data files - usually doing a text search for your name, address, and local file locations (like c:\documents and settings\yourusername)
This same list with some pictures thrown in:
http://kitchensinksoftware.blogspot.com ... -tips.html
Suggestions? Additions? Problems with my list so far?
Portable Software security?
Re: Portable Software security?
I recommend to disable autorun entirely with TweakUI.
Discard all changes? If you don't need changes, run from a CD or (like you suggested) read-only flash drive, you'll be even safer. Many users have useful information that changes during use and blindly discarding all changes seems very bad. Better use some synchronization tool that copies only specified files. Total Commander for me.
Data theft prevention techniques are illusionary. Keep your private data encrypted and don't touch it on untrusted computers. That's the only way of keeping it secure.
Discard all changes? If you don't need changes, run from a CD or (like you suggested) read-only flash drive, you'll be even safer. Many users have useful information that changes during use and blindly discarding all changes seems very bad. Better use some synchronization tool that copies only specified files. Total Commander for me.
Data theft prevention techniques are illusionary. Keep your private data encrypted and don't touch it on untrusted computers. That's the only way of keeping it secure.
Re: Portable Software security?
TweakUI isn't available to Windows Vista and only disabling standard autorun won't block entirely pendrive viruses. In order to block autorun.inf viruses, you need to create a key with the name Autorun.inf, under: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping, and set the default value as according: @SYS:KeyThatDoesNotExist or @USR:KeyThatDoesNotExist. You can tweak that trick as you want.m^(2) wrote:I recommend to disable autorun entirely with TweakUI.
Details:
http://technet.microsoft.com/en-us/libr ... 22567.aspx
http://technet.microsoft.com/en-us/libr ... 38275.aspx
AutoRun.inf
AutoPlay Details
Re: Portable Software security?
Old thread update: I've been emptying my windows pagefile for several years using XPantispy, but found a trick to encrypt Windows pagefile for better security over at Ghacks. Obviously requires admin access.
This isn't a foolproof solution, but then few security tools are. Its just another barrier when you don't quite want to go through the process of encrypting your entire drive.One of those is the Windows Pagefile, which is basically a hard drive cache for files. The file is used by Windows even if your computer has enough memory available. It is possible to delete the Pagefile on exit, but that does not guarantee that the information it contains cannot be recovered.
Re: Portable Software security?
It may be a good idea to install GNU/Linux into a thumb drive or external hard drive. You can boot the entire computer from that drive if you're afraid that the machine may be infected.
My YouTube channel | Release date of my 13th playlist: August 24, 2020