Keeping information secure but accessible across platforms

Published: | Updated: | by Julian Knight Reading time ~4 min.
📖 Posts | 📎 Linux, Windows | 🔖 Security, FreeOTFE, TrueCrypt, Keepass

One of the issues with Linux is that I can’t use it under all circumstances. In particular I usually have to work with Windows at work. So I need cross-platform tools, especially now that I also make extensive use of a smartphone/PDA. So here is a timely post – with the number of people in UK government departments carelessly loosing private or secret information, how do we keep this stuff secure while still being accessible from different platforms? Oh, and we don’t really want to pay out money for the privilege if we don’t have to! Well, I’ve looked at 3 tools that will do everything we need and they wont cost a penny. First up is Keepass.

Keepass is a tool for storing passwords, primarily aimed at web site use but it serves perfectly well for storing any password type information and I use it for storing license numbers, router passwords, etc.

Keepass runs on Windows as the main platform and that version has some really nice features such as a macro language for logging in to web sites and the ability to run local applications. This version does not need to be installed so it will run from a pen drive as well.

There is also a version for Windows Mobile/PocketPC, just synchronise the database file to keep it in step with the desktop.

Then there is [KeepassX][1] which runs under Linux and Mac OS. It is not quite as feature rich as the Windows version but it still does nicely. The remaining two applications all work with virtual (or real) disk partitions by encrypting them and allowing you to access them like ordinary disks. [TrueCrypt][2] comes first. This is supported on Windows and Linux (a Mac version is due out in Jan 2008). It is pretty easy to use under Windows. Linux only has a GUI for Gnome but you can also use [ScramDisk for Linux][3] as a GUI under KDE. TrueCrypt does not need to be installed so runs nicely from a pen drive. Sadly, there is no mobile version. [FreeOTFE][4] is notable in that it supports Windows, Windows Mobile/PocketPC and Linux. The Linux support is via LUKS which is a standardised, well supported loopback encryption application ([how to create a loopback secure container][5]). I’ve not tried FreeOTFE yet, but it does seem to have a good range of capabilities. Under Windows, it also works with the [Secure Tray utility][6] (also by the same author, Sarah Dean) which allows for the automatic running of applications when a volume is mounted. I am sure that I’ll be trying this out at some point.

Update 2008-01-24: Sadly, the PDA version of FreeOTFE cannot mount Linux volumes so there is still not a true cross-platform solution. The best I can do is to set up TrueCrypt for PC/Linux (easier than FreeOTFE) and FreeOTFE for PC/PDA with an automated sync between the two.

Update 2008-01-29: I’ve now actually tried FreeOTFE on a PC and on a WM5 device and I’m afraid that they tend to hang almost continuously so this is not really an option I can recommend. It’s a shame as it looks great on paper. There is a real missed opportunity here, especially if the PDA version were to support Linux volumes. Update 2008-07-10: An additional plus for FreeOTFE is that it does not require admin access (under Windows) to run. I suspect that this will get more and more important as more organisations lock down their PC’s but continue to fail to provide sufficient support and capabilities. Between TrueCrypt and FreeOTFE, I’d say the former is easier to use as it hides much of the gory bits away but FreeOTFE has the features and cross-platform support. I may well find use for both.

Given the problems with FreeOTFE that I experienced. I’ll carry on using TrueCrypt on Windows and Linux and [Tombo][7] on the PDA and Windows with manual copies between the two – drat, too much reliance on Windows. [1]: http://www.keepassx.org/ [2]: http://www.truecrypt.org/ [3]: http://sd4l.sourceforge.net/ [4]: http://www.freeotfe.org/ [5]: http://www.mayrhofer.eu.org/Default.aspx?pageindex=6&pageid=34 [6]: http://www.sdean12.org/SecureTrayUtil.htm [7]: http://tombo.sourceforge.jp/En/


comments powered by Disqus