Not sure is this is the best place to post this question, but wondering what is the best way to encrypt a usb drive?

Want to be able to carry an encrypted flash drive with me but also be able to unlock it, if possible, on various OSes. Preferably with some kind of portable software. Something similar to the method that comes with the Kingston Data Traveler USB drives.

Edit: Seems like Veracrypt and Cryptomator are the best options to check out. Thank everyone!

  • delirious_owl
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    3 months ago

    Because historically when FDE is done in hardware there’s been massive compromises. FDE is better done in software. Its more secure.

    But, sure, there’s no shortage of companies trying to sell you shitty hardware thats “100% secure” (which is a major red flag)

    • lostinasea@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      3 months ago

      Nothing is 100% fool proof. Hardware or software encryption both have their issues. Case in point, Truecrypt (on which VeraCrypt is based) had a few issues that ultimately led to its demise. Hardware devices (I saw mention of one SSD maker) a few or years ago would store keys on the device that could be read off. So you’re going to have to give me a source for “FDE is better done in software. It’s more secure” beyond “just trust me bro.”

      • delirious_owl
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 months ago

        Lol wut. What was the issue with TrueCrypt? I don’t think we ever found out. The anon dev just bailed and hilariously told people to use bitlocker. Personally I think they were just trying to be funny. Fortunately veracrypt took over development.

        • lostinasea@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          3 months ago

          I’m not sure what the original issues were either but I do remember the message on the TrueCrypt site that said something like “warning, do not use. Contains unfixed security issues.” The only thing that might explain that is this line from Wikipedia: “TrueCrypt includes two vulnerabilities in the driver that TrueCrypt installs on Windows systems allowing an attacker arbitrary code execution and privilege escalation via DLL hijacking” Personally I believe the guy just didn’t want to maintain the thing anymore and abandoned it with no notice. Either way. Good thing VeraCrypt took over and fixed all those issues.