Portable Apps and their benefits

[mawin]

Since half a year i have been using portable programs for most, actually all, of my internet and file management activity. Portable programs are programs that do not need to be installed and the fantastic thing is that you have complete control over the program folders and hence also the data that is being saved by these programs (history, bookmarks,...).

 

On my laptop at home, which is also being used by others, I have created one encrypted (using truecrypt) section of 300 GB for personal pictures and data. Installed also on section are portable versions of Firefox, Thunderbird, back up software, XnView (for viewing pictures), vlc media player, skype, an unzip program (7zip), utorrent, pidgin (used for msn and google talk), lastpass... By using these programs I am sure that all activity (history, bookmarks, etc) are kept in the truecrypt file and not accessible if i have unmounted the encrypted file. It gives me 100% protection for my files and internet activities (except if my isp would check my online activity which, if you want, you can avoid with the use of proxies).

If i then go on travel, i usually take a encrypted 16 gb usb drive or my portable hard disk (depending on how many pictures/movies i plan to take ) and load my portable programs on them so i have my bookmarks, saved passwords etc always with me... Also no personal data will remain on the computer in the hotel or internet shop.

 

 

There are quite many website where you can get most of the programs but my favourite is PortableApps (http://portableapps.com/) as it gives you a 'start' menu like program from where you can start all your portable programs.

 

And, as already recommended in other posts, I can strongly recommend Truecrypt for making sure that your data is safe for the eyes of jealous, thai gfs or curious custom officials (especially in a country like vietnam). I have been using it for many years now and it has never failed.

 

Hope this helps and let me know if you have further questions. I have attached a screenshot of the program (taken with lightscreen, a free portable program )

 

 

/Mawin

Edited July 13, 2011 by mawin

[McFly]

Sounds like you habe things covered! You should also consider using a VPN to protect your privacy. The ISP will only see 1 connection you make, and with that secure encrypted connection nobody can sniff you passwords or spy on you over wifi (or wired connection)

[mawin]

Yes, McFly, you are absolutely right..... i am using hotspot shield for that purpose. Of course the portable version :D

[LongLiveLos]

On my laptop at home, which is also being used by others, I have created one encrypted (using truecrypt) section of 300 GB for personal pictures and data. Installed also on section are portable versions of Firefox, Thunderbird, back up software, XnView (for viewing pictures), vlc media player, skype, an unzip program (7zip), utorrent, pidgin (used for msn and google talk), lastpass...

 

You mention this is a "shared" laptop. Are you just using a 300GB "container" or a "hidden, encrypted OS"? As most computers are Windows based, and the windows operating system does extensive logging, the latter would be much more secure for you and running as "admin" with others logging in under their own user accounts.

 

By using these programs I am sure that all activity (history, bookmarks, etc) are kept in the truecrypt file and not accessible if i have unmounted the encrypted file. It gives me 100% protection for my files and internet activities (except if my isp would check my online activity which, if you want, you can avoid with the use of proxies).

 

Anything run from within the truecrypt file is decrypted into the host "memory" and is vulnerable again to windows logging and also until the host is rebooted to clear the memory.

 

 

If i then go on travel, i usually take a encrypted 16 gb usb drive or my portable hard disk (depending on how many pictures/movies i plan to take ) and load my portable programs on them so i have my bookmarks, saved passwords etc always with me... Also no personal data will remain on the computer in the hotel or internet shop.

 

First off - NEVER, i repeat, NEVER do anything important online like banking or shopping unless it's from "YOUR OWN COMPUTER"! Your flash drive needs a "host" to run it and again "logging" and malicious programs (keyloggers) may/can come into play. Secondly with truecrypt on a flashdrive - you can only decrypt your encrypted container if the host has given you "admin" rights. I've been in a few internet cafes and all the machines ran with "limited accounts" which wouldn't allow truecrypt on a usb drive to work.

 

 

 

And, as already recommended in other posts, I can strongly recommend Truecrypt for making sure that your data is safe for the eyes of jealous, thai gfs or curious custom officials (especially in a country like vietnam). I have been using it for many years now and it has never failed.

 

What do you think would happen in some countries if you didn't reveal your truecrypt password?? Major trouble. Therefore, you should always create a "hidden" container inside the original encrypted container using 2 different passwords. Put some non-important files/titty shots (outer container) and the important ones (inner-hidden container) and that way you "can" provide a working password (outer/non important container) and you both win lol!

 

About Portable Apps - aside from windows host logging/internet cafe keyloggers, a portable app may be portable but NOT "stealth"!. Meaning, some apps still do write some info to the host. For example - firefox portable run from my flashdrive still creates and writes to a folder in the appdata section on my laptop. I will re-test this again and edit this post if i'm mistaken.

Edited July 18, 2011 by LongLiveLos

[LongLiveLos]

Sounds like you habe things covered! You should also consider using a VPN to protect your privacy. The ISP will only see 1 connection you make, and with that secure encrypted connection nobody can sniff you passwords or spy on you over wifi (or wired connection)

 

It's important to remember here that all your doing is "shifting" your trust level from your ISP to the VPN provider. Your info gets sent to their servers and then out to the net. The only way to stay private is to connect via SSL (from your computer to the destination site).

[SmellyFarang]

Good tips.

 

If you have the RAM available, creating a RAM disk for your temp folders also helps as all the files are kept in memory only and never are written to your HD.

 

One of the better utils is

http://memory.dataram.com/products-and-services/software/ramdisk

[mawin]

You mention this is a "shared" laptop. Are you just using a 300GB "container" or a "hidden, encrypted OS"? As most computers are Windows based, and the windows operating system does extensive logging, the latter would be much more secure for you and running as "admin" with others logging in under their own user accounts.

 

 

 

Anything run from within the truecrypt file is decrypted into the host "memory" and is vulnerable again to windows logging and also until the host is rebooted to clear the memory.

 

 

 

 

First off - NEVER, i repeat, NEVER do anything important online like banking or shopping unless it's from "YOUR OWN COMPUTER"! Your flash drive needs a "host" to run it and again "logging" and malicious programs (keyloggers) may/can come into play. Secondly with truecrypt on a flashdrive - you can only decrypt your encrypted container if the host has given you "admin" rights. I've been in a few internet cafes and all the machines ran with "limited accounts" which wouldn't allow truecrypt on a usb drive to work.

 

 

 

 

 

What do you think would happen in some countries if you didn't reveal your truecrypt password?? Major trouble. Therefore, you should always create a "hidden" container inside the original encrypted container using 2 different passwords. Put some non-important files/titty shots (outer container) and the important ones (inner-hidden container) and that way you "can" provide a working password (outer/non important container) and you both win lol!

 

About Portable Apps - aside from windows host logging/internet cafe keyloggers, a portable app may be portable but NOT "stealth"!. Meaning, some apps still do write some info to the host. For example - firefox portable run from my flashdrive still creates and writes to a folder in the appdata section on my laptop. I will re-test this again and edit this post if i'm mistaken.

 

Thanks for the feedback and you make some valid points. Encrypting an OS instead of a container gives indeed better protection but in my situation is not really needed and a bit cumbersome. Fully agree with your remark on hidden volumes which gives you deniability. Some governments can jail you for not releasing your password and by using hidden volumes you are protected.

 

I would be interested in hearing what portable apps leaves permanent data on the host. So far i have only noticed that the portable version of Picasa does create a database on the host hard drive. But believe other apps such as firefox/thunderbird etc does have their temp folders stored in my encrypted container. It would be good to hear if you know of any issues.

 

I haven't had issues running truecrypt on computers in internet cafe. Have you tried running the portable version of truecrypt?

 

 

/Mawin

Edited July 19, 2011 by mawin