JediBecker
asked on
How to auto dismount a USB flash drive that has TrueCrypt on it
Hi there,
I apologize in advance for my abundant ignorance here. Please bear with me and let me explain what I'm trying to do first, and then I'll get to my questions.
I'm trying to set-up encrypted USB drives for several coworkers. I used the excellent instructions in the following link to setup the USB drives so they automatically prompt for a password when they are inserted:
http://glosoli.blogspot.com/2005/09/encrypted-thumb-drive-and-autoplay.html
However, I know the users I'm doing this for, and there is zero chance that they will always remember to dismount the drive explicitly when they are done. The likely use case is they put in the drive, copy some files to it, and immediately yank it out to take it home.
I have three questions:
1) What happens exactly if you pull out the USB drive without dismounting the TC drive? It seems a subsequent user on the machine might have access to whatever files were already in memory. Does it also put the integrity of the TC data file at risk?
2) Is there a solution to this that does not involve the user explicitly dismounting? I thought about trying to set it up to auto-dismount after 1 minute, but that isn't really ideal. I know on the Kingston USB drives, you can pull the drive out without dismounting and have many fewer problems that seems to happen with this TrueCrypt solution.
3) Is explicitly having to dismount something that would be the case no matter what encryption you used? That is, the drives are Lexar Jump Drives and they came with SecureII software from Lexar. I found it clunky and greatly preferred the way you could setup TrueCrypt to start. But do other solutions handle pulling out a USB drive without dismounting any differently?
Without solving that, I'm certain users will use the drives without encryption. They claim that when they use an unsecure USB drive now and yank it out without dismounting, they never have any problems.
Thanks in advance for any advice. It would be GREATLY appreciated!
-Dave
I apologize in advance for my abundant ignorance here. Please bear with me and let me explain what I'm trying to do first, and then I'll get to my questions.
I'm trying to set-up encrypted USB drives for several coworkers. I used the excellent instructions in the following link to setup the USB drives so they automatically prompt for a password when they are inserted:
http://glosoli.blogspot.com/2005/09/encrypted-thumb-drive-and-autoplay.html
However, I know the users I'm doing this for, and there is zero chance that they will always remember to dismount the drive explicitly when they are done. The likely use case is they put in the drive, copy some files to it, and immediately yank it out to take it home.
I have three questions:
1) What happens exactly if you pull out the USB drive without dismounting the TC drive? It seems a subsequent user on the machine might have access to whatever files were already in memory. Does it also put the integrity of the TC data file at risk?
2) Is there a solution to this that does not involve the user explicitly dismounting? I thought about trying to set it up to auto-dismount after 1 minute, but that isn't really ideal. I know on the Kingston USB drives, you can pull the drive out without dismounting and have many fewer problems that seems to happen with this TrueCrypt solution.
3) Is explicitly having to dismount something that would be the case no matter what encryption you used? That is, the drives are Lexar Jump Drives and they came with SecureII software from Lexar. I found it clunky and greatly preferred the way you could setup TrueCrypt to start. But do other solutions handle pulling out a USB drive without dismounting any differently?
Without solving that, I'm certain users will use the drives without encryption. They claim that when they use an unsecure USB drive now and yank it out without dismounting, they never have any problems.
Thanks in advance for any advice. It would be GREATLY appreciated!
-Dave
but i guess you will have to connect the drive in each machine once and do the disable thingy. so that on subsequent connections tha cache will not be enabled again.
also make sure that on each machine, you plug the drive in all working usb ports and repeat the operations. windows seems to remember settings for each port and device combination
try it and tell what happens
also make sure that on each machine, you plug the drive in all working usb ports and repeat the operations. windows seems to remember settings for each port and device combination
try it and tell what happens
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
Please refer to this link where Peter long has written a safe eject utility for USB Device
https://www.experts-exchange.com/questions/21267488/Win2K-XP-Programatically-eject-USB-memory-stick.html
Accepted Answer from PeteLong
Date: 01/10/2005 02:23AM SGT
Grade: A
Accepted Answer
In fact to save me getting shouted at for using EMail download it from my web site
http://www.petenetlive.com/Downloads/software/safeeject.exe
Please refer to this link where Peter long has written a safe eject utility for USB Device
https://www.experts-exchange.com/questions/21267488/Win2K-XP-Programatically-eject-USB-memory-stick.html
Accepted Answer from PeteLong
Date: 01/10/2005 02:23AM SGT
Grade: A
Accepted Answer
In fact to save me getting shouted at for using EMail download it from my web site
http://www.petenetlive.com/Downloads/software/safeeject.exe
Also you may wish to look at this utility from Microsoft to see if it helps.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311272
The DevCon utility is a command-line utility that acts as an alternative to Device Manager. Using DevCon, you can enable, disable, restart, update, remove, and query individual devices or groups of devices. DevCon also provides information that is relevant to the driver developer and is not available in Device Manager.
You can use DevCon with Microsoft Windows 2000, Windows XP, and Windows Server 2003.
Download http://download.microsoft.com/download/1/1/f/11f7dd10-272d-4cd2-896f-9ce67f3e0240/devcon.exe
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311272
The DevCon utility is a command-line utility that acts as an alternative to Device Manager. Using DevCon, you can enable, disable, restart, update, remove, and query individual devices or groups of devices. DevCon also provides information that is relevant to the driver developer and is not available in Device Manager.
You can use DevCon with Microsoft Windows 2000, Windows XP, and Windows Server 2003.
Download http://download.microsoft.com/download/1/1/f/11f7dd10-272d-4cd2-896f-9ce67f3e0240/devcon.exe
ASKER
Thanks to everyone for the excellent information.
kiranghag: that is useful to know. One prerequisite for me, though, is assuming that the users will plug these into unknown, new computers that I don't have access to. So I can't assume they will disable the write cache themselves.
imacgouf: thanks for the links. Ideally, though, I want a way to do this without having the user explicitly dismount and safely remove the drive. Pete Long's utility seems like a convenient way to do it, but still requires action on the user's part. The way I've got the TC drive setup now is very convenient, too (context menu dismounting), but still requires the user to remember to do something.
garycase: thanks for the superb post. That really clarifies almost everything. And it sounds like there is no perfect solution for what I want, as you state here:
"'2) Is there a solution to this that does not involve the user explicitly dismounting?' ==> No. There will always be some risk of data integrity loss if you "yank" a drive with a file that's open (as the TrueCrypt file will be anytime the drive is mounted)."
However, I have one point of clarification. Someone here has a Kingston Data Privacy Elite USB drive. She claims she yanks it out all the time and has never had any problems. In trying it myself, it seems like it can get in a state where when I put it back in, it doesn't automatically prompt me for a password until I explicitly double-click the Privacy software (normally it auto-prompts you when you insert it). However, unlike the TrueCrypt drive, I never get "delayed write failed" messages from XP. And I've never gotten any data loss on Kingston drive (I have on the TC drive). That could be because I haven't tried enough times, though.
From what you've explained, it sounds like maybe the Kingston drive turns off the write cache somehow with their software? How else to explain the way that it seems to work? If I could set up the TC drive to behave the way the Kingston drive is, I'd be content. What do you think of this speculation?
Thanks,
-Dave
kiranghag: that is useful to know. One prerequisite for me, though, is assuming that the users will plug these into unknown, new computers that I don't have access to. So I can't assume they will disable the write cache themselves.
imacgouf: thanks for the links. Ideally, though, I want a way to do this without having the user explicitly dismount and safely remove the drive. Pete Long's utility seems like a convenient way to do it, but still requires action on the user's part. The way I've got the TC drive setup now is very convenient, too (context menu dismounting), but still requires the user to remember to do something.
garycase: thanks for the superb post. That really clarifies almost everything. And it sounds like there is no perfect solution for what I want, as you state here:
"'2) Is there a solution to this that does not involve the user explicitly dismounting?' ==> No. There will always be some risk of data integrity loss if you "yank" a drive with a file that's open (as the TrueCrypt file will be anytime the drive is mounted)."
However, I have one point of clarification. Someone here has a Kingston Data Privacy Elite USB drive. She claims she yanks it out all the time and has never had any problems. In trying it myself, it seems like it can get in a state where when I put it back in, it doesn't automatically prompt me for a password until I explicitly double-click the Privacy software (normally it auto-prompts you when you insert it). However, unlike the TrueCrypt drive, I never get "delayed write failed" messages from XP. And I've never gotten any data loss on Kingston drive (I have on the TC drive). That could be because I haven't tried enough times, though.
From what you've explained, it sounds like maybe the Kingston drive turns off the write cache somehow with their software? How else to explain the way that it seems to work? If I could set up the TC drive to behave the way the Kingston drive is, I'd be content. What do you think of this speculation?
Thanks,
-Dave
"... it sounds like maybe the Kingston drive turns off the write cache somehow with their software ..." ==> Absolutely. You can set the write cache parameters in a batch file when mounting the drive. I'm not at home this week (on vacation with limited internet access, but I do check my e-mail when possible) -- so don't have access to all of my notes; and don't remember the exact syntax for disabling write cacheing when mounting via a batch file. But it's almost certain that's what is being done. (TrueCrypt's own syntax may allow this -- I'll check after I post this and see if it's in the docs)
As I noted last night, IF TrueCrypt maintains file consistency with the file that contains the encrypted data, then it would be fine to "yank" the drive as long as it was not in the process of being accessed -- and with write cacheing disabled that means just a few seconds after any write request it will be fine. Although there is always some risk when you "yank" a flash drive without properly dismounting the TrueCrypt drive, IF TrueCrypt maintains it in a stable state (it's not clear from the documentation, but seems like it does); and IF write cacheing is disabled; then you could safely "yank" it AFTER any writes that are initiated have finished (i.e. if you use explorer to copy a large number of files, you would have to wait until they completed -- which could be a fairly large number of seconds -- before "yanking" the drive). The Kingston Data Privacy Elite almost certainly maintains a consistent state for all of the data files on the flash drive -- and disables write cacheing -- so as long as writes are completed, it's relatively safe to pull it.
As I noted last night, IF TrueCrypt maintains file consistency with the file that contains the encrypted data, then it would be fine to "yank" the drive as long as it was not in the process of being accessed -- and with write cacheing disabled that means just a few seconds after any write request it will be fine. Although there is always some risk when you "yank" a flash drive without properly dismounting the TrueCrypt drive, IF TrueCrypt maintains it in a stable state (it's not clear from the documentation, but seems like it does); and IF write cacheing is disabled; then you could safely "yank" it AFTER any writes that are initiated have finished (i.e. if you use explorer to copy a large number of files, you would have to wait until they completed -- which could be a fairly large number of seconds -- before "yanking" the drive). The Kingston Data Privacy Elite almost certainly maintains a consistent state for all of the data files on the flash drive -- and disables write cacheing -- so as long as writes are completed, it's relatively safe to pull it.
... Note: It's not clearly noted in the documentation, but if you use the /rm switch in a batch file that mounts a TrueCrypt volume (= "removeable media"), I suspect TrueCrypt will never cache any data itself (note this is different than the Windows write cache), and so the file will always be in a consistent state. If you also disable the Windows write cache (not, as you've noted, easy to guarantee when the flash drive may be plugged into various computers) it should always be relatively safe to remove. Note that even if Windows write cacheing is enabled, if the users would just be sure they waited for several seconds of inactivity it would USUALLY be safe to pull the drive. Windows and/or TrueCrypt may be "confused" by the open volume that no longer exists; but the data on the volume will be just fine as long as there were no pending writes.
Bottom line: You can MINIMIZE the likelihood of any corruption and/or device damage with the right settings -- but it is ALWAYS safest to dismount the volume and "Safely Remove" the device. Note that on any unit that has a light to show it's powered (e.g. most SanDisk flash drives), the light goes off when you "Safely Remove" the device -- i.e. there is no power to the device at that point; so you can easily see that there is NO danger of any electrical damage when pulling it at that point. As I noted in my earlier post, think of the Dismounting/Safely Remove actions as a seat belt => rarely going to make a difference; but when it does, you'll sure wish you had used it.
Bottom line: You can MINIMIZE the likelihood of any corruption and/or device damage with the right settings -- but it is ALWAYS safest to dismount the volume and "Safely Remove" the device. Note that on any unit that has a light to show it's powered (e.g. most SanDisk flash drives), the light goes off when you "Safely Remove" the device -- i.e. there is no power to the device at that point; so you can easily see that there is NO danger of any electrical damage when pulling it at that point. As I noted in my earlier post, think of the Dismounting/Safely Remove actions as a seat belt => rarely going to make a difference; but when it does, you'll sure wish you had used it.
ASKER
Thanks again, garycase. That all makes sense, and I was starting to think that maybe it would be do-able (with your noted caveats about seat-belts).
However, I made sure TrueCrypt was treating the encrypted volume as a removable drive, and I went to the device manager to check on delayed writes. I went to "disk drives" and selected the Lexar drive and it was already set to optimize for quick removal.
So I thought: hmm, this seems the best that I could do. I updated a Word document on the disk, waited a second, and yanked it out. Much to my surprise, a second later, Windows complained that the delayed write failed. Not only that, I could still open the encrypted volume (despite the device not being plugged in) and was able to open the Word doc with my change in it. When I put the drive back in and reset things, the change was NOT in the file. The delayed write did fail, but the volume would have been accessible to someone else who sat down at the computer. Yuck.
It seems as though the setting for disabling the write cache apply to the USB drive itself, but not the volume mounted through TrueCrypt. Does that sound right to you? This makes me think that this won't work using TrueCrypt and I need to find another encryption software that I can set things up like you suggest.
However, I made sure TrueCrypt was treating the encrypted volume as a removable drive, and I went to the device manager to check on delayed writes. I went to "disk drives" and selected the Lexar drive and it was already set to optimize for quick removal.
So I thought: hmm, this seems the best that I could do. I updated a Word document on the disk, waited a second, and yanked it out. Much to my surprise, a second later, Windows complained that the delayed write failed. Not only that, I could still open the encrypted volume (despite the device not being plugged in) and was able to open the Word doc with my change in it. When I put the drive back in and reset things, the change was NOT in the file. The delayed write did fail, but the volume would have been accessible to someone else who sat down at the computer. Yuck.
It seems as though the setting for disabling the write cache apply to the USB drive itself, but not the volume mounted through TrueCrypt. Does that sound right to you? This makes me think that this won't work using TrueCrypt and I need to find another encryption software that I can set things up like you suggest.
Yes, that is almost certainly TrueCrypt buffering the data and not actually writing it ==> when TrueCrypt "writes" the data through Windows, that's a 2nd level of buffering -- and if delayed writes are not enabled for that drive, Windows will write it immediately (note, however, that "immediately" can still take a few seconds => it will start immediately, but if you "yank" the drive while it's "blinking" with activity that's also bad). If does sound like TrueCrypt does NOT immediately update the file containing the mounted volume -- so if your users can't be counted on to reliably dismount the volume, you need to find a different encryption solution. Too bad USB devices aren't like optical drives (which can be "locked" so they won't eject if they're in use).
ASKER
Okay, thanks for all the input, garycase. You were *extremely* helpful, even if I still haven't found a solution I like. I'll keep looking and if I find something I'm content with, I'll post it back here.
Cheers,
-Dave
Cheers,
-Dave
>>whatever files were already in memory. Does it also put the integrity of the TC data file at risk?
normally windows or any os will cache the data on removable usb drives. you might see the file copy/move complete but part of data is still in memory. so if you pull it out, your data could be corrupted.
>>2) Is there a solution to this that does not involve the user explicitly dismounting? I thought about trying to set it up to auto-dismount after 1 minute, but that
>>isn't really ideal. I know on the Kingston USB drives, you can pull the drive out without dismounting and have many fewer problems that seems to happen with
>>this TrueCrypt solution.
you can disable the write cache on removable drives from device manager (by right clicking the device there)
this will make the write operations on usb drive slower but will not affect reads. and if someone happen to remove the drive without explicitely removing it from windows, you wont loose data. (if its pulled when drive is not actively being written)