While several posts have been submitted to the list concerning the dangers of allowing USB sticks to automatically run programs, I have the necessity of carrying encrypted USB sticks and prefer that they start automatically when inserted whether the host PC has Truecrypt installed or not.
As the contents of my USB sticks are encrypted, I have cobbled together the following routine to automatically start Truecrypt and mount the encrypted drive with minimal fuss and simply present me with a password prompt. (I initially tried the "Traveller Disk Setup" under the Truecrypt tools but it wasn't flexible enough). 1. Download and install Truecrypt: http://www.truecrypt.org/downloads.php 2. Create an autorun.inf file on a blank USB stick with the following contents: [autorun] useautoplay=1 label=TrueCrypt Host Drive icon=truecrypt.exe action=Load TrueCrypt shellexecute=truecrypt.exe /a /lP /v default.tc /q shell\start=Start TrueCrypt and Enter Password shell\start\command=truecrypt.exe /a /lP /v default.tc /q Notes: "label" can be whatever sounds best for you. The /lP switch in the "shell" lines mounts the encrypted drive as P: Choose whatever drive letter you want or leave the switch out to use the next available drive letter. The filename "default.tc" is the name I give to my encrypted drives. Use whatever name you wish. 3. Copy the following files from the Truecrypt installation directory to the USB stick: truecrypt.exe truecrypt format.exe truecrypt.sys truecrypt-x64.sys license.txt (if you are going to distribute the sticks) 4. Use truecrypt format.exe to prepare an encrypted file container of your size choice on the USB stick. Make sure the name you use for the file contianer is the same as in the autorun.inf file. 5. Replug the USB stick and it should prompt you to enter the encrypted drive password whereafter you should be in business. If Autoplay has been disabled, you have one extra step; right-clicking on the USB drive in My Computer will list "Start TrueCrypt and Enter Password". Good luck! -- Peter van Houten ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
