|
It's pretty much a backup of a backup of a backup by now, I already have plenty of them, it's just a matter of having an extra set "just because" I happen to have spare MicroSD cards doing nothing, and this might be a good use. Being so small, I figured, why not carry this in my wallet?
And no, as far as I know, VeraCrypt does not have a client for Android, but as mentioned elsewhere, the intent is not to have the content readily accessible on Android. It's just a transport mechanism.
I wouldn't worry about physically losing the card either.
|
|
|
|
|
You should be fine then man. Those little boogers are sturdy. Your main concern would be scratches, but you can just wrap it. It's not that much different than a credit card as far as durability goes and it's not like we scratch up the mag strip on them daily. Still, nothing cellophane can't handle.
Jeremy Falcon
|
|
|
|
|
Oh, about the only issue I can think of, is if you sweat a lot and it gets wet because your wallet is wet, you'd have to let it completely dry out before using it again.
Jeremy Falcon
|
|
|
|
|
If they're encrypted, just scatter them everywhere. Sock drawer, wallet, safe deposit box, etc.
|
|
|
|
|
if you have lots of them, then tape 4 to a credit card you do not use very often.
Put 4 in a ziploc in your phone case.
Write some software that will compare all 4 images and choose the “majority” bit match to help with losing a bit here and there.
The encryption software should have anti tamper to tell you if a checksum/hash is wrong when you decrypt it.
Great idea for offsite/on person backup.
Also install a phone home program on the SDs in case someone swipes your wallet or phone.
|
|
|
|
|
|
I'd be more concerned about the non-encrypted data on my phone than my encrypted file.
|
|
|
|
|
I have a couple of external USB drives for backups of data, attached to my PC. The drives are Bitlocker encrypted, in case one gets lost or stolen. Everytime I start the PC I have to use my Bitlocker password to get access to the drives.
However, I recently discovered that once I have access to a drive, if I turn off the PC by hitting the power button instead of doing a proper shutdown through the Start menu, any "open" drives remain open. Next time I start the machine, the drive is immediately accessible. No password needed! You have to go through the proper shutdown procedure to ensure your machine won't have immediate access to the drive on the next startup.
I must admit I haven't checked if a different computer will also have access to the drive left open on my main PC. But the point is: My main PC may get stolen with the external drives during a burglary, for example.
Ok, I have had my coffee, so you can all come out now!
modified 2 days ago.
|
|
|
|
|
Check the power management settings - your power button is probably set to "sleep" or "hibernate" but there is a "Shut down" option which should restart the OS on power up and require access control to the drives: Control Panel > Hardware and Sound > Power Options > Chose what the power buttons do
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Yes, I found the setting to change what the power buttons do. I changed that from "sleep" to "shut down".
BUT: There is no way to save this change! At least not in the very latest version of Windows 11! When I exit the settings panel, Windows resets the setting to the default "sleep"! Stoopid Windows!
Ok, I have had my coffee, so you can all come out now!
|
|
|
|
|
Did you hit the "Change settings that are currently unavailable" - the system settings are in UAC Registry so unless you are elevated, it won't change. Mine is set to "Shut down" and that is persistent.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Yes I did change that setting and it is NOT persistent. Note: I am the only user on this machine and I am the only administrator. It is running Windows 11 Pro fully updated. I have hibernation mode turned off as it bloats up my system backup images.
Ok, I have had my coffee, so you can all come out now!
|
|
|
|
|
Well, if your system does go in sleep mode, then it'll have to do a full power-up anyway if your system gets stolen and spends any amount of time without any power, just as if you'd have yanked the power cord while it was turned on, rather than doing it while it was sleeping--the results would be the same. Unless it's a laptop and the battery runs long enough.
But perhaps more importantly (from my perspective): If your external drives are backups, physically disconnect them and only power them on when doing an actual backup. Ransomware is just as capable of encrypting your mounted backup drives as your main system. Especially since you enter your Bitlocker password on every boot, conveniently making your backups accessible to said malware.
|
|
|
|
|
Sound advice, but I use Windows Security Ransomware Protection on all folders where data are stored. My Macrium system images are protected by Macrium's Image Garden against any and all unauthorized alterations. Then I also maintain an old style 8TB Western Digital spinning disk drive for off-line storage of all important data. This drive is kept powered down an disconnected 99% of the time.
On top of all that: I make at least every week a DVD backup of all new critical data. The DVDs are closed and locked after creation to prevent any further changes. I have a high pile of such old DVDs in my off-line collection.
As regards my system drive: If the worst happens I can always clean my systems drive and do a clean install of Windows on the drive. I have done many clean installs and it typically takes me 3 or so hours to be fully up and running. I always keep a few flash drives with the bootable tiny Windows PE operating system that has embedded the Diskpart utility that can forcibly clean any disk and prepare it for a clean install.
I don't have much faith in backups on the cloud and mostly avoid that. Some of my critical backups are stored off site in a relative's residence.
If you want to know more about Windows PE, see:
Windows PE (WinPE) | Microsoft Learn[^]
Ok, I have had my coffee, so you can all come out now!
modified 2 days ago.
|
|
|
|
|
Sounds like you have a solid strategy already in place. Carry on.
|
|
|
|
|
I noticed similar with an encrypted USB drive - one of those with a keypad built into it to key a pin (6 digits).
One thing you might be able to do to change things is messing with the power states for them.
|
|
|
|
|
wow.
The credentials are not revoked when restarting a machine ?
CI/CD = Continuous Impediment/Continuous Despair
|
|
|
|
|
Depends: if you hibernate or sleep, then probably not unless you log off and log in again. And since most people have "auto logout" disabled to save effort ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
sudo init 0
>64
It’s weird being the same age as old people. Live every day like it is your last; one day, it will be.
|
|
|
|
|
Good to know. I'm the only one likely to access my machine, as I live and work out of the same place.
That said, I've been known to angrily turn my machine off the bad way when it misbehaves. I know I'm not really "punishing" it, more myself, but it still feels cathartic.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
|
Similar, but unrelated...
My first PC (1992) had the option to set a password in the BIOS... but it only worked on a cold boot. You could do a warm boot to bypass it when prompted for the password.
|
|
|
|
|
Wait, what?
Boot from nothing, get prompted, Ctrl-Alt-Del, no prompt?
It takes a special sort of genius to come up with that.
I've had BIOSes that had options to set a password, but I've never bothered with them. Good to know they're utterly pointless.
|
|
|
|
|
Pressed the restart button... no prompt.
|
|
|
|
|
PIEBALDconsult wrote: Pressed the restart button... no prompt.
What's "the restart button"?
If you mean the Restart option in Windows (or your OS of choice), then yeah, it makes sense. The OS has already booted, so you've proven you know the BIOS password by that time.
But if you mean the physical power button on your PC to restart - from the BIOS password prompt (because that's as far as you can make it) - then it might as well not be there, because it offers no protection at all...
|
|
|
|