Outils pour utilisateurs

Outils du site


issue96:command_conquer

Ceci est une ancienne révision du document !


Table des matières

1

As many of you may have gathered by now, I work in IT. As my work often requires me to visit clients and have solutions or demos ready to run on their computers, I always have a USB thumb drive with me that contains some of my tools and demos. The real trick to this is having a thumb drive that’s readable on any computer with minimal fuss and without file-size restrictions, as well as keeping sensitive documents for other clients safe. This month, I’ll cover exactly that.

Comme vous auriez pu le remarquer, je travaille dans l'informatique. Étant donné que mon travail me demande de visiter mes clients et d'avoir avec moi de quoi faire des démonstrations prêtes à être lancées sur leurs ordinateurs, j'ai toujours avec moi une clé USB contenant quelques outils et démos. La vraie difficulté de cette pratique est d'avoir une clé USB compatible sur n'importe quel ordinateur avec le moins de complications possible et sans restrictions de taille de fichier, ainsi que de garder des documents sensibles pour d'autres clients en sécurité. C'est exactement ce dont je vais vous parler ce mois-ci.

2

Cross-Platform Storage Format

The de facto standard for hard drive formatting is FAT32. This was developed by Microsoft back in 1996. It includes a file-size limit of 4GB - this means that no individual file can be larger than 4GB. The restriction is increased in FAT32+, though support for that standard can be hit-and-miss. In the case of backups or archives, this can be a problem. NTFS (also by Microsoft) can be read by all major OSes, but the newest versions of Mac OS X lack write support by default. HFS+ can be read by Linux, but not by Windows (without paid software at least). This is where exFAT comes in.

ExFAT stands for “extended File Allocation Table” (extended FAT), and is the default formatting for SDXC cards larger than 32GB. It was originally introduced in 2006, and is supported in all modern OSes (this excludes “legacy” OSes like Windows XP). Windows and Mac both support this out of the box. Some Linux distributions, however, do not have the utilities installed out of the box (they will be available in the repositories though). In Ubuntu, install the exfat-fuse and exfat-utils packages from the universe repository.

Formatting the drive is the exact process used to format any drive, just be sure to select exFAT.

Inter-opérabilité des formats de stockage

Le standard *de facto* pour le formatage d'un disque dur est FAT32. Il a été développé par Microsoft en 1996. Il inclut une limite de taille de fichier de 4 Gio - ce qui signifie qu'aucun fichier individuel ne peut excéder 4 Gio. Cette restriction augmente avec FAT32+, bien que le support pour ce standard puisse être omis. Dans le cas de sauvegardes ou d'archives, ceci peut-être un problème. NTFS (développé également par Microsoft) peut être lu par les système d'exploitation majeurs, mais les dernières versions de Mac OS X ne le supporte pas par défaut. HFS+ peut être lu par Linux mais pas par Windows (du moins pas sans logiciel payant). C'est ici qu'intervient exFAT.

L'acronyme exFAT signifie « extended File Allocation Table » et est le format par défaut des cartes SDXC de plus de 32 Gio. Il fut à l'origine présenté en 2006 et est supporté par tous les systèmes d'exploitation modernes (excluant les systèmes anciens comme Windows XP). Windows et Mac OS X le supportent tous deux directement à l'installation. Quelques distributions Linux cependant n'ont pas les outils installés par défaut (mais il sont disponibles sur les dépôts logiciels). Sur Ubuntu, il faut installer les paquets exfat-fuse et exfat-utils depuis le dépôt universe.

Concernant le formatage d'un disque en exFAT, il suit le même procédé que pour n'importe quel format, assurez-vous simplement de sélectionner exFAT.

3

Encryption

VeraCrypt

For a long time, I relied upon TrueCrypt for creating encrypted file containers. Unfortunately, development for TC has stopped, and, for a time, no similar software appeared. I recently stumbled upon a fork of TC called VeraCrypt that seeks to solve the security issues of TrueCrypt (and according to the audit of TC, seems to have solved the largest issue).

VeraCrypt offers two options - encrypted file containers, or encrypted partitions/devices. File containers are simply encrypted files that can be mounted through VeraCrypt, and act as local USB drives. No unencrypted data is written to disk, but it is stored in RAM (on-the-fly encryption/decryption). Encrypted partitions are, as one might expect, a completely encrypted partition. If you plan on storing unencrypted files alongside encrypted ones, I would recommend the file containers. If you want a fully encrypted device, choose the partition. Keep in mind that the partition can be mounted only through VeraCrypt. You’ll either need a portable install with you, or a system with it already installed.

My personal preference is to have multiple file containers (one per client), and a portable copy of VeraCrypt installed on my USB drive. You need to have a portable copy of VeraCrypt for each OS - this is typically done by copying the extracted files during installation. That way, I can run the application off the USB drive, and have access to all the file containers I need.

4

GPG

Gnu Privacy Guard (GPG) is an encryption standard that can be used for file encryption (as well as the encryption of messages, such as email). It uses public key cryptography (existence of both a private and a public key to encrypt). Without going into extreme amounts of detail, a file or message is essentially encrypted using a public key (the key you can give away and share). And decryption requires the use of the matching private key. If someone were to send me an encrypted message, it must be encrypted using my public key, but I would need to decrypt it with my private key.

This encryption is typically useful for messages or securing a single file or group of files. It is not on-the-fly encryption and decryption, and decrypting a file will result in the unencrypted data being saved on your hard drive. It also does not encrypt folders. However, if you’re sharing sensitive data via Email, it may be better to use GPG than VeraCrypt or an encrypted ZIP Archive.

For instructions on using GPG encryption, see the further reading section.

Hopefully this article will be helpful to some - especially those who have to switch between various OSes like I do. If you have any questions, issues, or requests, please let me know at lswest34+fcm@gmail.com. This includes requests for articles.

5

Further Reading

https://veracrypt.codeplex.com/wikipage?title=Portable%20Mode - How-To on portable VeraCrypt

https://veracrypt.codeplex.com/discussions/572934 - How-To on cross-platform portable VeraCrypt.

https://www.gnupg.org/ - GPG homepage

issue96/command_conquer.1431336568.txt.gz · Dernière modification : 2015/05/11 11:29 de vincent