Creating an emergency USB drive

One of the more intriguing aspects of living in the 21st century is that access to personal data is becoming crucial, especially at times when we aren’t near it.  Cases in point:

  • You’re traveling and you have an accident.  Do you have all the medical information that you need to get treatment such as contact information for your Primary Care Physician, insurance card, medication info, etc.?
  • In that accident, you’re unconscious and the emergency responder needs information including your emergency contacts?
  • Again, you’re traveling and someone snatches your purse or wallet.  Do you have the information required to cancel your credit and bank cards?
  • You don’t have a laptop, but need to access the Internet in a manner that would be difficult with a smart phone or tablet.  You can use an Internet Cafe, but do you really want to be using their browsers?  What if you leave a critical bit of information on their machine?
  • You simply want to have access to selected financial, medical or other highly personal information while on the go.

One way to accomplish this is to create an emergency USB drive that you have with you all the time.  USB drives have gotten so small and unobtrusive that one can keep them in their wallet, on a keychain or can be worn as a pendant.  In fact, you can have multiple copies for different scenarios.

So, if you’d like to create an emergency drive, start with this article written by Gizmo.  It provides an very useful outline about how to do this.  What I’d like to do in the balance of this post is share my thoughts and experiences as I create my very own emergency USB drive.

First, you need to start with a USB drive.  The one that the article notes, Verbatim’s Tough-n-Tiny is exactly the form factor for this.  However, the reviews on this device is that they tend to fail which makes them not that tough.  I bought a Sandisk Cruzer Blade for this purpose, but frankly all USB drives have fairly high failure rates.  You should check your drive periodically to insure it ‘s still working.  After all, it will likely be in a hostile environment.

There are basically 3 sections you need to create in this drive:

  • Programs such as TrueCrypt and a web bowser ( choose Firefox) — Both installed as “portable apps”.  More on this later
  • A generally available and unencrypted section for you and others to access.  This will contain contact information and information for medical personnel
  • An encrypted section for sensitive information like credit card numbers, etc.

Portable Apps

Before we start, keep in mind that the odds are high that if you need to run an app, it will need to be on a Windows system, running anything from Windows XP through the upcoming Windows 8.   Even if you find a place with Macs, it’s highly likely that there are Windows systems available also.  So, though I use Macs at home, I installed portable apps for Windows not Macs on my drive.   BTW: unencrypted and encrypted sections of this drive are usable from Mac and Linux system as well as Windows.  So, in a pinch (like in an Apple Store), one can access the data just not the portable apps.

So what is a portable app?   This is an application that can run on any Windows  machine without being formally installed on that machine.  Typically when you install an application on Windows, it’s leveraging various libraries on the machine, it keeps configuration information in the Registry and program data (including cookies and cache data) on the system drive.  A portable app can be run without being formally installed on a given system from a removable drive (like a USB drive).  It keeps any persistent data on that drive and not on the host system running it.

Since I run Windows 7 under a VMware Fusion virtual machine, I mounted the new USB drive on my Windows VM and not my Mac.   I then created a new top level directory called “Programs” to store a browser and a portable version of TrueCrypt.

To install the portable version of Firefox, I needed a special installation package, which I downloaded from here.   You can download it anywhere on your Windows system, then run the executable.  It will ask you where to install it.  Just install it to the USB drive “Programs” directory.  Firefox already has a PDF reader and Microsoft’s Silverlight package.  Adobe Flash and possibly Java might be needed.  There is information at the portable Firefox website about how to install these since it’s more complicated for portable apps.  I choose to ignore these for now.

I then installed a portable version of TrueCrypt.  TrueCrypt is an Open Source encryption program that runs on Windows, Macs and Linux.  Technically, you don’t need to run TrueCrypt off the USB drive, but that would require that it’s installed on whatever system you’re on.   This isn’t a security issue, just a convenience one.   The trick with installing TrueCrypt is to “Extract” not “Install” it.  So, on the USB drive, create a folder under “Programs” called “TrueCrypt”, then extract it there. Read the various notices that come up as it will provide information as to what to expect when running TrueCrypt as a portable app.

Encrypted Section

To create the encrypted section, you’ll want to created an “encrypted file container” (which is the default).  The next question is more interesting.  You’ll have the option to create “normal” encrypted file or a “hidden” file.  The hidden file option creates two encrypted files, one (hidden)  inside the other (visible).   You place some secure looking files in the visible portion with the really personal stuff in the hidden portion.  The purpose is if you were required to provide the passcode under duress, they’d only see the files you placed there as decoys (which can be useful information but not all that sensitive).  The “normal” option simply creates an encrypted volume.  Some guidelines:

  • When you’ve created a hidden encrypted volume, TrueCrypt is smart enough to either open the visible directory or the hidden one depending on the passcode entered.  For the visible, use a passcode that you never have used elsewhere and something you’d be OK with compromising.  For the hidden portion, use a good, well formed passcode.
  • This section doesn’t have to be that large for most of what you need, say 500 MB, unless you plan to keep your financial archive, then it might need to be larger.  You also have the option to have multiple encrypted volumes.
  • The typical USB drive is formatted the with Windows FAT filesystem format.  All Windows, Macs and Linux systems can mount FAT, but it has some drawbacks.  One is that no file can be larger than 4 GB, which means that’s the limit of an encrypted volume.  You can reformat the drive to NTFS format, but then it wouldn’t be accessible by non-Windows systems.
  • If you use a hidden solution, be sure that drive “Z:” is free as it will attempt to mount the visible container there and will silently fail.  This is a bug in TrueCrypt.

Unencrypted Section

There’s not that much to add to this, except for one change that I made.  I didn’t put any credit card information into the unencrypted section since I’m making the assumption that I’ll need the numbers to report their theft, which means I’ll open the encrypted container.

Finally, one more critical step:  As noted above, USB drives do tend to fail over time, so you need to  test it periodically and when it fails create a new one.   So, once you’ve created the EMERGENCY drive and filled it with the appropriate information, copy the entire drive to a directory on your primary computer.  That way, you can create a new EMERGENCY USB drive by simply copying the contents without having to build it from scratch.

Now, where should I stuff this thing …………..

2 Comments

    Trackbacks

    1. The art of blogging … | The Family HelpDesk
    2. TrueCrypt appears to be belly up … | The Family HelpDesk

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: