Encrypt/secure files on external HDD?

ID10 mulambo  September 2, 2024

Comments:

Have you considered Veracrypt? I'm not sure I understand your requirements ... "unformattable?" Any disk can be reformatted, but if that is done anything that was on the disk gets erased anyway, so not sure why you would require the disk to be incapable of being reformatted.

With Veracrypt you can create an encrypted "container" (basically, an encrypted file that can be opened as a separate drive letter) or you can encrypt an entire SSD/HDD partition, ala Microsoft's Bitlocker. The choice basically depends on how much content you want to store. Without the proper password to unlock the encrypted volume, nothing within the encrypted volume can be seen or accessed. With the proper password, though, it's just like any other directory in that you can read/copy/edit the files within. I don't know whether that meets your requirements or not.

Take a look and see what you think. There is a "portable" version, so you can download it and give it a trial run. I suggest you test the portable version and create a small (2-10 GB) encrypted container and explore how to use it. That may be all you need. If you like the way it works but need something a lot larger, you could then move on to create a larger container or encrypt an entire partition, if desirable. And if it doesn't meet your needs, you can simply toss the Veracrypt folder and continue looking for something else.

Hello, thank you for your answer, to put it simply: it's personal work I need to hand out temporarily to somebody who has to view it only. It's personal work that I don't want to be distributed or seen outside of the viewer I've chosen (basically the drive itself is a portfolio). That is why I needed that secrecy. Unformattable because, of course, I can reuse it to make someone else see it without reuploading it all again (in case the first person who views the content accidentally erases its contents... or even intentionally but that would make no sense). So I don't know if the password alone would do, as the person has full access with it (meaning he can copy the files and use them as he pleases). Hope that makes sense.

If not, think about an artwork project: you have not only the final JPG of the image, but also the "source files" which have extra features (such as layer-based files, unlike JPG) and much more. I basically want to make the viewer (let's say, somebody who is probably going to hire me) to see what I can do on full extent (ergo: seeing that the JPG file was made with the combination of different softwares such as Gimp, MyPaint, Blender) and I want him to see the separate parts of the composition made in different programs. Of course, if he gets the files he can tell me "sorry I won't hire you" then use the files without permission since they may be not protected, fully accessible, practically in his hands. That's the point, and why I need the HDD to be read-only. Afterall, I wouldn't care if the person formatted it.

Aha, now I see. That puts things in better context. Essentially, you're looking for some form of copyright or anti-tamper protection rather than simply security from hackers and prying eyes.

Outside of water-marking, I'm not sure what else can be done. Maybe someone else has some ideas. Even "secure pdfs" can be stripped of their security, so that's not a solution. It's kind of like the age-old DVD copyright conundrum -- you can encrypt the DVD, but at some point it has to be decrypted for display on the TV, and then it's exposed to copying or screen capture. The solution there was to tie the DVD to dedicated hardware, but that won't be an option for your case.

This is well outside my level of experience, but I wonder if a solution might lie in some sort of hybrid online delivery. For example, I think a pdf can be designed to pull in and display content dynamically from over the internet; perhaps your intended viewer has similar capability. If so, that might allow your webserver to control (and revoke, when necessary) access. I'm just shooting in the dark, though.

Your best bet may be to browse around some photography forums rather than hardware forums. See what ideas photographers have used to protect their creations, and maybe there will be some ideas that you can modify for your situation.

Here is the catch: there isn't anything like "uncopiable" things. Once you grant read access to something, you can get the info and display it, but nothing really prevents you from writing it somewhere else you have write access to. Read implies knowing the data, and by knowing the data you can put it elsewhere.

By handing out an external HD (or a pendrive, or an email attachment, or a webserver hosted file, literally, anything), you no longer are in control of it nor can restrict what the recipent can do with it. It's within their system now and under full control.
Encryption would helped if you don't need the other guy to view it, but now, you're after something like "DRM", and as all we know, it's impossible in practice to have good results with it (that's why music and movies piracy is still a thing and still impossible to avoid).

The only real solution to go to the meeting with your potential employeer with your own computer, open the files yourself, in your own screen, under your control, show whatever you need, then close the laptop and go away, carrying the lone copies with you. Of course this is not always practical or even possible.

Other than that, I would stick to the mentioned techniques to "dumb down" the work so that it doesn't hurts too much if it leaks: watermarking, using a lower quality or resolution of images, show only a portion of them and the like.

I think the point would be that the contents are clearly intended for a third party but not all third parties. it means that if the drive got lost or onto the hands of someone else unintended then there is a fail safe in place.

I would just use Bitlocker on the drive set with a password.

Your comment

Your name:

Youtuble Link: visible: or hidden
Image url: