GPG on USB drive

Maxine Brandt torduninja at mail.pf
Mon Jan 10 21:27:18 CET 2005 

On Mon, 10 Jan 2005 00:54:55 +0000 "C. D. Rok" <cedar at 3web.net> wrote:
> From a blurb in their press release (at http://www.u3.com/):
> ...
> The goal of U3 LLC, based in Redwood City, California, is to transform
> the USB flash drive market from simple storage devices into exciting new
> consumer products that people can use to carry, store and launch their
> own applications and data on any PC wherever they go...
>
> Also of interest in this context:
> http://www.mozilla.org/press/mozilla-2005-01-07.html
>
> There have been many discussions on this forum - a lengthy one just a
> couple of weeks back - about the problems faced by many users who need
> to run GPG in 'media-centric' (as opposed to 'computer-centric')
> "modus operandi". It was my impression at the time that the developers
> of GPG were convinced such use should be discouraged.
>
If you're referring to the wide-ranging discussion in November last year,
that's not my impression of the developers' attitude (take Werner Koch's quick
reaction to the problem iconv.dll caused for our GPG on a floppy project, GPG
TO GO, for example).

A 'media-centric' version of GPG (or any other application) will always have 
limited functionality, and may never be possible, for two reasons.

The first is that it must come with its own OS or else use the host machine's 
OS. If it uses it's own OS, the host machine must allow it to boot, and if 
you're not the controller of that machine you won't be able to enable this. 
The medium OS must also be able to write to the host system, which isn't 
possible Windows-to-*NIX or *NIX-to-NTFS (at least not without third-party 
helpers, which for the moment, aren't reliable.

The second reason is network connections. If you're not the controller of the 
host machine, applications won't be allowed to pass a firewall.

However, if you're thinking in terms of a Windows version of GPG that will run 
from a removable drive on any Windows system, there's an apparently very 
simple way to achieve this - just remove all mention of "c:" in the 
"HAVE_DRIVE_LETTERS" section of the "configure" file and do a Windows 
compilation. The GnuPG home directory becomes simply "gnupg" whatever drive 
letter your removable medium is assigned, and you can use the regular 
command-line procedure.

I've been testing such a compilation of 1.4.0 for e-mail and file ecnryption 
for three weeks now without any problem, though it has a few particularities 
which leave me with a lingering doubt that there may be a nasty surprise 
waiting somewhere. (Maybe Werner or David could comment on that).

Salut

Maxine

More information about the Gnupg-users mailing list