I have my laptop setup with truecrypt on the main drive (2 internal drives), but I want to prevent anyone in a work environment being able to plug a usb stick or external drive into it and pull off files - they would have to catch it unlocked, and being human it is possible.. Is there anyway to control the ports with software so that only I can use them? When I boot into the 2nd OS I can see the truecrypt files but they are of course scrambled, but if anyone had access to the main OS before the lock timeout comes on (if I forget to lock it manually) then they could export from there.
one way I found, regedit http://www.ghacks.net/2011/03/18/how-to-enable-write-protection-of-usb-devices-under-windows/