I'd appreciate comment and/or criticism (ideally constructive) re the following setup. I'm using a 64 GB Lexar flash drive. Using TrueCrypt v6.3a, on a Win XP SP2 machine, I created a hidden volume on Partition1 (not the entire drive). After doing that, the drive shows up as raw in explorer. Given that there's only one partition possible for removable drives, how is encrypting the partition different than encrypting the entire drive? I get that encrypting an entire drive is risky, because the OS may write to it, trying to be helpful. Is this less likely for encrypted partitions? What are the threats? I moved thereto a copy of a Win XP SP3 VMware VM with a 30 GB disk and 1 GB memory (clean minimal install, fully patched). Running in VMware Player v3.0, I installed XeroBank. I verified that I can connect, and that none of the decloak.net tests get my true IP. As discussed on other threads, I can of course route through XeroBank or another VPN running on the host machine. I also installed TrueCrypt v6.3a on the VM, and created a hidden file volume. That virtual^3 volume was acceptably fast, which somewhat amazes me. What am I missing?