USB flash drive with TrueCrypt, VM and XeroBank

I'd appreciate comment and/or criticism (ideally constructive) re the following setup. I'm using a 64 GB Lexar flash drive. Using TrueCrypt v6.3a, on a Win XP SP2 machine, I created a hidden volume on Partition1 (not the entire drive). After doing that, the drive shows up as raw in explorer.

Given that there's only one partition possible for removable drives, how is encrypting the partition different than encrypting the entire drive? I get that encrypting an entire drive is risky, because the OS may write to it, trying to be helpful. Is this less likely for encrypted partitions? What are the threats?

I moved thereto a copy of a Win XP SP3 VMware VM with a 30 GB disk and 1 GB memory (clean minimal install, fully patched). Running in VMware Player v3.0, I installed XeroBank. I verified that I can connect, and that none of the decloak.net tests get my true IP. As discussed on other threads, I can of course route through XeroBank or another VPN running on the host machine.

I also installed TrueCrypt v6.3a on the VM, and created a hidden file volume. That virtual^3 volume was acceptably fast, which somewhat amazes me.

What am I missing?

 

I have an image i use when traveling to hostile countries. I'll send you a copy, it is awesome and it is <2GB and has everything including preconfigured drive encryption and all-or-nothing xerobank routing.

 

Cool. Thank you.

What you didn't say, as I hear you, is that the setup I describe is totally vulnerable while running. Yes? And hardening Win XP is probably hopeless, right? I'd only run this thing on trusted machines.

 

could you send one to me, too?

 

Steve, are you running the image directly from your flash drive or doing an install on your machine? I'm assuming your running it directly from your flash drive if your using it in a foreign country like in a hotel etc.. Is it running from Linux or Windows? I have an Xerobank account, and i'm interested.

 

It is a linux bootable virtualmachine. The operating system is read-only so it is fresh every time you use it, the only write-able parts are userland created encrypted partitions, which can be created point&click inside the OS. It has a full suite of productivity, communications, and utilities.

 

Steve, Do you guys have your XB Machine available for download? I tried to go to the page and it had a database error. I've never used it and would like to kick the tires.

 

XB Machine is only applicable to old xerobank accounts. New virtualization solution will be implemented this weekend at the beta group on xerobank forum.

 

I guess I'm a day late and a dollar short. Where have I been? Will that eventually be a part of the XB basic product? Or will the XB Browser w/Xerobank service still be the standard? Sounds like a lot of good things happening!

 

Steve, Could you PM me a link to download it? It sounds awesome!