submitted 1 day ago by starlight@lemmy.ca to c/asklemmy@lemmy.ml

7 comments fedilink hide all child comments

I understand that if you use Veracrypt on a USB drive, unless you know the password or passphrase, you cannot access the contents of the drive. The part that is throwing me off is, do you need to have Veracrypt installed on a computer to unlock the drive? Otherwsie, you cannot access it, correct? I ask because if I wanted to access the drive on a computer that does not have Veracrypt installed, it won't work, right? If that all wrong, please kindly explain to me how it works.

you are viewing a single comment's thread
view the rest of the comments

[-] gary_host_laptop@lemmy.ml 2 points 23 hours ago

this is a very specialized attack, your threat model needs to be way higher than the average joe for someone to do such a precision strike on this, all keeping in mind that you lose your stick.

[-] groet@feddit.org 1 points 22 hours ago

Why does OP have a stick with encrypted data if they do not care about its security?

Yes, maybe its just the porn collection that they don't want others to see, but maybe its actually important stuff.

I think it is important to inform people about the ways their security can be circumvented and if somebody gives security advice its important to inform people if that advice contains flaws.

OP should know about the potential risks and then decide themselves if that is acceptable to them.

And when talking about encryption, people often forget, that the best way to break it is to never attack the encryption, but attack the way people interact with the unencrypted data.

OP should know about the dangers of decrypting their USB with software that could be manipulated.

Is all that overkill in 95% of cases? Probably? Do we know OP isn't in the 5% where it matters? No.

Maybe they want to hide something from someone in their household who has frequent access to the USB stick. Maybe they are a journalist that might get searched by police/airport security ... we do not know and we shouldn't make assumptions about their threat model.

That's why I started the comment with "reasonable approach"

[-] gary_host_laptop@lemmy.ml 1 points 22 hours ago

i dont disagree, but if you don't mention stuff like threat model to n00bs they end up thinking they need to only communicate telepathically in order to not get spied on. every attack is possible, just not for every threat model, for example a very sophisticated js attack wouldnt be used on the wild, but more likely targetted on a specific individual because once it's known it's fixed and you can't use it. it's worthy so you use it on a worthy individual.

this post was submitted on 01 Jun 2026

17 points (100.0% liked)

Asklemmy

54458 readers

280 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
!lemmy411@lemmy.ca: a community for finding communities

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 7 years ago

MODERATORS