6 Replies Latest reply on Jul 23, 2013 5:37 AM by pierce

    EEPC w/ True Crypt Portable

    uzanatta

      Hi There,

       

      do you know if  there is any issue running True Crypt Portable with EEPC 6.2.x already installed?

       

      Thank you,

        • 1. Re: EEPC w/ True Crypt Portable

          None reported, but maybe no one ever tried either. TCP is a virtual disk namespace extension, EEPC is a disk class upper filter driver. The two (should) co-exist gracefully.

           

          But, depending on how well the TCP driver is written, EEPC may detect it as a real hard disk and encrypt it.

           

          Let us know how you get on!

          1 of 1 people found this helpful
          • 2. Re: EEPC w/ True Crypt Portable
            uzanatta

            Hi,

             

            thank you for your prompt reply.

            • 3. Re: EEPC w/ True Crypt Portable
              dmartin

              Has anyone had any success with this? I have TrueCrypt Portable files saved in a directory on a system we would like to encrypt, and am wondering if EEPC will see it as an incompatible product even though it is not technically "installed" from the Windows perspective. The TCP driver has to be loaded on the fly every time the program is run.

              • 4. Re: EEPC w/ True Crypt Portable
                pierce

                We have a few users with truecrypt installed for some secure containers we need to use. As long as your encrypt the system first with EEPC there are no isses. EEGO will report it as an issue but it will all run.

                 

                If you install truecrypt and then EEPC the machine will not encrypt as it will see this as an incompatable product and wont encrypt the drive in case its already encrypted with truecrypt (there is no way to tell if a drive is encrypted or not from a program running on the OS)

                • 5. Re: EEPC w/ True Crypt Portable
                  dmartin

                  So, it sounds like having the full version of TrueCrypt installed may prevent EEPC from encrypting because it sees an incompatible product. In my case I have now confirmed that having Trucrypt PORTABLE 7.1a did NOT prevent EEPC from encrypting a test system. This is a different version of TrueCrypt since it is not actually installed into Program Files, and requires elevated rights to load the driver each time it runs. For some environments where TrueCrypt is needed, and you are planning an EEPC deployment, then it may be a good idea to switch yor users to the portable version where possible.

                  • 6. Re: EEPC w/ True Crypt Portable
                    pierce

                    There is an XML file burried deep within ePO that lists how it actually checks if the software is there or not(at one point I wanted to disable this truecrypt check but its not supported)

                     

                    C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Server\extensions\installed\EEADMIN\7.0.1.354\webapp\ProductDetect ion

                     

                    open with notepad or whatever and it will spit out all the checks it performs and what product it relates to.

                    Truecrypt is...

                    <!-- Define TrueCrypt -->

                              <products xsi:type="ns1:PDProduct">

                                        <name>TrueCrypt</name>

                                        <osType>Windows</osType>

                                        <rules xsi:type="ns1:PDRule">

                                                  <regEntries xsi:type="ns1:PDRegistryEntry">

                                                            <type>Key</type>

                                                            <path>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\truecrypt</path>

                                                            <textValue></textValue>

                                                            <binaryValue></binaryValue>

                                                            <compare>EQ</compare>

                                                  </regEntries>

                                                  <fileEntries xsi:type="ns1:PDFileEntry">

                                                            <path>[WinDriverDir]\truecrypt.sys</path>

                                                  </fileEntries>

                                        </rules>

                              </products>

                     

                    so if you end up with the \truecrypt folder in the registry or the \truecrypt.sys it will assume its installed and potentially encrypting the drive.

                     

                    I have an idea submitted somewhere to allow us to disable these checks as its a pain for us having to remove truecrypt, encrypt with eepc... reinstall truecrypt.

                     

                    Message was edited by: pierce on 7/23/13 5:37:24 AM CDT