“Encryption” is a term which is used too broadly to describe security. A good example, is the term “encrypted USB flash drives.” This phrase means different things to different people. Some interpret an encrypted flash drive to be a flash drive which requires a password to be entered before the files can be viewed. Some interpret this phrase as a read-only flash drive, where the files cannot be deleted off the drive. Others believe the phrase is related to copy protection, such that a file on the drive cannot be copied or duplicated.
The truth is, the term “encryption” applies a little bit to each one above, only in a different method on how the encryption is applied to the product.
In very simple terms: “Encryption” is the process of encoding information.
Here are four USB flash drive encryption examples of encoding information for security purposes where the products cannot be found on Amazon.
USB Data Encryption
The most common association with encryption is that of a password. With USB data encryption the files on a flash drive are protected until the correct password is entered. An algorithm is applied to the files to mix and scramble the binary copies so everything is un-readable. However, when the correct password is entered the binary part of the files are re-organized to display the file as expected – as if the file wasn’t encrypted.
The USB Data Encryption flash drive on this blog post is a solution where the encrypted files will be decrypted and displayed on either a Mac or Windows computer. This is a unique solution because most encryption products, such as “BitLocker” from Windows is a OS dependent encryption solution. In addition to the decryption working on either a Mac or Windows computer the USB flash drive is also write protected. Meaning the USB is read-only. The benefit with this added feature is even after the correct password is entered and the files become readable, the flash drive still has security where the files cannot be deleted or formatted off the drive.
The encrypted flash drives you find on Amazon do not have write protection and they do not decrypt in both Mac computers and Windows computers.
Note: Anyone who enters the correct password can then do anything they want with the files such as print, save, stream, share, screen grab, etc.
USB Copy Protection
Another common misuse of the term encryption is when that term is applied to copy protection. As mentioned before with the definition of encryption, the encoding of information, USB copy protection does encode the information, but a password isn’t required to view the file.
The big difference between encryption and copy protection is with encryption, once the user enters the correct password the user can do anything they want with the file, like print, save, stream, share, screen grab, etc. However, with copy protection the philosophy is backwards… the idea is for anyone to see the file, but nothing can be done with the file. It can only be viewed – nothing else.
A good example of copy protection would be a teacher who creates a valuable video or PDF file and sells them as part of the class curriculum. By using copy protection, the teacher is guaranteed the content will not be illegally duplicated by a student and shared with the rest class. There is no password associated with the files, because a password doesn’t stop the duplication of the content – only copy protection will.
Said another way, the USB flash drive becomes a physical dongle to each copy of the digital files. Without the flash drive, the copy protected content will not play.
USB copy protection products are another category of encrypted flash drives you will not find on Amazon.
Calling a USB write protected flash drive an encrypted flash drive is a less common mistake. However, it is worth mentioning because the solution restricts activity to the drive, there is encoding of information to make the product secure.
USB write protection is also called “read-only” and the term means the device cannot be written to… the device is protected from being altered. This is a valuable attribute of a flash drive. In today’s digital world, it is important the content put onto a flash drive cannot be changed or manipulated. This is the value in a write protected flash drive. Once the files are copied to the flash drive it is impossible to edit, format, delete, manipulate or alter the content.
The other unique characteristic of a write protected flash drive is the fact a virus cannot jump onto the drive. By definition the USB is read-only, which makes it impossible for a virus to write itself onto the flash drive and spread.
The write protection scheme does require encoding of data to set the USB flash drive into the state of being read-only. This is where some level of encryption is applied to the USB product.
A USB write protection product is another category of encrypted flash drive you will not find on Amazon.
A USB CD-ROM drive is very similar to a USB write protected flash drive. As with all previous examples, the USB CD-ROM flash drive uses a specific type of encoding to the data to create a flash drive which appears as a CD-ROM when connected to a computer.
From the older “optical days” we know by definition a CD-ROM is read-only, or write protected. This solution uses ISO image files, just like CD and DVD burners to write data to the USB flash drive. The resultant drive is a USB device which appears as a CD-ROM when connected to a Mac or Windows or Linux computer.
Then encoding of information is done at the hardware level of the chip inside the USB flash drive. This chip setting reconfigures the drive to appear as an optical drive. When a customer first receives the flash drive, the USB drive is actually a blank CD-ROM. Once the ISO file is written to the drive, then data will appear, just like that of a CD or DVD.
The USB CD-ROM is valuable because the CD-ROM configuration will take advantage of the Windows auto-run functionality. Meaning, when the USB CD-ROM is connected to a PC, when the user clicks on the flash drive letter in Windows Explorer the auto-run functions will immediately begin. This is a valuable step for software companies who depend on automated installation of their software.
A USB CD-ROM flash drive is another category of encrypted flash drive you will not find on Amazon.
As one can see, there are many different “forms” of encryption and how that encryption technology can apply to USB flash drives. This article also points out that Amazon does not carry and offer every type of flash drive which is useful to so many companies and organizations.
USB flash drive security is a major concern these days and a significant security threat to both consumers and organizations via USB can pose a big problem for those trying to protect their computers and networks.
Thumb drives are convenient because they are small in size and fast with read and write performance making them an ideal device for moving data; however, flash drives can be abused by cyber criminals to infect computers because of their ease-of-use.
Until the Nexcopy Lock License technology was introduced the fundamental way a flash drive works is a benefit for how malware can spread, because all USB flash drives have a read and write status by default. Lock License technology reverses the state of the flash drive – the device is always write protected, or said another way: read only.
Recently, a team of scientists from Liverpool Hope University in the UK created a sophisticated USB device with all sorts of endpoint protection software loaded on the USB drive in the attempt to block malware getting onto a drive.
The Liverpool Hope University scientists said, “If the OS is not configured to restrict and promote the user’s permission on an inserted USB device, then as soon as the USB drive is inserted it can execute default auto run script that can deliver the intended payload to the computing devices and deliver multiple kinds of malicious programs such as viruses, Trojans, Keyloggers, Spyware, Remote Access Trojans (RATs), and so forth to the computing devices.”
However, what these scientist overlooked in their research is the simple fact of making the USB read only.
It is important to understand how a virus interacts with a USB device to fully appreciate the above sentence.
A virus designed to spread via USB has two main goals: First, spread any way possible via USB and second, remain undetected as long as possible. Because a virus is trying to stay undetected the malware will ping any USB device connected upon power up. Once the virus identifies if the USB device is usable, the virus will go back into hibernation. For example, if a USB mouse is connected the virus quickly determines this is a HID device (Human Input Device) and does not have memory for the virus to spread it’s code. However, a virus will ping a USB flash drive and quickly determine it is read/write and will insert it’s code onto the USB flash memory.
With a Lock License USB flash drive, the device is always write protected. This default state of the flash drive means a virus will identify the USB as read only, leave it alone, and got back into hibernation. Malware does not re-examine devices because the more active a virus is, the more likely the virus will be detected.
This is what the scientists at the Liverpool Hope University did not take into account when building their anti-malware device, is the simple fact of removing the “write” capability of the USB flash drive.
With a Lock License drive defaulting to a write protected state, means control of when the USB device becomes writable is 100% in the hands of the User. This means a User can perform all the scans and testing they require before determining the flash drive is clean and making the USB writable. The old ways of how a virus writes itself onto a USB flash drive is gone, because the Lock License USB is read only.
The Lock License technology has two unique characteristics. First, the User must enter an encrypted password to enable the write function of the USB device. Again, this puts total control back into the hands of the user for when write access is granted to the device. Second, the device is always write protected when connected to any system.
Consider the following:
A User enters their encrypted pass code to make the USB writable. Once their data load is complete the User removes the drive. At this point, when the power is cut to the Lock License drive, the default state is now read only. When the Lock License drive is connected to anything again, it is write protected and read only and impossible for a virus to write itself onto the flash drive.
This simple change of manufacturing a drive to always be in a read only state is the game changer against malware and cyber security threats via USB flash drives. Without the USB device being writable, it is impossible for a virus to spread to the device.
Closing Comment
The Lock License drive is a hardware solution. The write protection is not a software setting. There are no drivers to install or software to install. The USB flash drive will always be write protected when connected to any device, such as a Linux computer, Mac or Windows computer, a car stereo or any other host. To make the Lock License drive writable for data loading is only possible on a Windows computer.
Has anyone noticed FAT32 format option is gone in Windows?
Microsoft has not issued an official statement explaining why the FAT32 formatting option is unavailable for storage devices 32GB and larger but we’ve done some digging and came up with a possible answer.
On both Windows 10 and Windows 11, users are typically presented with formatting options for NTFS (New Technology File System) or exFAT (Extended File Allocation Table). The choice to format a drive as FAT32 is missing once the drive exceeds 32GB in capacity.
Since Microsoft has not clarified this change, it’s widely assumed that the decision was made to avoid problems caused by FAT32’s limitations—especially its inability to store files larger than 4GB. As file sizes have continued to grow over the years, this limitation has become more noticeable.
The FAT32 file system cannot handle single files larger than 4GB. This is due to its 32-bit file allocation table, which caps the maximum file size at 4,294,967,295 bytes. Regardless of the cluster size, FAT32 simply cannot address a file above that cluster size.
For users who need to store high-resolution videos, system backups, or other large files, switching to exFAT or NTFS is essential. NTFS, which is the default for most internal drives in Windows, offers better support for large files, access permissions, and journaling. ExFAT, on the other hand, was created as a lightweight, high-capacity alternative for external storage that’s compatible across multiple operating systems. But don’t format USB flash drives as NTFS as we’ve mentioned before.
We think Microsoft removed the FAT32 option for drives above 32GB to prevent user confusion and/or support issues. For example, trying to copy a 5GB video file to a FAT32 drive will result in a frustrating error message. By defaulting to exFAT, Windows helps users avoid this issue without needing to explain file system limits.
ExFAT supports significantly larger file sizes compared to FAT32. In theory, exFAT can handle files up to 16 exabytes (16 million terabytes), although real-world limits are much lower and depend on the device’s implementation. Even so, it’s more than sufficient for most consumer and professional use cases, from video production to large-scale backups.
While exFAT offers excellent cross-platform compatibility and large file support, users should be aware that some older operating systems or embedded devices might not support it natively.
Real Quick: A Brief History of File Systems
The concept of a file system—the method by which data is organized and stored on a storage device—has evolved steadily since the early days of computing.
General Motors needed a file system in the 1950s to help their early computers store and organize large amounts of business data—like payroll, inventory, and production schedules. Working with IBM, they developed one of the first operating systems (GM-NAA I/O) to manage these tasks. It allowed the computer to access and manage files on magnetic tape, making it easier to run multiple jobs and retrieve information efficiently. This basic file system helped move computing from scientific use into real-world business operations.
A few years later, more advanced systems like MIT’s Compatible Time-Sharing System (CTSS) introduced features like named files and user access control. By the 1970s, UNIX and Multics brought in hierarchical directory structures that closely resemble the file systems we use today.
When it comes to making a USB stick read only, or USB write protected, there are two options. The first is the original technology of using a physical switch to toggle on and off the flash drive writing. The more recent technology is a programmatical way to toggle the write protection on and off.
Why write protect a USB anyway?
Great question. There are two main categories of flash drive users;
A) the home computer user and
B) the corporate / business world. The home computer user probably doesn’t care too much about making a USB read only because their environment is trusted. They know who’s had the USB and they know the computers it is being plugged into. However corporate folks definitely care about making a USB read only.
Disclosure: This post contains one affiliate link to Netac products. If you use this link, you may earn a commission at no cost to you.
They have two main reasons why
They don’t want their data changed or manipulated.
They don’t want a virus to spread via their USB; it’s bad publicity and a security risk. Corporations don’t want those headaches.
Surprisingly this review has brought to light the way all flash drives should work.
