I had an old hard drive I wanted to use as a secure, cross platform file transfer device, so I thought of TrueCrypt and UDF. Unfortunately, TrueCrypt for MacOS only supports formatting drives as Mac OS Extended and TrueCrypt for Windows only supports NTFS and FAT32. I ended up using TrueCrypt for Mac OS and the Mac’s command line formatting utility.
Login as an Administrator
Connect the drive you want to protect with TrueCrypt
Open TrueCrypt and create a TrueCrypt Volume like normal, but select "None" when asked to select a filesystem
Wait for the encryption to complete
From TrueCrypt, click the "Select File…" or "Select Device…" to select your newly encrypted volume and click "Mount"
Enter the password and any other authentication credentials required for the Volume. Check "Do not mount" before clicking "OK"
Back in the main TrueCrypt window, select the Volume and click "Volume Properties…"
Record the Virtual Device value. In this case "/dev/disk3"
Open a Terminal window
Run sudo newfs_udf /dev/disk3 to format the TrueCrypt volume with the UDF filesystem
From now on, the UDF filesystem will automatically be mounted when mounting the TrueCrypt volume on Window or Mac OS
If you’re using Google Chrome on Windows, it is pretty easy to launch Chrome with these command line options. This assume you are launching Chrome from your start menu, an icon pinned to your taskbar, or a shortcut you created somewhere else. Note: You must do this for each shortcut you use to launch Chrome.
(taskbar only) Right-click on the Chrome icon
Right-click on your shortcut, in this case "Google Chrome"
Click on "Properties"
In the "Target" field, move the cursor all the way to the right (past chrome.exe) and add the switches you want to use.
For example, adding --ssl-version-min=tls1 disables SSLv3.0:
Windows comes with a small list of trusted CAs installed but automatically imports CAs as necessary from the Microsoft Windows Update service (Windows 7 Home Premium SP1 64bit for a while, I figure I’d imported all of the CAs I really need I figured I could mitigate the risk of forged certificates (e.g. Iraq/Gmail, Diginotar) by ensuring I don’t import any additional CAs. Sure the CAs I already trust could be compromised, but this significantly reduces the attack surface.
For Windows 7 Processional and Ultimate, Microsoft provides instructions for disabling Automatic Root Certificates Update using the Group Policy Editor; however, the Group Policy Editor cannot be installed on Windows 7 Starter and Home editions. If you have Windows 7 Starter or Home, or don’t want to deal with the Group Policy Editor, a simple registry update will turn Automatic Root Certificates Update off or on.
Note: You must be an Administrator to make any of these changes, and if you have a Group Policy set for Automatic Root Certificates Update, it will overwrite your registry changes.
I’ve created three .reg files you can download, and open to automatically update the correct registry keys: