I was under the impression that when you remove the pre-boot authentication text from the TrueCrypt Boot Loader that it was gone (no indication that my hard drive used TC whole disk encryption). Apparently, that is not the case:

http://16systems.com/TCHunt/TCBoot/index.php

The screenshots show how to manually delete the string. Seems to work OK. Is there a reason not to delete that string? Maybe TC updates need it or something?

Thanks

There's no way you can hide the TrueCrypt bootloader from a knowledgeable person who examines your hard drive with the proper tools, since large portions of the bootloader code are easily identifiable and can't be changed without destroying their functionality. The presence of TrueCrypt bootloader code, followed by a large, fully encrypted partition, would indicate with almost 100% certainty that you have encrypted your system drive with TrueCrypt.

Perhaps editing a few of the easily identifiable text strings would fool a computer neophyte, but I doubt if many neophytes would be examining your hard drive with a hex editor in the first place, wheras most forensic examiners would be knowledgeable enough to see right through your little diversion. Don't underestimate your potential adversary.

Dantz is right, and because there's no plausible deniability of TC being used if you're using system encryption, TrueCrypt developed the Hidden Operating System option (http://www.truecrypt.org/docs/?s=hidden-operating-system). It does provide plausible deniability. Which just to clarify, means there is no way anybody can prove you are using the Hidden OS feature.

It may be that you cannot hide the presence of the TC bootloader. The next best thing might be to remove it altogether? You can use the rescue disk 'Repair Options' to:

(1) restore original system loader (say 'yes' when it asks if the partition is decrypted!)
(2) restore key data

From then on, you have to use the rescue disk every time to boot to the encrypted system partition. But at least the hard drive itself does not contain the boot loader...you could easily have "wiped the hard drive in preparation for a reinstall".

(As a further step, if your PC supports booting from USB, you could install the TC bootloader to a USB drive, with the result that you can only boot to the system partition when that USB drive is inserted.)