TrueCrypt & Linux - by the book

Discussion in 'all things UNIX' started by Prim, May 4, 2013.

Thread Status:
Not open for further replies.
  1. Prim

    Prim Registered Member

    May 4, 2013
    Browsing through TrueCrypt®'s documentation pertaining to use with Linux, I noticed what great care the authors took in accurately describing the proper security procedures and tactics which must be observed with regard to hidden volumes and hidden operating systems; in order to maintain plausible deniability of these volumes and systems.

    I wonder if any (Unix, Linux) users here observe these practices diligently. To be more specific, my reading on began with the section on hidden volumes, then went on to hidden operating systems, which lead me to the necessary security requirements and precautions pertaining to hidden volumes.

    Two areas in particular prompted my inquiry and seem particularly relevant, the first; under the hidden volume precautions section reads:

    "When a hidden volume is mounted, the operating system and third-party applications may write to non-hidden volumes (typically, to the unencrypted system volume) unencrypted information about the data stored in the hidden volume (e.g. filenames and locations of recently accessed files, databases created by file indexing tools, etc.), the data itself in an unencrypted form (temporary files, etc.), unencrypted information about the filesystem residing in the hidden volume (which might be used e.g. to identify the filesystem and to determine whether it is the filesystem residing in the outer volume), the password/key for the hidden volume, or other types of sensitive data. Therefore, the following security requirements and precautions must be followed:

    Linux: Download or create a "live-CD" version of your operating system (i.e. a "live" Linux system entirely stored on and booted from a CD/DVD) that ensures that any data written to the system volume is written to a RAM disk. Mount hidden volumes only when such a "live-CD" system is running. During the session, only filesystems that reside in hidden TrueCrypt volumes may be mounted in read-write mode (outer or unencrypted volumes/filesystems must be mounted as read-only or must not be mounted/accessible at all). If you cannot comply with this requirement and you are not able to ensure that applications and the operating system do not write any sensitive data (see above) to non-hidden volumes/filesystems, you must not mount or create hidden TrueCrypt volumes under Linux."

    The second, from that same page:

    "The computer may be connected to a network (including the internet) only when the decoy operating system is running. When the hidden operating system is running, the computer should not be connected to any network, including the internet (one of the most reliable ways to ensure it is to unplug the network cable, if there is one). Note that if data is downloaded from or uploaded to a remote server, the date and time of the connection, and other data, are typically logged on the server. Various kinds of data are also logged on the operating system (e.g. Windows auto-update data, application logs, error logs, etc.) Therefore, if an adversary had access to the data stored on the server or intercepted your request to the server (and if you revealed the password for the decoy operating system to him), he might find out that the connection was not made from within the decoy operating system, which might indicate the existence of a hidden operating system on your computer. "

    This peaked my interest, "When the hidden operating system is running, the computer should not be connected to any network, including the internet." If this procedure ought to be followed, then what function would users be taking advantage of by creating hidden operating systems rather than regular hidden storage volumes? Perhaps I should not ask, as I am not interested in what kind of sensitive offline-computing others may require such hidden systems for. However, I hypothesize that the average TrueCrypt user might probably intend to use a hidden operating system with the specific intention of connecting to the internet with it, and perhaps storing sensitive data from such online sessions.

    I had conceived of a desktop configuration beginning with an operating system like OpenBSD or Debian, which could utilize TrueCrypt to create a hidden operating system; within which the user would connect to the internet through a VPN. This configuration may be desirable for users whom are not seeking an amnesic system (e.g. Tails, LPS) because they:

    1. Want to store sensitive data from online sessions
    2. Want the stored data to be encrypted and hidden
    3. Do not want to connect to the internet through TOR

    However, after reading through TrueCrypt's documentation, I wonder if such a configuration can be achieved at all. Who here has experience with TruCrypt + Linux, do you observe these aforementioned practices? Can one use a hidden operating system to connect to the internet, and store sensitive data from sessions, yet make sure the hidden operating system remains hidden from the rest of the system?
Thread Status:
Not open for further replies.