Truecrypt questions

Does anyone have any opinions on how much security (if any) is obtained by
(a) encrypting the system drive/partition
(b) creating a hidden operating system

Are these procedures risky? I.e. are they prone to corrupting the system drive/partition? I'm not even sure what (b) does.

 

A TC encrypted system drive provides AFAIK a very high level of security. But there are several provisos. First, you need to use a strong and well structured password. Password length preferably 20+ characters and free from actual words anywhere within the pass (suggest that if you feel you must use words, you should strongly and uniquely misspell any such words, phonetically or otherwise). Second, you must physically secure your system. particularly when logged into TC. This means that at a minimum you should either turn off computer when you leave it alone for more than a few minutes and/or enable hibernation to kick in if computer isn't used for any short period of time (hibernation will actually turn off computer and require TC login to restart system).

As to hidden operating system, it is highly secure if used per operating instructions -- and that means read, reread, and reread again, the instructions and warnings in the TC documentation. Essentially the hidden operating system provides enhanced protection for those situations where the user is concerned that user might be forced (by law, physical coercion, or otherwise) to admit existence of TC operating system and to give adversary access to encrypted system. As I recall, the hidden operating system stems from a desire to improve security of alternatives such as virtual operating system installed within TC encrypted system, and ensures that the encrypted Windows system is prevented from recording any traces of activities carried out within the hidden system.

With a hidden operating system, care must be taken not to overwrite the hidden system. It cannot be overemphasized that you need to read, reread, and reread again, the hidden operating system instructions and warnings in the TC documentation to achieve security and safety.

EDIT Please note a WARNING regarding hibernation. In particular, hibernation is only safe when used within encrypted system operating sessions. In such cases the hibernation data written to your hard drive will be fully encrypted and useless outside of the encrypted system. On the other hand, hibernation is extremely dangerous if used with normal Windows system where TC encrypted containers (partitions or files) are used. In these cases, the hibernation data written to your hard disk is not encrypted and can actually reveal your TC passwords to anyone who examines the hibernation data. END EDIT

__

 

Thank you S.B. So my take on what you said is that to prevent compromise of the TC keys/data, I should either encrypt the system partition or make sure that the TC volumes are set to automatically close before any hibernation occurs.

 

To be safe, IMO hibernation should only be used with TC when system is encrypted. Just too risky to use hibernation otherwise IMO.

__

 

"Evil Maid" Attacks on Encrypted Hard Drives