DiskCryptor external bootloader question.

Discussion in 'privacy problems' started by 2ndGen, Jun 5, 2013.

Thread Status:
Not open for further replies.
  1. 2ndGen

    2ndGen Registered Member

    Joined:
    Jun 5, 2013
    Posts:
    7
    Location:
    Switzerland
    I am using DiskCryptor to encrypt partition where is my Windows OS, and i write the DiskCryptor bootloader on USB, it all works, but when i boot without USB, the PC attempts to load the encrypted OS and shows error...
    How i can remove the encrypted OS from PC boot ?
    Also if i install second OS on other partition will that damage my setup somehow ?

    I need someone to explain me these things, thanks in advance.

    My PC has Ivy Bridge CPU so UEFI is used.
     
  2. 2ndGen

    2ndGen Registered Member

    Joined:
    Jun 5, 2013
    Posts:
    7
    Location:
    Switzerland
    none knows lol ?
     
  3. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Well first of all, I wouldn't be surprised if people weren't as famaliar with DiskCryptor. Any reason you're not using TrueCrypt?

    Second, it sounds like you're saying you encrypted the partition that has the OS on it, and installed the DiskCryptor bootloader on an external source...and it works when you have the external source containing the bootloader connected to the system, but when you bootloader is not present, the encrypted OS cannot be read.

    Well. Imagine that. You do realize what a boot loader is, and what it does, right?


    By giving the system a different OS to boot from.


    If you don't know what you're doing, it can. You'll need a multi-booting boot loader.

    If you don't mind, what exactly are you trying to do?
     
  4. 2ndGen

    2ndGen Registered Member

    Joined:
    Jun 5, 2013
    Posts:
    7
    Location:
    Switzerland
    I dont use TrueCrypt because its not fully open-source(lets pls not offent on which is better).

    I want install OS on second partition, and since the first partititon is encrypted and bootloader is on external source, there wont be way to prove that on first partition reside OS right ?

    EDIT: I dont want to be able to read the OS, without the USB, thats the point, i dont want EFI to even try to load it.
     
  5. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    I'm only asking because you'd have a much easier time getting help with a program that is more widely used.

    (And for what it's worth, the original complaints about the TC license referred to v2.5...it has been updated multiple times since then and is now on v3.0, and according to at least some people, the problems cited have been corrected.)

    Rick Moen comments (2009): A close reading of the current TrueCrypt License Version 2.7 suggests, in my opinion as a software licensing geek, that TrueCrypt Foundation has now managed to fix all the problems cited by Red Hat Legal (relayed by Tom Calloway), the Ubuntu packagers, Debian developers, and Gentoo developers.

    The cited Fedora wiki page still claims that the licence is still proprietary, but that judgement seems (my best guess) to concern an earlier licence version, probably 2.5.

    TrueCrypt License remains unapproved by OSI (because it's Yet Another Regrettable One-Off Licence, and more to the point hasn't been submitted for certification), but in its latest version nonetheless appears to be fully compliant with the Open Source Definition. ​


    To be honest, I'm not too sure of that. Initially one might want to say "yes", given that the entire partition is encrypted. But I can't be too sure there aren't side-channel ways to essentially prove there is an OS residing there. In other words, obviously if it's encrypted, no one should be able to access it...but that doesn't mean they can't piece together data that they can access and determine there is an OS there.

    This is the point of the Hidden Operating System functionality of software like TrueCrypt. Using that process, if you follow the protocol properly, there would be no way to prove the OS exists.

    I realize you essentially said you're against TrueCrypt and don't want to hear about it, but the documentation on HOS describes how it's possible to hide the operating system.

    If you have a problem with the limitations of a piece of software you're using, you might consider using something different.


    Then obviously you need to set the machine to boot from some other location, don't you?
     
  6. 2ndGen

    2ndGen Registered Member

    Joined:
    Jun 5, 2013
    Posts:
    7
    Location:
    Switzerland
    I dont like the TC method, also TC is much slower than DiskCryptor, with AES-Twofish-Serpent with Diskcryptor i work on my PC flawlessly, and if i do that with TC its not workable anymore.

    On vmware i can install EFI, to try to same setup to see if it gonna work before trying it out of vm ?
     
  7. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    No idea how DK works at all, but life would probably be easier if you could install DK on the second partition, booting off of external. Then install 'regular' OS on 1st partition, where it should boot fine. You should have to manually select DK, or else the regular OS should just boot.

    But Again, I've never used DK at all.

    PD
     
  8. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    Isn't the error the same as you would get with an unformatted drive? Something along the lines of "No Operating System found"? If so, I don't know how you avoid that without giving the BIOS something to boot from. I don't have an exotic multi-boot setup like you're trying to achieve so I can't help you there. It might be best to get something working pre-encryption first and on a system you can afford to mess up a few times along the way.

    I agree with all of your reasons for using DiskCryptor instead of TrueCrypt. It really is just better for encrypting system and other attached partitions.
     
Loading...
Thread Status:
Not open for further replies.