TC hidden volume "protection"?

Discussion in 'privacy technology' started by durstan, Mar 5, 2011.

Thread Status:
Not open for further replies.
  1. durstan

    durstan Registered Member

    Joined:
    Mar 5, 2011
    Posts:
    3
    I'm a bit unclear on TrueCrypt's hidden volume protection. When I mount an outer volume with hidden volume protection, I get a stern warning not to write to the hidden part of the outer volume (contiguous at the end of the outer volume, I believe). This is an odd restriction, since my OS chooses where to write things, and I can't specify what sectors to use! Does the hidden volume protection actually prevent my OS (Win7 / WinXP on different machines) from writing to those sectors? Or does it just warn me if I try to write to them, in which case the changes to the outer volume are not saved? If that's the case, of course, the "protection" of the hidden volume comes at the cost that I will lose data to the outer volume if I try to write to the hidden sectors. Since Windows reports the whole size of the outer volume available -- whereas half of it should be hidden -- I believe this is the case.

    If that's true, it seems that using outer and hidden volumes is not really reliable. Any comments? Am I missing something?

    thanks.
     
  2. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    It does protect the hidden volume. You can easily test this for yourself. Just create a small file based volume with a hidden volume. Protect the hidden volume and add a bunch of files. See for yourself how it behaves. It's easy to test.
     
  3. durstan

    durstan Registered Member

    Joined:
    Mar 5, 2011
    Posts:
    3
    Thanks, but you missed my point, or I wasn't clear enough. It does protect the hidden volume, but at the cost of data written to the outer volume. Therefore, I can't use both the hidden and the outer volumes. The outer volume is essentially for decoration, but is not useful since it can't reliably be written to, since its data will be lost if it conflicts with the hidden volume.

    Is that correct? It's a shame, because I'd thought I could use both volumes (outer and hidden). For example, real "protection" might mark the hidden volume sectors as bad disk sectors, so that the OS would not even attempt to write to them.
     
  4. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    Yeah, you can't use the outer volume completely normally. But it's not as bad as you're making it out. You just have to make a conscious effort not to encroach on the hidden volume. TrueCrypt, in years past, didn't even offer this protection. You had to know where the hidden volume was and make sure not to overwrite it. If you made a mistake, it was gone.

    It's easier with a FAT32 outer volume than an NTFS outer volume, from my experience, because with FAT32, data is written sequentially during the first write.
     
  5. durstan

    durstan Registered Member

    Joined:
    Mar 5, 2011
    Posts:
    3
    Ok, thanks. I've been trying it with a FAT volume and I find that I get conflicts reported long before I expect to hit the hidden part of the volume -- so I'm not sure if it's really sequential, though that's what I'd expect. In any case, since my outer volume will have a lot of data written, I think the risk is too high. (In this case, since I know the hidden protection works, I'm concerned with the risk of losing outer volume data.) I'll use another method, I think.

    Thanks again.
     
  6. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    Well, feel free to stick around and let us know what you eventually decide to do. That's how we all learn.

    I personally don't fill outer volumes with anything important, so any loss there wouldn't bother me. And I don't use it in a way that would encroach on the hidden volume (i.e. many file deletions and file additions).

    The thing is, I'm not sure what you want to accomplish. Since you're copying data into the outer volume from somewhere else, presumably if you were to encroach on the hidden volume, you could just start all over again with the single file that was corrupted. In other words, because you were copying/downloading the file from somewhere else, that file that put you over the top would be corrupted, but I don't believe anything else that was successfully copied would be.

    That's my understanding anyway, so I don't think corruption would lead to any huge loss. But I can't say for certain about this. I've only conducted a few tests, and intuitively it makes sense. But if someone knows for certain, feel free to correct me.

    Regarding the sequential data write on FAT32, usually I can get very close to all of the theoretically available space, though sometimes I've noticed that I get significantly less. Not sure why on this either. If you delete files, I believe that space is skipped over in future writes, so you don't really get that space back.
     
  7. CasperFace

    CasperFace Registered Member

    Joined:
    Jul 31, 2010
    Posts:
    200
    If your outer volume is able to acknowledge the existence of the inner hidden volume, it defeats the purpose of having a hidden volume in the first place. In that case, you might as well just use a regular (non-hidden) container file for your inner volume instead.
     
Loading...
Similar Threads
  1. rpk2006
    Replies:
    1
    Views:
    260
Thread Status:
Not open for further replies.