TC:unencrypted decoy OS and an encrypted OS question?

Discussion in 'privacy technology' started by manish88123, Jul 5, 2013.

Thread Status:
Not open for further replies.
  1. manish88123

    manish88123 Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    4
    Location:
    us
    I dont have much technical expertise like most of you guys on this forum,so please bear with me if my questions look noobish to you :(

    I read through the TC manual but still i need some help from you guys.

    I want to have an unencrypted decoy OS and an encrypted OS(not the Hidden OS,as it will be the only encrypted OS in my system,so making it hidden won't make any sense,right?).

    I have 4 partitions on my hard drive:
    HardDisk0/Partition1 size:30GB (Decoy unencrypted OS should be installed on this,right?)
    HardDisk0/Partition2 size 30Gb (encrypted OS should be installed on this,right?)
    HardDisk0/Partition3 200GB ,Data Partition,NTFS
    HardDisk0/Partition4 200G , Data Partition,NTFS

    the approach i am thinking about is: first i should format partition1 and partition2 from windows CD and then install windows 7 on partition2,once installed,boot in it,install TC and encrypt this partiton2 OS using normal mode(not the hidden OS creation wizard).TC will encrypt this OS and write its bootloader and present me a recovery.iso file,which i can use to make bootable CD and boot into this partiton 2 OS,right?.now i should pop in the windows CD again and this time install Windows 7 on the Partiton 1(this installation will overwrite the TC Bootloader with the windows bootloader,right?).

    after all this i should have an unencrypted OS in partition 1 and an encrypted OS in partition 2 but since TC bootloader is gone now,on system startup partition 1 decoy windows will boot by default,right?

    This way i can have an encrypted OS and still people wont know that i am using encryption which is the case when you use decoy and hidden OS,both encrypted.

    now couple of more question:
    1.is there anything wrong in my approach for what i want to achieve?

    2.i can use recover.iso image to write a bootable cd or usb and boot from it to boot my encrypted OS on partition2?will it work?(since encrypted OS on my partiton2 is not the Hidden encrypted OS,it is a normal encrypted OS and TC expects a hidden encrypted OS in partition2 and a normal encrypted decoy OS in partition1)

    3. is there any way i can keep the decoy OS boot by default and still being able to boot into encrypted OS without using bootable CD which has TC bootloader,like if i press a particular key on system startup then it will present me TC bootloader else it will boot into decoy OS by default.it would be great if i can boot into both windows without needing bootable CD/USB,because if someone finds that bootable CD in my system then he can easily guess that i have a TC encrypted OS in my system.

    4. can i read and WRITE data to partition3 and partition4 when i am in unencrypted decoy OS? and when i am in encrypted OS?(since TC manual told me that i wont be able to write to other partitions in case i install a hidden encrypted OS)

    5. any security risk in keeping decoy OS unencrypted.
     
  2. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I have never done it that way, so let us know how it goes! :D

    Actually, I *really* think you are making it more complicated than it needs to be. The NUMBER ONE reason being: You have no plausable deniability with a "regular" TC install. The Hidden OS Wizard creates an Outer (for decoy files) and Hidden (for OS) volume. Your way, what are you going to do when they ask about a partition of random data? It's nice to be able to say "ok, ok, you got me...here's the pass to my wife in a bikini pics" :D Just do the Hidden setup and stop after the cloning and wipe of partition 1. Carry TC portable on a USB, to get into the Outer volume.

    Yes, without going into the BIOS, and booting off of your external device with the TC Rescue ISO on it, the un-encrypted decoy will boot.

    No, you need the external device to boot.

    Good point about your other partitions...I wouldn't think you can write to them from the Hidden OS...but I wouldn't want to - leakage. I'd just get one huuuuuuge hard drive with 2 partitions.

    If you need to write to all (Hidden OS will still write to a network share, BTW)...then you need to figure out how to do it your original way.

    ALL OF THIS is unsupported, so YMMV. But it was gone over in the TC forum and I think it worked out that there were no security problems that any normal users could see. See what Dantz says and maybe reply to that topic on the TC forum.

    PD
     
  3. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    Truecrypt can probably do what you want, but if not, or just for benchmark comparison, take a look at DiskCryptor too. Here are a few of its advertised features:

     
  4. manish88123

    manish88123 Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    4
    Location:
    us
    @PD yes,making it hidden OS is also an option.and i don't think my approach is more complicated that the one you suggested,which i guess is the default TC approach.both does more or less the same thing.

    still i would like answer to these questions:
    1. can i write data to partition 3 and 4 from decoy unencrypted OS?TC encrypted normal OS? TC encrypted hidden OS?

    2. can TC bootloader boot a normal TC encrypted OS present in partition 2,since it would expect it to be a hidden TC OS in partition 2 ,so i think the the position where it would look for header,keys and stuff would be different than what it should have been for hidden OS.or should i just use partition 1 for normal TC OS and partition 2 for unencrypted decoy OS.i hoooope i am clear(english is not my first language :()

    3. i read it in TC help guide that you can make TC bootloader hide any sort of text during pre-boot authentication,even if you enter wrong password,screen will just appear to be frozen.i guess that might work,and if i needed to boot into decoy OS i will just enter [Esc] and it will boot into decoy unencrypted OS,right?.
    yes,there will be TC bootloader present in the first sector and experts can figure out that it means TC OS is present somewhere but computer forensics is not that advanced in my country and i doubt they will go looking around in the bootloader.

    i would love to clear these things before i jump into the TC OS pool :)
     
    Last edited: Jul 5, 2013
  5. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Ok, but realize that if you are compelled to give a password, the only one you can give, your way, is the actual encrypted OS' password.

    1. You should be able to write to any partition that Windows can see from:

    The unencrypted decoy, and a 'regular' TC install. A Hidden OS can only write to local Hidden Volumes or network shares. Be advised that the decoy will report any encrypted partition as RAW, and want to format it. Go into Disk Management and hide that partition from Explorer...or bad things can happen :D

    2. The Rescue Disk contains all the info on what it needs to boot. I guess if you can manage to install a regular TC install on partition 2, make a rescue "disk", and put it on a USB or SD Card...it should work BUT YOU WILL HAVE TO TRY IT, 'cuz I have never done it the way you want. You need the Windows Boot Loader on partition 1, to auto-boot the decoy, so I don't think decoy on p2 will work.

    3. I thought you wanted an external boot loader? There is no hidden text option with that. You get GRUB commands on screen and can modify what it says, but nothing is hidden. The point is to not ever have to turn over the boot loader - you eat it :D

    If you have your boot loader on your disk...and you have no encrypted OS in a Hidden container, with a fake outer volume - why not just do a bone stock TC Install or Hidden OS process? You have no plausable deniability with the way you are talking, IMO. You're just going to have to try it, I don't think anybody has done what you are asking above. Maybe ask on the TC forum? Good luck!

    PD
     
  6. manish88123

    manish88123 Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    4
    Location:
    us
    yeah that's what i thought.unencrypted decoy OS will surely be able to write to other partitions,but still i have my doubts about normal TC OS,i guess i just need to play around with TC for some days to get sure shot answers..and i know how to take care of RAW partition...i am using TC for many years,i know that much about it. :)

    yeah ,again it will need some trial and errors.and windows or any other bootloader in not in partition 1,it is at the beginning of drive,very 1st sector on the drive,before partition 1,and this 1st sector stores information about which is active partition and where to boot from,so decoy OS can be in partition 1 or partition2,it wont matter,i hope so :)
    i wanted an external boot loader but what if someone finds a TC bootloader CD in my CD-drive,that would be more worse than TC bootloader on my hard drive(only iffff there is an option to hide all text from TC bootloader screen)...
    and i dont get your "There is no hidden text option with that" comment...do you mean no hidden text option in external TC bootloader or we cant hide text in bootloader present on hard drive also,because i read somewhere that TC has an option to hide text and look frozen.

    plausible deniability is good but if you can completely hide the fact that you are using encryption at all than that is much better.as i said computer forensics is not that advanced in my country.so if i just show them decoy OS,then there is a good chance for them to believe me that it is the only OS on my system and that TC encrypted partition2 OS is just recovery partition.....but if i start showing them my decoy TC OS ,then 5$ wrench can make me tell them everything i know,outer,inner,hidden,unhidden,everything......i want to act stupid who doesn't know much about computers or encryption.
     
  7. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    CDs are too big and slow imo. why not just use a mini-USB drive to boot or an SD card (via a USB adapter or directly if your computer has a card reader). there's a program called predator that looks for a file on a designated flash drive or SD card, and locks/unlocks the computer as the flash drive or SD card is removed/inserted. it's mainly for convenience so you can quickly and conveniently lock/unlock your computer without having to enter a password, but it could be useful for you too and you could use the same flash drive or SD card as the boot key. if you used a microSD card you could even swallow it easily in an emergency (of course make sure you have a backup stored somewhere safe - predator free version lets you create two separate flash drive keys).
     
Loading...
Thread Status:
Not open for further replies.