Truecrypt bootloader footprint on disk?

Discussion in 'privacy technology' started by bitflipper, Dec 9, 2009.

Thread Status:
Not open for further replies.
  1. bitflipper

    bitflipper Registered Member

    Dec 9, 2009
    Hi guys,

    Does anyone know the disk footprint of the Truecrypt bootloader? I know Truecrypt needs about 32Kb of space at the disk start, so I would guess

    <32KB footprint>
    <1st partition>

    I'm wondering how this will coexist with the GPT, since the GPT's footprint is larger than the MBR ( I'd like to convert back from MBR -> GPT but if this will clobber the Truecrypt bootloader I'll have to wait to truecrypt to start learning the new standard (GPT). I couldn't find these details on truecrypt's website ...

    BTW, I don't like the way Truecrypt's forums are so ... policed. I don't like their licensing either ... wished they'd LGPL it or there was another FOSS that's as good as Truecrypt.


    I recently used Truecrypt to encrypted my entire Windows 7 partition on my Macbook (aluminium) and moved sensitive information over to that partition.

    A GPT based partitioning scheme (with a hybrid MBR).

    After (following Truecrypt's Windows wizard)
    An MBR only :

    The main GPT table at the start of the disk was wiped out by the Truecrypt wizard. My partitions themselves are intact since the GPT and MBR agree on start and end addresses of each partition was well as partition types.
    Last edited: Dec 12, 2009
  2. bitflipper

    bitflipper Registered Member

    Dec 9, 2009
    Anyone? Links?

    Actually getting my GPT tables in place is not just a "good to have" feature, I need it back in place so I can install the EFI firmware update Apple recently issued for the macbooks ... EFI firmware updates work off the 200MB EFI partition before OS bootup, hence need the EFI partition (hence need a GUID formatted hard drive with GPTs in place).

  3. bitflipper

    bitflipper Registered Member

    Dec 9, 2009
    Ok, so with enough time, I answered by own question.

    Here is the footprint on the hard drive, case 1 is with the GPT and case 2 is with the traditional MBR (but with Truecrypt).

    a) I was already in a MBR + Truecrypt world
    b) My partitions are ok and I'm not resizing them (i.e. the start and ends remain fixed through the entire exercise).

    If you've yet to install truecrypt, I HIGHLY recommend you follow the steps below under "Save your GPT tables".

    How I fixed my situation.
    1. I made a backup of the 1st 32KB from my hard drive via
      dd bs=512 count=64 if=/dev/disk0 of=~/Desktop/
      Copied the file from my desktop to a flash drive.
    2. I dumped the MBR state via
      sudo fdisk /dev/disk0 > ~/Desktop/fdisk.output.txt
      I needed this for the start/size/end of each partition
      Copied the file from my desktop to a flash drive.
    3. Based off #2, I remade my GPT tables via gdisk. Google this freeware tool -> download -> install -> run it -> hit help ("?") and read how to make new partition(s).

      *NOTE* This will kill your ability to boot into the system encrypted Windows installation, unless you use the recovery CD. Don't worry we'll work around that below
    4. Installed The EFI firmware update. If the update still complains that you don't have an EFI partition, make sure you have a 200MB partition. This EFI partition needs:
      a. To be the 1st partition but after the first 32kb ( remember Truecrypt will take that leadiong 32kb space!). I left about 20MB as "dead" space just like that ...
      b. Needs to be formatted as FAT32
      c. Needs to have the MBR boot code as "EE"
      d. Needs to be registered in the GPT as a "EFI System" partition (i.e. particular GUID, wikipedia this).
      Anyway, with the EFI update, we want to revert back to the GPT + Truecrypt world so we can boot back into Windows, so we now restore the initial portion of the disk again.
    5. Booted into a Linux Live CD (or try the Leopard Install DVD -> Terminal). I downloaded the SysRescueCD or you can try the Ubuntu Live CD. Then you plugged in the flash drive for the file created in step #1 and #2. I'm assumig your flash drive will pop-up at /media/flash_drive ...
    6. Ran
      dd bs=512 count=64 if=/media/flash_drive/ of=/dev/disk0
    Thats it!

    Save your GPT tables
    You can save yourself a LOT of headache (whole #3 above) if you save your GPT tables BEFORE truecrypt blows them away!

    Save GPT:
    dd bs=512 count=34 if=/dev/disk0 of=~/Desktop/myGPTTables.bin
    Then go ahead and install Truecrypt -> encrypt your windows partition (creating the rescue CD and installing the Truecrypt boot loader) as usual.

    This way when you come to step 3, instead of making the GPT by hand (carefully typing each start and end by hand) you'd simply repalce step #3 with

    dd bs=512 count=34 if=~/Desktop/myGPTTables.bin of=/dev/disk0
    Remember, DON'T resize ANY partitions. Always use the same start/size/end values for each partition else you're going to screw things up ...

    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.