Which filesystem for shared Linux Windows Truecrypt hard disk

Discussion in 'encryption problems' started by wilder7500, Jan 23, 2015.

  1. wilder7500

    wilder7500 Registered Member

    Joined:
    Dec 30, 2013
    Posts:
    58
    Location:
    USA
    I have some Truecrypt disks I want to use on both Windows and Linux. Which file system would be the best choice?
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    We need more information to give you a complete/educated opinion. If you want to use hidden volumes than you have two choices for the outer volume file system; Fat32 or NTFS. Pro's and Con's for both, so mission would be your determinant.

    Selecting whether the TC disks/volumes are device based OR file based introduces different security implications. Those implications can be addressed as needed by filesystem selection. Some filesystems that "hold" file based TC volumes can reveal MUCH about what goes on inside an encrypted volume. That information is still there "outside" when the volume is closed/dismounted. Device based volumes remove virtually all these concerns, but then other volume management concerns arise.

    Can you describe your needed mission, other than obviously wanting to keep your data private?
     
  3. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    As Palancar said, it really depends on your need and value. Problems journaling file system such as NTFS have is well described in TrueCrypt user guide, so read it firstly (in latest version, around pp. 94-95). Also remember Microsoft haven't shown (and won't) details of NTFS.
    OTOH, FAT don't have access control like NTFS have. It can be security risk when, say, you use Chromium while keep those drives mounted as Chrome sandbox which depends on those access control can do nothing against FAT drive.
    Most Linux can access NTFS too, though some OS such as CentOS requires additinal component for that, IIRC.
     
  4. wilder7500

    wilder7500 Registered Member

    Joined:
    Dec 30, 2013
    Posts:
    58
    Location:
    USA
    I was planning on doing one HDD that has hidden voulme and one standar TC HDD, so the answer would be both. The HDDs will not contain any OS just data. I just want to choose the most secure, don't care if it's EXT or NTFS. I guess you can get a program that reads EXT4 in windows. I have had some problems with NTFS HDDs becoming corrupted in linux, you have to fix them in windows to make them work again.
     
  5. wilder7500

    wilder7500 Registered Member

    Joined:
    Dec 30, 2013
    Posts:
    58
    Location:
    USA
    So you are leaning more towards EXT4?
     
  6. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    No, tho there're surely some 3rd party driver to mount Ext4 on Windows, for me they are just another security risk factor especially when matter is those sensitive things. Ext4 is good on Linux as you can control its journaling function via OS, but they also don't have access control on Windows (same as FAT32 on Win). I use NFTS as FAT32 don't support more than 4GB files which I need, besides for my threat modeling sandbox bypass is real threat tho I usually don't use internet while mounted (I never trust myself). But my modeling don't consider state-sponsored actor or such advanced attacker who can even have physical access, and I guess many people here take those threats as more real thus will be more serious about NTFS' problems than me. So things depends on your threat modeling, and there's no such thing as almighty security in this universe.
    I mount encrypted container only in virtualized desktop with Toolwiz TF so theoretically there shouldn't be logical traces, tho there'll be physical traces on disk.
     
    Last edited: Jan 28, 2015
  7. wilder7500

    wilder7500 Registered Member

    Joined:
    Dec 30, 2013
    Posts:
    58
    Location:
    USA
    BTW Would my disk be more resilient if I used GPT instead of MBR? Remember this drive doesn't contain any operating system just data. The disk is 2 TB.
     
Loading...