What’s your best defense against a boot CD that breaks Windows passwords in two keystrokes? Encrypting your entire hard disk. Shannon’s got the details on truecrypt drive encryption while Darren brings up plausible deniability with hidden volumes.
Encrypting your entire hard drive
Truecrypt is an open-source, free program for everyone.
Download the latest version of Truecrypt.
Open Truecrypt and choose ‘Create Volume’. Choose ‘Encrypt entire hard drive’. Then, you will choose whether you single-boot or multi-boot your machine.
On the encryption options, I just choose AES because it is the default setting, and it’s a very strong encryption.
Next you will choose a password. This option is neat because it actually gives you a small notice saying that a password with less than 20 characters is easier to break than one with more than 20.
On the next page, you must randomize your data. You must move your mouse around in the box of algorithms to create a very randomized clump of data. The more randomized, the better encrypted.
Truecrypt will make your create a rescue disk. This is easy if you have a cd burner already installed in your tower. If not (if you have a netbook), you must create the rescuedisk.iso and burn it onto a flashdrive or something of the like. You are basically making Truecrypt think you have a cd burner and are burning the cd, when instead, you are just sticking the iso on a USB flashdrive.
For my netbook, I used WinCD Emu. WinCD Emu emulates the burning of a cd, so Truecrypt thinks you’ve finished this task.
Truecrypt will ask you to wipe your drive, and I just choose none since I don’t really need to. Next you must go through a pretest. Your computer will restart and a Truecrype login screen will appear before the windows login (this is why Konboot wouldn’t work!). If everything goes well and the pretest completes with no problems, you can begin encrypting. Encryption takes a LONG time, so be patient! Once it’s done, it’ll prompt you, and you’re finished!
For a more in depth step by step, go here.
And as always, you can email me at firstname.lastname@example.org!
Plausible Deniability with Hidden Truecrypt Volumes
Plausible Deniability basically means being able to deny awareness of something. For a more rich explination check out Wikipedia’s article on the subject, it’s quite interesting.
In regards to Truecrypt, our subject of the week, Plausible Deniability referrs to the ability to hide encrypted volumes within encrypted volumes. Since it cannot be proven that a hidden volume exists within a truecrypt volume.
Hidden volumes can contain just about any data, including entire operating systems. It is important to note that the sectors of a hidden volume do not change over time. If an adversary had access to the outer volume contents over a period of time the existance of a hidden volume could be proven if files were never read or written to or from these sectors.