Tomm
09-07-2009, 08:59 AM
Hey,
Just used truecrypt to encrypt my boot drive with a hidden OS. Took me two attempts because the first time I screwed it up by creating wrong sized partitions :P
Anyway, you just install the OS like normal (I did it on a clean drive since it was time for a OS reinstall anyway :P) on the first partition and leave the second partition alone (The second partition needs to be atleast 110% larger than the first one). Once you have installed the OS and activated it (Truecrypt complains if its not activated for some reason) you launch truecrypt and select create hidden operating system. Once you've typed in a password for the outer volume (The password you give away to people who you don't want to see the OS - insted it will show them some confidential looking files inplace of the OS) it formats it and prompts you for a password to the hidden volume which the OS will moved. Once you have created a 20+ character password (It gives you a scary looking message if you enter a password less than 20 characters) it prompts you to reboot the PC. Then you just need to enter the password for the hidden volume and the bootloader copies & encrypts your boot volume into the hidden volume. Then when you are back booted into the hidden operating system truecrypt gives you a number of options of how you want to overwrite the original unencrypted 1st partition (1 pass, 3 pass, gutmann, etc.)
Although until you install the decoy operating system into the now clean first partition truecrypt will throw a fit when you start up the hidden operating system, again you are free to reveal the password to boot the decoy operating system if you are forced to disclose the password.
So far I have not noticed any performance impact what so ever as i'm pritty sure my CPU can encrypt data at a much, much higher speed than my hard drive can handle :P Only problem is while in the hidden OS it forces drives on your computer that are not encrypted and in a hidden volume to be mounted as read only. Also you "lose" quite a bit of space on the hard drive. On my 230gb (real size) hard drive while in the hidden operating system I only have a total of 68.2GB of space avaliable and in the decoy operating system I have another 68.2GB of space avaliable (Both the hidden&decoy OS use the same sized boot drive and appear to boot from the same partition but the truecrypt driver redirects writes to the hidden boot drive into the hidden volume within the 2nd partition). All the other space is completly unavaliable in both the hidden and decoy OS.
Thanks,
Tom
Just used truecrypt to encrypt my boot drive with a hidden OS. Took me two attempts because the first time I screwed it up by creating wrong sized partitions :P
Anyway, you just install the OS like normal (I did it on a clean drive since it was time for a OS reinstall anyway :P) on the first partition and leave the second partition alone (The second partition needs to be atleast 110% larger than the first one). Once you have installed the OS and activated it (Truecrypt complains if its not activated for some reason) you launch truecrypt and select create hidden operating system. Once you've typed in a password for the outer volume (The password you give away to people who you don't want to see the OS - insted it will show them some confidential looking files inplace of the OS) it formats it and prompts you for a password to the hidden volume which the OS will moved. Once you have created a 20+ character password (It gives you a scary looking message if you enter a password less than 20 characters) it prompts you to reboot the PC. Then you just need to enter the password for the hidden volume and the bootloader copies & encrypts your boot volume into the hidden volume. Then when you are back booted into the hidden operating system truecrypt gives you a number of options of how you want to overwrite the original unencrypted 1st partition (1 pass, 3 pass, gutmann, etc.)
Although until you install the decoy operating system into the now clean first partition truecrypt will throw a fit when you start up the hidden operating system, again you are free to reveal the password to boot the decoy operating system if you are forced to disclose the password.
So far I have not noticed any performance impact what so ever as i'm pritty sure my CPU can encrypt data at a much, much higher speed than my hard drive can handle :P Only problem is while in the hidden OS it forces drives on your computer that are not encrypted and in a hidden volume to be mounted as read only. Also you "lose" quite a bit of space on the hard drive. On my 230gb (real size) hard drive while in the hidden operating system I only have a total of 68.2GB of space avaliable and in the decoy operating system I have another 68.2GB of space avaliable (Both the hidden&decoy OS use the same sized boot drive and appear to boot from the same partition but the truecrypt driver redirects writes to the hidden boot drive into the hidden volume within the 2nd partition). All the other space is completly unavaliable in both the hidden and decoy OS.
Thanks,
Tom