Hard Drive Encryption

Discussion in 'Synthetic Drugs' started by binary shadow, Dec 26, 2008.

  1. binary shadow

    binary shadow Visitor

    Truecrypt for Windows

    What it is

    Truecrypt is a free and open source encryption program. It can be used to create securely encrypted shell files, securely encrypt entire partitions and drives and even create hidden operating systems. Truecrypt has built in features that allow for plausible deniabilty by giving you the ability to create hidden sections of encrypted areas.

    What you need to get

    You will need to get the truecrypt program, which can be found at the following location www.truecrypt.org/downloads.php

    Install it

    The installation is self explanatory.

    Encrypt your entire Hard Drive

    1. Launch Truecrypt 6. From the top bar, select system and from the drop down list select encrypt system partition/drive. A new window will pop up.

    2. Leave "Normal" checked and click next. Leave "Encrypt the whole drive" checked and click next.

    3. Depending on your computer set up you may want to pick yes or no for "encryption of host protected area". If you have a laptop with a "system recovery" feature like usually comes pre-installed on store bought laptops, you will probably not want to encrypt this area. If you have certain raid configurations that require tools/data to be booted before the OS is booted, you should not select to encrypt this area. If you use system diagnostic tools that must be booted before the OS, you should select no. I you have a standard set up computer that boots directly into the OS (after the standard things, bios etc) then you should select yes to encrypt this area.

    4. Click next and wait for Truecrypt to finish scanning for hidden sectors.

    5. Select the appropriate option, depending on if you dual boot (you use more than one OS on the same system) or single boot (You have only one operating system installed).

    6. Select your algorithm. AES-256 is the standard algorithm used for encryption of top secret documents. The name of the algorithm is actually Rijndael, AES is a title it "won" which stands for the "Advanced Encryption Standard". Another encryption algorithm that participated in this competition was Serpent. Although Serpent did not win the competition, it rated significantly higher in security. Serpent-256 is more secure than AES-256, but it is much slower to encrypt and decrypt which is why it lost the competition (the algorithms were tested for security, speed and other criteria. Rijndael was the best over all, Serpent was the best for security). AES is usually around two to three times faster than serpent. You are unlikely to notice much of a performance hit using either form of encryption, unless you do high intensity activity that requires the hard drive to be written to a lot. I have heard people having some slight performance hits with some high intensity games using AES, the performance hits would have been a good deal more if they were using Serpent. But this depends a lot on your systems quality as well. Also transferring large files back and forth between media and your hard drive may take a while longer with Serpent than it will with AES, and a while longer with AES than it would with no encryption. But it shouldn't really be hugely noticeable either way unless you frequently toss multi gig files from drive to drive, or you play very intense games. If you do require a fast hard drive for games or multimedia editing, use AES. If you don't do many system intense activities, Serpent is probably better. Twofish to the best of my understanding isn't a particularly great algorithm, but is better used in cascades because it uses a different mathematical concept than AES or Serpent, and thus if a cascade is used and a weakness is found in the fundamental concept of AES or Serpent, your data will still be safe as it is also protected with Twofish. But using cascades for full drive encryption is not a good idea because the keys can not fit into the first drive track and will frequently corrupt requiring you to always be fixing it. It also might not work at all on older computers. So depending on your computer equipment, select either AES (Not very powerful computer, or powerful computer but you do a lot of gaming or frequently transfer large files from drive to drive) or Serpent (Powerful computer, or average computer but you don't do a lot of gaming and require the best security you can get)

    7. Pick a hash algorithm. Unfortunately you need to pick ripemd-160, sha-512 or whirlpool would both be much better suited for this but they are not supported for full drive encryption. I think ripemd-160 has some serious weaknesses in it, but according to Truecrypt, for what it is used (RNG) the security holes shouldn't really make much of a difference. You don't have any choice in the matter, and it is certainly far far better to use this hash than to not encrypt your drive, so go with it.

    8. Click next.

    9. Type in a passphrase and confirm it. The passphrase should be quite long, over twenty characters, and should include numbers, letters, spaces, capitals, and special characters. Make it something you can remember with out writing down as well. You do not want to write your passphrase down anywhere, ever! Click next.

    10. Randomly move your mouse around for like ten minutes in the window that displays the matrix looking thing. The longer you move your mouse, the more randomness it can gather, the more secure your encryption will be. Towards the end you might want to hide the numbers for a bit I guess. After five or ten minutes of this, click next.

    11. Click next again.

    12. Now you need to follow the instructions and create a truecrypt rescue CD. This is very important, if anything ever fucks up you will NEED to boot from this CD to fix it. Don't lose the CD! Even if an adversary finds the CD they will still need to know your passphrase to get onto your system so don't worry about it getting seized. But don't lose it because if *anything* goes wrong at *any* point with your encryption you absolutely will need this CD.

    13. After verifying that you have created the rescue CD, you need to select a Wipe mode. If you use no wipe mode, you are at risk of forensic analysis of the data currently on your machine being discovered. The stronger wipe mode you use, the less the chances of this are. I suggest either a 7 pass DoD (Which is the standard for wiping drives which contain top secret classified information on them) or a 35 pass Gutmann wipe (which will work much better for old hard drives, but on new hard drives it is questionable if it is much if any better than a 7 pass DoD wipe, even though it will take probably a little under two full days to finish). You will still be able to use your computer while the wipe takes place, and you can pause and restart the wipe at any point. Keep in mind the files of your computer are NOT being erased. At the very least you should do a three pass wipe, you should absolutely no do no wipe at all. I would suggest a 7 pass wipe personally, unless it is a fairly old hard drive.

    14. You will now be asked to test the encryption by rebooting. Give it a shot and see if it goes smoothly. Keep in mind it has not yet been encrypted at this point and is merely testing the framework. You will be required to enter your new password.

    15. After the reboot, in Truecrypt select the encrypt button. The encryption will take a good bit of time depending on what algorithm you selected and what wipe mode you selected, as well as what sort of hard ware you have and how big your drive is. I doubt it takes any longer than three days, and less than 24 hours is more likely.

    Way to go, your hard drive is now protected with military level encryption. You will need to type in your passphrase each time you boot up. You should leave your computer off when you are not using it While it is on it is encrypted but mounted, and could have the decrypted content taken off of it and transferred to another drive that is not encrypted. This could be done secretly while you are not at home, or it could be done after you are fucked over and powerless to turn it off. So keep it off when you are not using it, or not in the general area EX: your house. Also, if it is on and you get an unfriendly visit, turn it off ASAP, even if you turn it off by kicking it over or something. If it is off, you are safe, if it is on you are at some risk still. Although usually it would be turned off anyways, sometimes they are smart enough to keep it turned on until they can make an image of the drives contents.





    To create a hidden OS in Windows XP/Vista

    1. First of all you have some basic requirements that need to be met.

    A. You must have two partitions on the hard drive that has the partition your OS is installed to. One of the partitions needs to be the one your OS is installed on.

    B. The second partition needs to be the first partition behind the partition your OS is installed to and it must be at least 2.1 times bigger than the partition your OS is installed to.

    C. For example, with a 100 gig hard drive, two partitions must be made during installation of the OS. The OS needs to be installed to the second partition, would be 30 gigabytes in size. The first partition needs to be left blank and have at least 63 gigabytes allocated to it (but might as well make it 70 gigabytes). This is a big drain on system resources as 70% of your hard drive is now dedicated to having a hidden volume, but it offers you probable deniability in court and you can give up a passphrase with out giving away your real passphrase and you wont be held in contempt of court. It wouldn't be a bad idea to use your smallest hard drive to make the hidden OS on, and then have a large hard drive to store media on that is separately fully encrypted so you minimize the amount of wasted space. I have briefly read the link sade posted about how it is possibly now possible to detect hidden partitions and this may be useless now, but from what I could tell truecrypt might take steps to make itself immune to this. I need to do some more research on the matter before I can come to a conclusion on if it is still a huge security benefit to make a hidden OS versus a standard encrypted OS.


    D. Your drive at the time of creating a hidden OS must contain *no* incriminating information, because your regular partition is going to be your decoy that you can give the passphrase to away.

    E. Your OS must be activated by windows. I don't know if this will matter a great deal for pirated copies or if you can even activate them. You might want to look into this more yourself.
    F. Take the same precautions you would take if you were making a shell file with a hidden section IE: Turn off system restore points, disable the paging file, turn off hibernation, ETC...

    2. If these requirements are met, start up truecrypt and go to the system tab on the top bar. Click encrypt system partition/drive, and when presented with the options check "hidden".

    3. Select the appropriate option, depending on if you dual boot (you use more than one OS on the same system) or single boot (You have only one operating system installed).

    4. Click next until you are asked what algorithm and hash you want to use for your outer volume (the one you can give up with out having to worry). I would probably pick AES since this is just decoy decryption anyways and AES is much faster than serpent. Again, ripemd-160 is required as your hash. Click next.

    5. Click next until you are required to enter a passphrase. Enter a passphrase that you will not have a great deal of trouble to remember. It should still be fairly secure though, if you are ever taken to court you will want to refuse to decrypt the computer and see if you are held in contempt. You may even choose to do a few days or weeks in jail while in contempt of court before finally agreeing to give up a passphrase. If they decide they can't hold you for very long, it is better for them to get nothing than to get a decoy. So do take some care in selecting this passphrase, but make sure you can remember it. And make sure it will be nothing like your real passphrase. You can give this passphrase up if worst comes to worst. Click next.

    6. It will ask if you need to be able to store large files (files over 4 gigs). I assume you are going to not want to be limited to four gig files so you should select yes. If you can live with out four gig files the size of the partition for your hidden OS only needs to be 10% larger than the partition your regular OS is on, but I imagine most people are not going to be happy limiting themselves to files of this size. So go with over 4 gigs and NTFS will be used (versus FAT).

    7. It will tell you that you probably want to use FAT. You may want to really, but this will limit file size to only four gigabytes so I figure you really probably don't. It will make better use of your hard drive if you do, and allow for much more of your drive to be allocated to your regular partition, but at the same time it will force you to use FAT and all the shit that comes along with this (4 gig max file size being one). Click yes or no, it is up to you and your wants / needs. But I suggest you click yes probably.

    8. Move your mouse around as randomly as possible for about five or ten minutes. The longer and the more randomly you do this, the stronger the encryption will be. You may want to hide the numbers / letters after a bit, I guess. After five or ten minutes, click next.

    9. Answer yes again to the same pop up. Another pop up will come up telling you the files on the partition behind your OS partition will be wiped clean. This shouldn't be an issue as you shouldn't have had anything on this partition yet anyways. If you did and you need to keep it, move it to your OS partition. Click Yes.

    10. Click format and wait for it to finish.

    11. Click next until you see the button that says to open the outer volume. Put some random fake-incriminating stuff in here, like legal porn or whatever. Click next.

    12. Click next until it asks you to pick the algorithm for your hidden volume. Read post 7 from the above tutorial when selecting your algorithm. Again, stuck with Ripemd-160. Click next.

    13. You must now select a new passphrase. Make this one very good and different from the other one you already made and the next one you are going to make. This is one that you can not give up with out fucking yourself. It should be at least twenty characters long and include letters, numbers, capitals, spaces and special characters. Click next.

    14. Move your mouse around randomly again, for five or ten minutes. You may want to hide the numbers/letters in the random pool. After five or ten minutes, click next.

    15. Click next until asked to enter a passphrase for your decoy operating system. This is another passphrase you can give up if you are ever forced to. And should actually be the first one you give up in court to get out of contempt. As always, you should push your luck and do a few days or weeks in jail first to see how serious they are about getting any passphrase at all. After typing in your sort of hard but easy to remember decoy passphrase, click next.

    16. Move the mouse around gathering random data as usual. After five or ten minutes, click next. You may not want to have the matrix looking numbers / letters displayed.

    17. Keep hitting next until it makes you create a rescue CD. Follow the instructions for this. You need a rescue CD and you should keep your rescue CD in a safe location. They can not decrypt the OS with out the passphrase even if they get the rescue CD but you should still keep it safe and hidden. I am not sure if they can tell if you have a hidden os or not from examining the rescue CD, but I doubt it can be done since the contents of the rescue CD are already on the first track of the hard drive decrypted.

    18. Keep hitting next until asked about operating system cloning. Then hit Yes. Your current real OS (which should have no incriminating information on it!) will be copied to the hidden OS partition. You must restart. Also make sure the rescue CD is NOT in the drive at the point where you restart. Take it out and keep it out, stored in a safe location, probably best in a hidden location or a safe house but really this is truly probably not necessary .

    19. After the reboot you will be asked for your hidden OS pass phrase. Type it in.

    20. Now your regular OS will be copied to the hidden partition. This will take some time. After it is done, you will be prompted for your decoy system pass phrase. Type it in.

    21. now you will be taken back to windows. In Truecrypt, you must now select to encrypt your decoy operating system (the OS you are currently using). This will also take some time.

    22. Now that this is all done, you will be able to enter three passphrases when prompted to do so after boot:

    A. Boot password for hidden operating system (NEVER EVER GIVE THIS UP TO ANYONE UNLESS THEY HAVE A GUN TO YOUR HEAD AND SAY EITHER GIVE US THREE PASSPHRASES OR YOU WILL DIE REGARDLESS OF IF YOU HAVE A HIDDEN OS OR NOT, YOU BETTER HOPE YOU DO OR YOU ARE DEAD ANYWAYS LOL)

    B. Boot password for decoy operating system (You can give this one up if forced to, but it is still better to pretend you do not remember your passphrase and see if you are held in contempt of court. Once you are held in contempt, do as much time in jail as you possibly can manage to the full time saying you forgot your passphrase, and see if you ever get let out. If you can no longer stand it then suddenly remember your decoy passphrase and feel free to give that up)

    C. Outer volume password (If you are forced to give up the password to the first partition, you can give this up. Again, forget it for as long as you can stand. After giving this up they still can not prove you have a hidden OS probably, I do still need to do more in depth reading of the article Sade posted to make sure)

    23. After finishing, you must shut down your computer and leave it off for several minutes while the ram returns to a more random state. You can now boot on the computer and enter the password you want.

    You should use the hidden OS for ALL things that are incriminating as well as randomly use it for things which are not incriminating but have no links to your personal life (random internet surfing, random listening to music or game playing, whatever). You should use the decoy OS for all things that are not incriminating. Try to use both of them about equally if at all possible.

    NOTE: DO NOT WRITE TO THE HIDDEN VOLUME. THIS IS WHERE YOU PUT THE "FAKE" INCRIMINATING FILES. WRITING TO THIS COULD DAMAGE OR RUIN THE HIDDEN OS. YOU SHOULD JUST LEAVE IT ALONE AFTER PUTTING THE INITIAL FAKE INCRIMINATING FILES INTO IT.

    Now you have no reason to turn off your computer if you get a surprise visit, unless you are inside your hidden OS. If you are in the decoy OS you can leave it on. If you are in the hidden os though, turn it off as quick as you can, even if that means you need to kick it down and make it power off.
     
  2. xcandykidx

    xcandykidx Member

    Messages:
    789
    Likes Received:
    0
    is this better than PGP?
     
  3. sw0o0sh

    sw0o0sh Banned

    Messages:
    2,342
    Likes Received:
    1
    lol i'm sure all the sketchballs here will luV it
     
  4. Vesica_Piscis

    Vesica_Piscis Member

    Messages:
    26
    Likes Received:
    0
    Great read Binary, thanks for all the valuable advice you have listed.
     
  5. Xanonimity

    Xanonimity Member

    Messages:
    645
    Likes Received:
    0
    Thank you... maybe this should be stickied? Or bumped with more guides...
     
  6. binary shadow

    binary shadow Visitor

    I am not positive how PGP desktop works and I imagine this is what you are referring to. If you are comparing it to what is usually called PGP (the text / file encryption program), the answer is they are two different types of systems, PGP (the free open source alternative that follows the same standards being GPG) is used for the encryption of text for communications, or single files. Truecrypt is used for on the fly encryption of partitions, devices and hard drives.

    I do know that PGP desktop, the OTFE system that meets openPGP standards, does not support plausible deniability. I highly suggest if you are using windows that you encrypt your hard drive with truecrypt rather than PGP, and go with the deniable encryption option. This gives you two seperate OS (both windows), and lets a different password at boot up open one or the other. This allows you to keep one of the OS clean and give a password up if you are ever busted and want to appear to cooperate, or are forced to cooperate and give up encryption keys at risk of going to prison as is the case in the UK.

    If you do not use windows, thats a big plus. The only down side is there is no way to do plausible deniabile full drive / decoy OS encryption with out some seriously advanced "fucking with shit (tm)". If you do use linux I suggest you learn how to use virtual machines, such as vitualbox. Inside your linux install, run the virtual machine. Make a deniably encrypted truecrypt container file and mount it as a virtual drive. Then store a virtual machine virtual hard drive in the hidden sector. You can put an alternative clean virtual hard drive in the non-hidden section of the truecrypt container. Now do all sketchy activity from the virtual machine.

    You can even use TorVM inside that virtual machine, TorVM is a virtual network adapter that forces *all* traffic through Tor or drops it, keeps you 100% safe from anonymity leaks via side channel. And could even make a virtual router and connect to near by open WiFi, while using your normal wired connection simultaneously in the host OS.
     
  7. xcandykidx

    xcandykidx Member

    Messages:
    789
    Likes Received:
    0
    we're not getting paranoid are we?
     
  8. 36fuckin5

    36fuckin5 Alchemycologist

    Messages:
    2,008
    Likes Received:
    5
    Paranoid? Not in the least. I'd call it safe.

    Binary, you should try to come up with some of this stuff for Linux users.
     
  9. aushy

    aushy Member

    Messages:
    18
    Likes Received:
    0
    It's not paranoia if its actually happening.
     
  10. sunfighter

    sunfighter Hip Forums Supporter HipForums Supporter

    Messages:
    3,814
    Likes Received:
    292
    And so easy!

    My solution: get a Mac.
     
  11. dirtydan

    dirtydan Member

    Messages:
    18
    Likes Received:
    0
    Nah this is just necessary for scammers tohide their tracks like Binary Shadow, Gdeadhead, AuarithX etc.

    A regular user that buys a few grams here and there doesn't need all this stuff. In fact neither do these nickle and dime scammers.


    PS. TrueCrypt has already been cracked and has holes. Just a fyi.
     
  12. ydl

    ydl Member

    Messages:
    72
    Likes Received:
    0
    ORLY? Thank you dear sir.
     
  13. binary shadow

    binary shadow Visitor

    You know what toxic why don't you fuck off. Making people insecure isn't going to help you scam them any better.

    To answer his bullshit about truecrypt being insecure:

    Obviously he is just talking out of his ass but I will answer it with an educated answer. Let's see his counter to it.

    First of all, Truecrypt is a fully open source program, so its source code can be examined. It is used by a shit ton of people, and has undergone some serious scrutiny, although it has not been fips certified. fips certification is when a product is heavily tested in a laboratory setting, and it is a requirement for encryption software to be used by the military or federal government of the USA. I am not entirely sure why truecrypt hasn't choosen to be fips certified, it only costs around three thousand dollars for level one testing (the highest a purely software solution can obtain).

    Anyways, Truecrypt manages encryption algorithms. The encryption algorithms truecrypt manages HAVE had ETREMELY intensive testing done on them for years.

    As far as truecrypt being broken:

    AES-256 is one of the encryption algorithms you can use with Truecrypt. AES-256 is used by the military for classification of up to top secret data. In the past two or so months, a new cryptanalyitical attack has been discovered on AES-256 that reduces its bit strength to lower than 128 bits. This was MAJOR news in the cryptography world, as AES-256 is pretty much the standard encryption algorithm. The name of the attack is called 'AES magic trails' and it was discovered by Adi Shamir, a world class cryptographer.

    Anyways, I have never trusted AES-256 and have for a long time suggested people use serpent-256 instead. I bet money NSA knew of the weakness in AES-256 and approved it for use anyways, they actually had a shit ton to do with it being selected as the world standard encryption algorithm. AES is actually a title, the advanced encryption standard. The current title holder, which was greatly weakened, is an algorithm called rijndael. Even with it being weakened, it is still likely immune from almost all attacks, nothing to panic about. It was broken in an academic context, meaning the attack reduced its strength from 256 bits to much less than that. In a practical context, it was hardly broken, no one can trivially crack AES still and if they could it would be fucking MAJOR as AES is used to encrypt almost everything that is encrypted.

    That isn't truecrypt being broken, it is AES being broken. And it is an academic break (reduced from 256 bits). People shouldn't use AES-256 in my opinion, and I have said this and suspected this would happen long before Adi Shamirs attack.

    Another thing to keep in mind about Truecrypt:

    When you encrypt your entire hard drive with TrueCrypt, a small part of it is kept decrypted which has a bootloader on it. The bootloader is merely used to decrypt the rest of the OS after you type your password into it. There was recently an attack on TrueCrypt where hackers created a fake bootkit and with physical access to a computer could replace the truecrypt boot loader with their own, which acted as a keylogger to steal peoples keys. This is also not truecrypt being broken, it is an extremely sophisticated and clever key logger and requires physical access to the computer to compromise it. There are ways to minimize the risk of this attack, but really its nothing to worry about in my opinion. Also it isn't an attack on truecrypt as much as it is an attack on all bootloader based encryption systems. I suggest people encrypt their entire hard drives, and keep a seperate USB with a keyfile on it that has the bootloader. Boot from the USB key and decrypt the hard drive. Keep the USB key on you at all times. If you want to be fancy get a special tamper resistant USB key to store the boot loader on. This will make this attack essentially impossible.

    So dirty dan, thats my educated response to your complete fucking bullshit. Pray tell, explain to us how truecrypt was compromised and why people shouldn't use it? Oh thats right you can't because you dont know fucking shit about security and are just trying to get people busted you fucking ****. Karma is a bitch Toxic. You are fucking with people on a different level now toxic, i'm not a noob you can fuck with. If I was you I would back the fuck off before you get a rude awakening. Fucking with me is not recommended =).
     
  14. dirtydan

    dirtydan Member

    Messages:
    18
    Likes Received:
    0

    You're just a straight out clown poser in mommy's basement with wayyy too much time on his hands. You run piss poor scam sand you have done to this place as you scammers have done to many others- turned it into a ghost town. Not too many people can put up with your "know it" all attitude when it's just mostly cut and paste jobs. And your tough talk reminds me of a 80 pound g-unit white boy trying to play tough in front of his 11 year old friends. Nice try but you fail miserably and you WON'T scam people here. It's not happening. Even if I have to create 1000 accounts you ain't biting anyone here.

    Back to truecrypt: More vulnerabilities than you have pimples you pnk.

    And all are unpatched you straight out clown.
     
  15. ydl

    ydl Member

    Messages:
    72
    Likes Received:
    0
    Those vulnerabilites are nothing to worry about and you are obviously just spreading your usual bullshit. Either that or you really don't know anything about security.
     
  16. twang

    twang on the run

    Messages:
    956
    Likes Received:
    12
    No one's scamming anyone here. What do you think this is? A private board?
    draaamuhh
     
  17. 36fuckin5

    36fuckin5 Alchemycologist

    Messages:
    2,008
    Likes Received:
    5
    Isn't source discussion supposed to not happen here?
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice