Slashdot Mirror

Or set up a hidden TrueCrypt volume. Essentially you're creating an encrypted storage volume inside an encrypted storage volume (inb4 'yo dawg' jokes) with different decryption keys for both. It's not possible to prove the hidden volume exists unless you enter its key into TrueCrypt. If 'They' shake you down for the key to the volume, just give them the key for the 'outer' volume in which you've stashed some somewhat disturbing but legal porn or something. (I'd love to see the reaction of a police officer who decrypted the outer volume and all it contained was Goatse.)

It's open-source (although its license is a little questionable) and cross-platform. Obviously, free as in beer. http://www.truecrypt.org/

TrueCrypt has something where you can set up an encrypted virtual disk that you first put some files you don't care about on there with a password you wouldn't mind divulging. Then you make another virtual drive on that one that will store the files and a password you do care about. When asked for your password, you give the one you don't care about and it only shows files you don't care about. Plausible deniability.

"the presence of random files on the system could be incriminating"

That's why I like Truecrypt's ( http://www.truecrypt.org/ ) approach:
"... there is practically no plausible explanation for the existence of a file containing solely random data. However, plausible deniability can still be achieved with a file-hosted TrueCrypt volume (container) by creating a hidden volume within it."

Basically, you create a hidden volume inside your encrypted data. If you are compelled to reveal the contents of the encrypted data, you so so. What is revealed are some possibly sensitive files but not the data that you are most concerned with. The really sensitive data is in a hidden volume which you can plausibly deny exists. After all, you gave up the password to the encrypted file - any residual random data in the file is just an artifact of the encryption process (you can plausibly assert) when, in fact, it actually contains another hidden volume with the real goods.

Hasn't this whole subject already been addressed by Truecrypt?

You mean like http://www.truecrypt.org/ already does?

Of course if your encryption software writes some kind of header - which wouldn't affect the security of the encrypted contents - then it will be obvious to anyone looking that you have an encrypted container. So this is 99% about implementation and 1% about encryption algorithms.

TrueCrypt implements a headerless encryption protocol for just this reason. Its ciphertext files should be indistinguishable from a sequence of random bytes. So all you have to do is hide those bytes steganographically, or have a plausible excuse for sending/storing a bunch of random bytes.

Technically it's possible to do what you want to do, but to avoid leaking information and get good performance you have to use non-trivial cipher modes. I suggest you have a look at the documentation for TrueCrypt, which covers most of the mathematics:

http://www.truecrypt.org/docs/

The problems you are likely to run into are related to the handling of identical data in several files. A naive implementation will leak a lot of information.

what you want is plausible deniability and that is not easy to achieve, as some states have started to have laws allowing to hold you hostage if you do not provide an decryption key to an encrypted container (which, with your method, would be corrupted). Have a look as TrueCrypts technical details behind their plausible deniability feature: http://www.truecrypt.org/docs/?s=plausible-deniability

Whole disk encryption needs to become mainstream. There are many approaches. Here are a few useful links.

If you want your OS to encrypt everything, Fedora makes it easy. So does Ubuntu.

If you want an add-on software package, PGP works well. In a slightly more involved way, so does Truecrypt.

If you prefer a hardware solution, you can adapt regular, off-the shelf drives with an encryptor such as the Deskcrypt. Fully-encrypted hard drives are available from most vendors, too, but the ones I've found most generally useful (as in, "compatible with every other sort of hardware") are the Eclypt models from Stonewood.

I have owned and used all the products above and like them very much. If you feel different, feel free to Google things like "Momentus FDE" or "WinMagic" or "Guardian Edge Hard Drive" for other vendors and approaches. Take whatever path seems most reasonable and logical to you.

But for God's sake, would everyone please start encrypting your drives? That's not everything you need to do. It's just a minimal first step toward personal security. But it's a start.

I much prefer the diskGenie, which is also a product from istorage-uk.com, however it feels more rugged, has a very nice tactile feel. Has the same encryption level as most of the others and reqires a 6-16digit pin to access the data.I have the 500gb 256 version and a 128gb ssd both reasonably priced.

Whole disk encryption needs to become mainstream. There are many approaches. Here are a few useful links.

If you want your OS to encrypt everything, Fedora makes it easy. So does Ubuntu.

If you want an add-on software package, PGP works well. In a slightly more involved way, so does Truecrypt.

If you prefer a hardware solution, you can adapt regular, off-the shelf drives with an encryptor such as the Deskcrypt. Fully-encrypted hard drives are available from most vendors, too, but the ones I've found most generally useful (as in, "compatible with every other sort of hardware") are the Eclypt models from Stonewood.

I have owned and used all the products above and like them very much. If you feel different, feel free to Google things like "Momentus FDE" or "WinMagic" or "Guardian Edge Hard Drive" for other vendors and approaches. Take whatever path seems most reasonable and logical to you.

But for God's sake, would everyone please start encrypting your drives? That's not everything you need to do. It's just a minimal first step toward personal security. But it's a start.

Not really. http://www.truecrypt.org/docs/?s=incompatibilities

Which is what the two key "Plausible Deniability" feature is all about:
http://www.truecrypt.org/docs/?s=plausible-deniability

Because he was talking about computers at work? I doubt most companies are going to let you encrypt the hard drives on your work computer to block them from seeing what's on it.

You don't need to encrypt an entire drive. You can encrypt a binary blob (file) and then pass it around to HDD, USB, email, web etc.

In fact, why would you trust an online service for privacy. Just use any old online service to store your encrypted blob.

Case closed:

Beginner's Tutorial
How to Create and Use a TrueCrypt Container

http://www.truecrypt.org/docs/?s=tutorial

Any web service, just create a TrueCrypt container. As long as you sync the container between your computers regularly it shouldn't be an issue. I've been doing it this way for about 3 years now (I keep all of my important data there for when I'm on the road). Works perfectly fine with Windows and Linux.

it is called Prey and it is designed to help recover your stolen laptop. http://preyproject.com/ good luck in your search. on other price of advice full drive encryption http://www.truecrypt.org/ and bios boot password make it as hard as possible for them to profit from the theft. I even go so far as to remove the OS license sticker on the bottom(saving it at home in a file for my future reload needs). that is just my $0.02. once again good luck.

The only disk encryption I think is worth selecting is Truecrypt. It's transparent and have decent performance.

If they don't trust Truecrypt they aren't worth your time unless they pay you very well.

Check out TrueCrypt for full disk encryption. Not many FDE vendors left after Symantec scoops up these two. FreeOTFE does volume encryption but no boot loader for FDE.

Of course, if you're not stuck on Windows many recent distros support installing on an encrypted root volume. The Ubuntu alternate install CD is one of them.

TrueCrypt is reliable, reputable, fast, free, open source, and works on Windows, Mac OS X, and Linux.

The TrueCrypt documentation is very good, but not perfect.

TrueCrypt can encrypt a file that contains other files (a drive letter) or encrypt an entire partition, even the boot partition.

No one I know has any connection with TrueCrypt. We are just happy users.

See this comment from 2005: EFS & stand-alone computers? Can you make it work?

TrueCrypt is reliable, reputable, fast, free, open source, and works on Windows, Mac OS X, and Linux. The TrueCrypt documentation is very good, but not perfect. TrueCrypt can make an encrypted drive letter or encrypt and entire partition, even the boot partition.

Only open source encryption should be accepted, since the U.S. government has decided it can force executives of corporations to work in secret to help gather data from or about users. If software is not open source, there may be hidden methods of decryption.

Trying to make a diskimage when truecrypt is active i get a vss error like

Volume Shadow Copy Service error: Unexpected error ... 0x80070057

invalid parameter

dismouting the truecrypt device and everything went ok.

somthing like:

http://www.symantec.com/connect/forums/shadow-copy-components-not-working-various-vss-writer-failures-no-vss-writer-errors

searching now i see it is documented:

http://www.truecrypt.org/docs/?s=issues-and-limitations
"The Windows Volume Shadow Copy Service is currently supported only for partitions within the key scope of system encryption (for example, a system partition encrypted by TrueCrypt or a non-system partition located on a system drive encrypted by TrueCrypt). Note: For other types of volumes, the Volume Shadow Copy Service is not supported because the documentation for the necessary API is available from Microsoft only under a non-disclosure agreement (which is impossible to comply with because TrueCrypt is open source).
"

Maybe it is solved now.

With TrueCrypt, you could have 2 encrypted volumes on the same flash drive. Just give them the password of the 'decent' one and they can't derive that there is more than one installed, unless you give yourself out.
They call it Plausible Deniability.

Because the government (or any other entity) has no way of knowing how many layers of hidden volumes you have.

Wrong. You should consider installing TrueCrypt.

As the TrueCrypt guys point out in their FAQ, TPM is not a fully or totally secure solution.

If the attacker has physical access to the computer, than at a minimum they can make a disk image (or just outright take the disk) and then take as long as they like to crack the encryption - even farming it out as needed. One way or another, if they want the data they'll get it.

If they can plant a virus on the computer, they can get your encryption password - even on TPM machines. TPM does not prevent malicious code from running or intercepting anything. For example, they could put a BIOS virus in that preserves access to TPM and captures the data stream to TPM to unlock the hard drive.

As the TrueCrypt guys correctly point out - TPM is false security. And I would go further to add that it is broken in nature, just like any DRM scheme. If all I have to do to keep myself from ever being able to decrypt the drive is change the motherboard, then it doesn't work. (That, btw, is the nature of TPM.)

So whether or not TrueCrypt utilizes TPM has no effect on its true security. The only reason you encrypt a drive is to keep the not-so-smart crackers from stealing it and using it, or hiding something from casual peekers and users. And more likely than not, they'll try to boot, see the encryption, then pull the drive and format it. If they were really after the data, they'd have plenty of time to get around the encryption if they really wanted it.

As the TrueCrypt guys point out in their FAQ, TPM is not a fully or totally secure solution.

If the attacker has physical access to the computer, than at a minimum they can make a disk image (or just outright take the disk) and then take as long as they like to crack the encryption - even farming it out as needed. One way or another, if they want the data they'll get it.

If they can plant a virus on the computer, they can get your encryption password - even on TPM machines. TPM does not prevent malicious code from running or intercepting anything. For example, they could put a BIOS virus in that preserves access to TPM and captures the data stream to TPM to unlock the hard drive.

As the TrueCrypt guys correctly point out - TPM is false security. And I would go further to add that it is broken in nature, just like any DRM scheme. If all I have to do to keep myself from ever being able to decrypt the drive is change the motherboard, then it doesn't work. (That, btw, is the nature of TPM.)

So whether or not TrueCrypt utilizes TPM has no effect on its true security. The only reason you encrypt a drive is to keep the not-so-smart crackers from stealing it and using it, or hiding something from casual peekers and users. And more likely than not, they'll try to boot, see the encryption, then pull the drive and format it. If they were really after the data, they'd have plenty of time to get around the encryption if they really wanted it.

This is pretty major as so many vendors are affected by it. However, until there's an update or complete recall & replacement, I'd recommend using Truecrypt. Certified by NIST (see HERE. Cross platform. Free (as in spoken beer ;o). Of course, one can only hope that its implementation is better than the devices currently uncovered :P

I remember a recent Slashdot article about a vulnerability in TrueCrypt. Don't remember much more than that. Does anyone else know what I'm talking about?

This is pretty major as so many vendors are affected by it. However, until there's an update or complete recall & replacement, I'd recommend using Truecrypt. Certified by NIST (see HERE. Cross platform. Free (as in spoken beer ;o). Of course, one can only hope that its implementation is better than the devices currently uncovered :P

Talking about Windows, Format DOES NOT WIPE THE DRIVE. All a full format does is set up the file system, and does a read verify. It does not overwrite data portion of the partition.

A good tool is Eraser. http://eraser.heidi.ie/ Use it to securely wipe specific files when no longer needed. As well it allows you to wipe free space on the disk at any time, allowing you to wipe previously deleted files.

If the computer is deemed surplus, and you want to prepare the computer for resale, A PLAIN FORMAT IS NOT ENOUGH. That is how so much sensitive information is found on surplus computers. The data is still on the disk. Wipe it using a tool like DBAN http://www.dban.org/

As far as reading residual data, some people claim 35 passes blah blah blah. This is referencing Gutmann's work, which focused on old drives. It is not applicable on new drives with different encoding techniques and extremely high data densities, and he has said on new drives a single pass of pseudo-random is enough. Anything extra is a waste of time. http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (read the epilogues)If there is truly confidential data on the disk, the only safe method is physical destruction to ensure nothing resides on remapped sectors, etc. Now, particularly if you have laptops, encryption of customer data is a good preventative measure, as overwriting of surplus hard drives does not help you when a laptop with customer data is stolen from an airport. Truecrypt http://www.truecrypt.org/ is a good encryption solution, though you need some 'workarounds' if you wish to be able to unlock users that have locked themselves out of their container file. It can also do full disk encryption (as can Windows Ultimate/Enterprise)

Yes, but there's also Truecrypt, which is available for all major platforms: http://www.truecrypt.org/downloads

It's really easy to set up, so nobody should leave their mobile computer unencrypted.

Any server that can offer a RAID disk solution would be fine. Blade servers seems to be an overkill for most solutions - and they are expensive.

And then run DFS (Distributed File System) or similar to have replication between sites for the data. This will make things easier. And if you have a well working replication you can have the backup system located at the head office and don't have to worry about running around swapping tapes at the local branch offices.

Some companies tends to centralize email around a central mail server. This has it's pros and cons. The disadvantage is that if the head office goes down everyone is without email service. But the configuration can be more complicated if each branch office has it's own.

It's also hard to tell how to best stitch together a solution for a specific case without knowing how the company in question works. There is no golden solution that works for all companies.

The general idea is however that DNS and DHCP shall be local. If they aren't then the local office will be dead as a dodo as soon as there is a glitch in the net. Anyone not providing local DNS and DHCP should be brought out of the organization as soon as possible. And DNS and DHCP doesn't require much maintenance either, so they won't put much workload on the system administration.

There are companies (big ones) that run central DHCP and DNS, but glitches can cause all kind of trouble - like providing the same IP address to a machine in Holland and in Sweden simultaneously (yes - it has happened in reality, no joke) - and the work required to figure out what's wrong when multiple sites are involved in an IP address conflict can cost a lot. And if you run Windows you should have roaming profiles configured and a local server on each site where the profiles are stored.

Local WWW and FTP servers - can work, but watch out too since you have to check out if it's for internal or external use. Do you really need a local WWW and FTP server for each site? I would say - no. And those servers should be on a DMZ. It can of course be one server servicing both WWW and FTP. The big issue with especially FTP servers if they are for dedicated external users is the maintenance of the accounts on those servers. Obsolete FTP server accounts are a security risk.

And if you run Windows I would really suggest that you do set up WDS (Windows Deployment Server). This will allow your PC clients to do a network boot and reinstall them from an image. Saves a lot of time and headache.

And today many users have laptop computers, so hard disk encryption should be considered to limit the risk of having business critical data going into the wrong hands. Truecrypt is one alternative that I have found that works really well. But don't run it on the servers.

No, since Dropbox only transmit the parts of a file that changed.

The way most encryption works, if you change a piece of the plaintext file, you get a wildly different ciphertext file.[...]I don't know if this is the case with Truecrypt's volumes, but I bet that it is.

I have done what was described: rsyncing a TrueCrypt volume file that changes over time. Yes, there is an "expansion factor", but I would peg it at 2 - 5x the size of the diff within the encrypted volume. To restate: this scheme is entirely tenable with TrueCrypt volumes and rsync. A good binary diff capability is required, but that is the raison d'etre of rsync. I have never used Dropbox, so I have no idea how their deltas work for binary files.

I was originally of the same opinion as you. I anticipated some sort of avalanche effect from small changes in the ciphertext. However, this isn't the case for several reasons -- first, you can read about TrueCrypt's crypto modes of operation and how the blocks work. Second, you can reason that TrueCrypt would be completely unusable if writing a single byte near the beginning of an encrypted hard drive/volume caused a chain reaction that would require the entire partition to be re-encrypted due to cipher block chaining cascading to the whole drive.

I don't claim to be a cryptography expert (perhaps someone can further enlighten me), but it seems that CBC would break down in a disk encryption scheme if there weren't a new IV rather frequently (for the same reason as I mentioned above). Of course, TrueCrypt uses XTS mode, so it seems that I am just idly musing at this point and should click Submit.

Unless the disk was encrypted with 'whole disk encryption'

That may become a foregone conclusion, considering that high quality whole disk encryption tools are freely available to anyone who wants to use them.

TrueCrypt is open source and is available for download from Source Forge, which hosts open source projects. And here's the downloadable source code.

Falcon

TrueCrypt is open source and is available for download from Source Forge, which hosts open source projects. And here's the downloadable source code.

Falcon

What can be done about TrueCrypt? It also "Encrypts an entire partition or storage device such as USB flash drive or hard drive."

http://www.truecrypt.org/faq#tpm

http://www.truecrypt.org/ Encrypt the entire hard drive. Now not only can your company not access the data, but neither can a thief if the laptop were to be robbed.

I wonder if the other 954 laptops required passwords for login...

I'm inclined to believe it's the other way around. While I haven't done any international travel, from what I understand as told to me by co-workers who do travel abroad, laptops (and in some cases, Blackberries) have to be decrypted and ready to inspect.

ie Truecrypt. Don't just encrypt data, hide it. Purely as an exercise in seeing how draconian security has gotten to board a plane one day I plan to install it and use it to hide the Constitution of the USA, the Declaration of Independence, and maybe the "Federalist Papers" then walk through an airport with my laptop in my backpack. If I could I'd like to do it using a clean hard disk drive with only the OS and hidden files. Then include an external drive also with the DOI and Constitution hidden.

I can see the reaction now, "He's hiding something. He must be a terrorist!" Then when those papers are revealed, "he is a terrorist!"

I was kind of hoping this Bullshit would end when Obama became president. Ended up it was false hope, now I have no hope.

Falcon

"The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants," Thomas Jefferson

I think that you basically have two choices:

• pay for it yourself
• have a lawyer draft an agreement that your employer accepts that reimbusring you for the laptop does not give them any rights whatsoever over your private data. Have your employer sign it before you accept the money.

Whatever you do, I'd advise you to keep your own and work data on separate partitions and encrypt both with different keys. Provide your employer only the key to unlock the partition with your work data. If you are running Linux, OS X or MS Windows you can use truecrypt.

If you are running Linux or *BSD and if you are feeling nasty, you can use one of the encryption schemes native to those systems. The chance that a typical windows-only IT department will ever figure out how to decrypt that are small IMHO, even with a key.

Just encrypt the entire drive or where your documents are stored. It's trivial to encrypt your home folder in Ubuntu...for Windows, take a look here.

I use TrueCrypt and create an encrypted volume that only I have the credentials for. They might be able to get on your machine and view files but if you never give them the password to the encrypted file then you are safe. I guess through subpoena or something like that they COULD, in theory, eventually gain access but that's a huge pain in the ass and you could very easily delete the file. It also makes for easy backup to disc or another machine, if needed.

This, of course, should be used in conjunction with what Eldavojohn said and get it in writing that the property is yours. That might not keep them from snooping, however and this solution would keep them from "stumbling" across something you may perfer to keep private.

According to truecrypt (and my limited understanding). What you do is this:

1) Setup an encrypted volume (password=dummy)
2) Put some plausible files in the volume (secrets.txt - full of information you don't mind others seeing)
3) Create a hidden volume (within the first encrypted volume) (password=secret)
4) Put your real secret stuff in here.

When you use the partition you use the (password=secret) and get access to the hidden volume, should the police turn up tell them that the password is dummy, and all they see is "secrets.txt"

The clever part is that it is impossible to tell whether there is a hidden volume or not as the space that it occupies is normally full of random data anyway.

More details here:
http://www.truecrypt.org/docs/?s=security-precautions

Truecrypt solves this problem: Plausible Deniability

In effect, you can encrypt some stuff, and encrypt another volume with a different password. The second volume is indistinguishable from random data, so if you give the password to the first volume, there is no way to prove that you are witholding anything.

They also offer hidden volumes within encrypted volumes for the same reason. There's no way to ever prove that a person has withheld ALL of the passwords, or that any data even exists in that space.

You may find this interesting: http://www.truecrypt.org/docs/?s=plausible-deniability "In case an adversary forces you to reveal your password, TrueCrypt provides and supports two kinds of plausible deniability"

No need to overwrite your data, which would show hard drive activity, and which would have no effect, since police always work on copies. TrueCrypt provides a hidden volume. The TrueCrypt hidden volume is not detectable.

"I would also like to know how the authorities could possibly tell a properly encrypted file from one that only contains random data and consequently how they could prove that a filesystem is, in fact, encrypted."

In every country, lawmakers with no technical knowledge whatsoever are writing extremely ignorant laws about technical issues. In fact, the UK law makes no sense.

TrueCrypt is not affected by those AES attacks AT ALL. It might be a good idea to stop spreading FUD.
Source: http://forums.truecrypt.org/viewtopic.php?p=71455#71455

... Does anyone know why I can't format a new container with a MS file system/FS under Mac OS X 10.5.7? I don't even get FAT32 option which I want the container to be portable between Linux, Windows, and Mac OS X. I posted this in http://forums.truecrypt.org/viewtopic.php?p=70861 but got no replies so far. :(

Thank you in advance. :)

Yes... first go with whole disk encryption. (TrueCrypt)
Then personalize yourself a nice rootkit, hide your copy of PoisonIvy or similar, and keep the keylogger running.
If the thief does not reboot the pc, you will capture any personal information on him before he does. Once the PC reboots, your 20 diget key is in full effect..

The correct answer is truecrypt for Windows XP then simply encrypt the drive and voila! No password no data. But I can't think of any other way to totally brick it and still have it legal to travel with. After all customs tends to frown on C4, even if all you are doing is trying to teach thieves a valuable lesson in respecting peoples property.

Of course if you really wanted to make them suffer you could keep a small DOS partition and have it set to load in case of incorrect password and then use a batch file to play slides of Goatse and Tubgirl and maybe a few choice selections from 2 girls one cup, while playing a wav file of that damned annoying frog full blast on endless loop, but I think you may risk getting arrested for crimes against humanity. But I'm sure after the thief was done throwing up and washing out his eyes with bleach a valuable lesson would be learned.

Full disk encryption is what you want, http://www.truecrypt.org/ will do this for you. However, consider the overhead, and even as fast as TrueCrypt might be, Netbooks have only so many cycles to burn.

Consider switching to Linux so that you won't need additional (read: expensive) malware/antivirus/crapware eating up the remaining cycles :) Try https://wiki.ubuntu.com/UNR