Encrypt your entire hard drive!

What's your best defense against a boot CD that breaks Windows passwords in two keystrokes? Encrypting your entire hard disk. Shannon's got the details on truecrypt drive encryption while Darren brings up plausible deniability with hidden volumes.

Encrypting your entire hard drive

Truecrypt is an open-source, free program for everyone. Download the latest version of Truecrypt.

Open Truecrypt and choose ëCreate Volumeí. Choose ëEncrypt entire hard driveí. Then, you will choose whether you single-boot or multi-boot your machine.

On the encryption options, I just choose AES because it is the default setting, and itís a very strong encryption.

Next you will choose a password. This option is neat because it actually gives you a small notice saying that a password with less than 20 characters is easier to break than one with more than 20.

On the next page, you must randomize your data. You must move your mouse around in the box of algorithms to create a very randomized clump of data. The more randomized, the better encrypted.

Truecrypt will make your create a rescue disk. This is easy if you have a cd burner already installed in your tower. If not (if you have a netbook), you must create the rescuedisk.iso and burn it onto a flashdrive or something of the like. You are basically making Truecrypt think you have a cd burner and are burning the cd, when instead, you are just sticking the iso on a USB flashdrive.

For my netbook, I used WinCD Emu. WinCD Emu emulates the burning of a cd, so Truecrypt thinks youíve finished this task.

Truecrypt will ask you to wipe your drive, and I just choose none since I donít really need to. Next you must go through a pretest. Your computer will restart and a Truecrype login screen will appear before the windows login (this is why Konboot wouldnít work!). If everything goes well and the pretest completes with no problems, you can begin encrypting. Encryption takes a LONG time, so be patient! Once itís done, itíll prompt you, and youíre finished!

For a more in depth step by step, go here.

And as always, you can email me at snubs@hak5.org!

Plausible Deniability with Hidden Truecrypt Volumes

Plausible Deniability basically means being able to deny awareness of something. For a more rich explination check out Wikipedia's article on the subject, it's quite interesting.

In regards to Truecrypt, our subject of the week, Plausible Deniability referrs to the ability to hide encrypted volumes within encrypted volumes. Since it cannot be proven that a hidden volume exists within a truecrypt volume.

Hidden volumes can contain just about any data, including entire operating systems. It is important to note that the sectors of a hidden volume do not change over time. If an adversary had access to the outer volume contents over a period of time the existance of a hidden volume could be proven if files were never read or written to or from these sectors.

Questions? Comments? Write me directly, Darren@Hak5.org or send feedback to the entire Hak5 crew.