Plausible Deniability

Soldato
Joined
18 Oct 2002
Posts
10,163
Location
7th Level of Hell...
Is this relatively easy to set up? Is it possible to mess up the safe OS so you can't access the hidden OS... if you see what I mean?

AFAIK it is relatively straightforward to setup as the TC program does it all for you. Its the using of each OS that has certain caveats which can be found here - http://www.truecrypt.org/docs/hidden-operating-system



I was slightly wrong (just refreshed my memory). Effectively you have a single HDD with 2 partitions. The safe OS is loaded onto partition 1 and the 2nd partition is encrypted separately.

image.png


Within the 2nd partition resides the "Hidden OS" (not the whole partition, just part of it). This is separately encrypted from partition 2's encrypted volume i.e. you have 3 encrypted "bits":

1. Safe OS encrypted on partition 1
2. Safe VOLUME encrypted on partition 2
3. Hidden OS encrypted within partition 2

***I will explain the "handing over of passwords for plausible deniability at the end"***


When you boot up your PC, the TC loader will kick in and ask for you OS password:

1.If you put in the "safe password" then it will load up the safe OS from partition 1
2. If you put in the Hidden OS password then it will load up the hidden OS from within partition 2


Now because both OS's exist on separate partitions, they do not interfere with each other and you can faff around without fear of overwriting the other OS (TC makes each of the alternate OS's data regions read only)


I hope this kinda explains how the OS's are separate and are protected from each other?


-------------------------------------------------


Now to achieve plausible deniability, you have to do use your PC in certain ways which are described in the link at the top. The MAIN thing to do is to use your SAFE OS as much as possible for your everyday mundane tasks i.e only use your HIDDEN OS for stuff you want to keep hidden.

The reason for this is because using an OS builds up a whole array of deleted files and file segments through normal everyday use. If you don't use an OS then the OS will look, basically, pristine. This will not fool someone trained in computer forensics as they will look for certain things to be present within an OS as standard.

By using the safe OS as much as possible and only the hidden OS when needed, you build up these elements making it look like you only have 1 OS on the drive.


For the Safe VOLUME (partition 2) - Put some family pictures or other stuff you don't mind sharing with law enforcement but would have "a valid excuse for keeping encrypted in case my PC got nicked".


-------------------------------------------------------------------------

Back to the "handing over of passwords" I mentioned near the start:

Effectively you have 3 passwords now:

1. Safe password 1 for the Safe OS encrypted on partition 1 - used at login
2. Safe password 2 for the Safe VOLUME encrypted on partition 2 - used when logged in to SAFE OS ONLY
3. Hidden password for the Hidden OS encrypted within partition 2. - used at login



The person looking at your PC knows only 2 certain things:

1. You have an encrypted OS on partition 1
2. You have a Truecrypt volume on partition 2


You can safely hand over both "safe" passwords. All this will allow the person to do is access your safe OS (which has no sensitive stuff on it) and also your Safe Volume on partition 2.

The hidden OS is still safe as, when the unlocked Safe Volume is looked at, it will show up as filling the entire partition yet the Hidden OS is still encrypted and will just look like unallocated drive space.


--------------------------------------------------------------------------


Plausible deniability:

Safe OS - "I have this in case my PC got nicked and I don't want people to get at it"
Safe VOLUME - "I keep my personal photos etc in here. It's not on the main OS partition as I need to keep them separate if I ever reinstall my OS"

Hidden OS - Well, this is almost impossible to prove.


meh... tl;dr :p
 
Soldato
Joined
20 Aug 2010
Posts
8,201
Seriously, I know that I am tired today but....huh?

Right, I would imagine that forensics people would be able to at least detect the hidden OS.

Nope, incorrect they can't.
There is a common myth surrounding truecrypt that you can detect hidden layers by writing to the normal layer. It's not true, if you carry on writing data it will just go on top of the hidden layer.
Edit: Hidden OS might be possible to detect, I am unsure though. Hidden layers are impossible to detect.
 
Caporegime
Joined
30 Jun 2007
Posts
68,770
Location
Wales
So, let's say you were a secret agent that had a hard drive full of top secret documents that you didn't want anyone to access, unless you gave them a password. If the police found them, you would be sentenced to infinite years in prison.

If you were to use Truecrypt and used the hidden OS feature, would that be enough to stop anybody finding your data about pirate ships? Does the 'plausible deniability' work as it should? If you said that no OS existed other than the one they could see, could they prove otherwise? If not, how come?

If the police asked you for a password for an OS they could see, you would have to give it to them, as far as I know. Then you would fail as a secret agent.

Thanks,
yhack


yeah except in real life they'll just pull, your finger nails out and water board you till you crack and tell them the password.#


security.png
 
Last edited:
Soldato
Joined
7 Nov 2009
Posts
19,798
Location
Glasgow
Are their any legitimate reasons as to why anyone would want to have a hidden OS/partition in this country? I can only think you'd want one if you were hiding something illegal.
 
Caporegime
Joined
30 Jun 2007
Posts
68,770
Location
Wales
Are their any legitimate reasons as to why anyone would want to have a hidden OS/partition in this country? I can only think you'd want one if you were hiding something illegal.


maybe secret work documents, or unpatented ideas, financial info etc?

or just to play with.
 
Soldato
Joined
20 Aug 2010
Posts
8,201
Are their any legitimate reasons as to why anyone would want to have a hidden OS/partition in this country? I can only think you'd want one if you were hiding something illegal.

I don't have a hidden os, but I use just normal encryption. Anyone should really if you don't want someone using your computer. Also in the future I plan to create a decoy OS, have a hidden partition with my real OS and then have a decoy OS in the normal partition. My plan is then to write the password of the normal partition on the computer case. So if someone steals it, they log into the decoy OS. Which has monitoring software, that sends keystrokes, screen shots, IP address.
 
Soldato
Joined
7 Nov 2009
Posts
19,798
Location
Glasgow
I don't have a hidden os, but I use just normal encryption. Anyone should really if you don't want someone using your computer. Also in the future I plan to create a decoy OS, have a hidden partition with my real OS and then have a decoy OS in the normal partition. My plan is then to write the password of the normal partition on the computer case. So if someone steals it, they log into the decoy OS. Which has monitoring software, that sends keystrokes, screen shots, IP address.

Sheesh, you're a bit paronoid.
 
Soldato
Joined
20 Aug 2010
Posts
8,201
Sheesh, you're a bit paronoid.

If my computer gets stolen then I am sure that they won't get away with it :D. I have yet to do it though, the only problem is that I don't want anti virus software to pick up on it. Knowing the state of our country, it will take a while before the police could get to them. I might have to end up writing my own software :(.
 
Soldato
Joined
7 Nov 2009
Posts
19,798
Location
Glasgow
It just seems a little drastic. It's likely that whoever robs your computer really isn't concerned about what is it on, they are just nicking it too make a quick buck selling it on down the pub or something. I still don't understand why people would want to go to such lengths to 'hide' their data unless it was illegal.
 
Permabanned
Joined
9 Aug 2008
Posts
35,707
It just seems a little drastic. It's likely that whoever robs your computer really isn't concerned about what is it on, they are just nicking it too make a quick buck selling it on down the pub or something. I still don't understand why people would want to go to such lengths to 'hide' their data unless it was illegal.

That's the only reason to hide certain data. If it could lead you into a lot of trouble.
 
Soldato
Joined
20 Aug 2010
Posts
8,201
Just think how many passwords you have, facebook, email. Your computer can tell anyone anything, I would rather not have anyone looking at it. It takes about 10 minutes to encrypt your drive! It's certainly not overkill and there is not any lag at all.
I actually value my privacy, encryption is a very easy way to protect it.
 
Soldato
OP
Joined
6 Jan 2005
Posts
3,633
Location
Cambridge
then why are they arresting you?

They might take your computer to try and find evidence for anything. If they find pirated music or software, it's not going to make it any easier.

My netbook is encrypted with TrueCrypt, so when I take it on holiday, if it's stolen, no one will be able to log into my email or get any of my passwords. They could sell the netbook on, but they wont be able to access any of my data. I value the data more than the hardware.

I would rather no one except me could see my private data. Unfortunately, if the police asked you for the password, you have to give it to them.

It just seems a little drastic. It's likely that whoever robs your computer really isn't concerned about what is it on, they are just nicking it too make a quick buck selling it on down the pub or something. I still don't understand why people would want to go to such lengths to 'hide' their data unless it was illegal.

I'm sure you have information that isn't illegal but you don't want others knowing.
 
Last edited:
Soldato
Joined
7 Nov 2009
Posts
19,798
Location
Glasgow
Another thing that I don't understand is that you are worried about people getting your passwords if your computer is stolen. I'm not sure about you, but I don't have my computer remembering all my passwords - what would the point be? It would be akin to writing your PIN on your bank card.

No, there is nothing on my computer harddrive that I would mind anyone looking at. There's some personal stuff but I really don't care if anyone reads my emails between me and my girlfriend.
 
Soldato
Joined
21 Nov 2008
Posts
4,663
It just seems a little drastic. It's likely that whoever robs your computer really isn't concerned about what is it on, they are just nicking it too make a quick buck selling it on down the pub or something. I still don't understand why people would want to go to such lengths to 'hide' their data unless it was illegal.

How do you know they're not concerned about what's on it? I would be. Windows passwords do absolutely nothing, therefore encryption is needed.

That's the only reason to hide certain data. If it could lead you into a lot of trouble.

That's quite short sighted.

No, there is nothing on my computer harddrive that I would mind anyone looking at. There's some personal stuff but I really don't care if anyone reads my emails between me and my girlfriend.

You don't ask your browser to save your passwords?

I really don't care if anyone reads my emails between me and my girlfriend.

Or porn of you and her.
 
Soldato
OP
Joined
6 Jan 2005
Posts
3,633
Location
Cambridge
Another thing that I don't understand is that you are worried about people getting your passwords if your computer is stolen. I'm not sure about you, but I don't have my computer remembering all my passwords - what would the point be?
It makes everything easier. If no one can even get to the Windows loading screen, there's nothing to worry about.

It would be akin to writing your PIN on your bank card.
It would be like writing your PIN on your bank card, but you keep your bank card in an invisible, uncrackable safe.

No, there is nothing on my computer harddrive that I would mind anyone looking at. There's some personal stuff but I really don't care if anyone reads my emails between me and my girlfriend.
Well I think a lot of people keep many personal details on their computer, including photos, receipts, CVs, code. There's details of friends and family on my computer, which I don't want anyone getting either.
 
Back
Top Bottom