How to Hiding Your Files Made Easy?...sort of

>> Saturday, December 05, 2009

hard drive encryption / TheNetworkAdministrator.comWhat if you have important, or personal files that need to be protected? Would you hide them , encrypt them, or just stash them under your bed? To solve this dilemma I am going to show how to encrypt your entire OS. Sorry you Mac fanatics this technique isn't compatible with you guys yet.

For this project I am going to use TrueCrypt to handle the encryption. Why TrueCrypt? I choose TrueCrypt because it is an on-fly encryption system. Meaning that the data is automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. Any data that is store in a TrueCrypt volume cannot not be read or decrypted without the using the correct password.
  { Read Full story }

As I mentioned before there is a problem when using a program like TrueCrypt. When you decrypt a file and then access it your OS can and often does make a cache or a temp file of your document while you are working on it. Programs like word processors also make a backup of your document for crash recovery. So even if your document is encrypted your OS could be keeping a copy of your file in the open.

To get past this issue you would have to encrypt parts of your OS that would essentially make your OS quit working. Why is that you ask? Well because you have to log into the encryption software to get access to the encrypted OS info but you can't run the encryption software working without the OS running. So you're stuck in a chicken before the egg scenario.

This is where Parallels comes in. Parallels Workstation is desktop virtualization software. What it does is create a virtual space (or sandbox). Inside this sandbox you can install an OS that runs in a separate memory space from your primary OS. IT gives PC users with the ability to create completely networked, fully portable, entirely independent virtual machines on a single physical machine. When you install Parallels Workstation you then setup a virtual machine with settings design for your guest OS. Parallels will then create a configuration file and a hard drive image of your new virtual machine. These are the files we are going to be encrypting. By the way Parallels is a nice way to run some of those old windows 98 programs on your newer hardware.

The How-To:

For this How-To I am running MS Windows XP Service Pack 2 as my primary OS and MS Windows XP Service Pack 2 as my guest OS. I am setting it up with two XP installations because currently XP is the most used OS for desktops and famous for it's cache and temp files. Parallels Workstation is not limited to Windows XP for the primary or guest OS, it is just what I am going to be using for this How-To.

Once our primary OS is installed and fully updated, I am going to download and install TrueCrypt and Parallels Workstation. The order that you install either of these does not matter. Parallels Workstation as of this writing does cost about $50 US. TrueCrypt is free.

The Hardware I'll be running on:
IBM ThinkPad R40
CPU: P4 2.2GHz
Memory: 1GB of RAM
Video: ATI Mobility Radeon 7500
Network: Intel Pro/100 VE

The Install:
The TrueCrypt setup is straight forward. You will need to select the basics, the installation location, file extension association, etc ... And that's it.
The Parallels install is also just as straight forward. You will get a MS Windows warning when Parallels installs it NIC driver. Just click continue.

The Setup:
First you will need to create an encrypted volume with enough room for your OS. For MS Windows XP I recommend a minimum of 4GB. If you are going to using the encrypted OS for every day use you will need more space. TrueCrypt does support Hidden volumes. A hidden volume is True Crypt volume inside another TrueCrypt volume. Now how is this hidden you ask? When you create a TrueCrypt volume it is impossible to prove what if any data is within the volume, because all of the free space is filled with random data when the TrueCrypt volume is created. By design no part of a dismounted TrueCrypt volume can be distinguished from random data. Note: when you make a hidden volume it must have a different password than the outer TrueCrypt volume.

Open TrueCrypt; in the main window click Create Volume. This will open the TrueCrypt Volume Creation Wizard. Select Create a Standard TrueCrypt volume and click Next. The next screen we will be setting up the volume location. We are given the option of Selecting a File and selecting a device. For this How-To we are going to Select File. Then I am going to navigate to a folder for this demo I am going select C:\MyOS and then type in a file name, mine will be my_os. Click next and you will get the Encryption Options window. You will have a whole bunch of encryption options. Don't stress out about which one to select. They are all strong encryption standards, you my want to test the encryption algorithm just to make sure its compatible with your system. I am going to select the AES algorithm with the RIPEMD-160 Hash. If you have an encryption algorithm preference please feel free to use the algorithm that you feel most comfortable with. Select next and now we are going to choose the Volume Size.  I am going to use an 8000MB file that's 8GB for the math impaired. Then Select next. Now we are going to select the Volume Password. Here the rule is the strong the password the better the security. Strong encryption algorithms can fail with weak short passwords. A strong password is 20+ characters with letters, number and special characters (like punctuation marks).

Warning: TrueCrypt passwords are not recoverable, so do not forget your password.

Next we will be formatting our new volume; you will need to select a FAT volume if you want to create a hidden volume. Then click format. Now TrueCrypt will take a few minutes formatting your new volume. Depending on your system and the Volume size you choose, this may take a while. As I mentioned before TrueCrypt is write the free space in this volume with random data.

Now if you want to make a hidden volume, from the Volume Creation Wizard select hidden volume option and click next. Now for the Volume location select the, "create a hidden volume within an existing TrueCrypt volume", option and click next. Now for the Volume location select the file we created in the previous step. You will have to enter volume's password and select next. You cannot create a hidden volume inside a TrueCrypt volume that is already mounted. You will now select the Encryption options for the hidden volume. These steps are just like the steps for the Outer volume. I am going to leave the encryption on the defaults and click next. Now TrueCrypt will tell what the maximum size of you hidden volume can be. I am going to select 7000MB. This will leave me with about a 1GB of space in the outer volume to add files to if I wish. Select next. Now enter a new password different from the outer TrueCrypt volume. You can now select you file system options. I am going to select NTFS for my hidden partition. Click next and we are done with creating volumes.

Once TrueCrypt has finished formatting the Volume we can mount the volume and access it like we would any hard drive. From the TrueCrypt Window Select the Drive letter you want to mount TrueCrypt on. Click the Select File button. Find your Outer TrueCrypt volume we created in the first steps. Then click mount. Now you will be asked for a password. To access the hidden volume enter the password for the hidden volume here. If you want to access the outer volume enter the password for the outer volume here. I am going to select drive E:\ for the drive to mount my TrueCrypt volume on.

 Now start Parallels. If this is the first time you are running Parallels you will have to enter a validation key. You will be given the option to create a new Parallels file or Open an existing file. I am going to create a new file. From the Virtual Machine Wizard Window click next. I am going to create a custom VM and click next. For the Guest OS type select Windows, for the OS version select Windows XP. And click next. Now select the amount of ram you would like the new virtual machine to have access to. I am going to set it to 512MB of ram and click next. Now I am going to create a new virtual hard disk image and click next. For the virtual disk size I am going to leave the default of 4096MB and select the Expanding option. This will tell Parallels to start with a smaller disk size and grow as we need it too. Next tell Parallels where to save the virtual disk image too. Select E:\ where the TrueCrypt volume is mounted too. Then give it a filename. I am going to choose Wimp, and click next. You will then need to select your networking options. Choose Bridged Ethernet if you want to connect the new virtual machine to the Internet, choose Host-only if you want to create a private network with the Primary OS, or select Networking not required if you don't want the virtual machine to have any networking options and click next. If you are using the network then you will need to choose which network adapter you want the virtual machine to bridge to. Check,"connect cable" if you want the virtual machine to see the network as connected when we start it. Click next and finally give the virtual machine a name and set where to store the configuration file. I am going to save the configuration file in the TrueCrypt hidden volume. And then click Finish.

Installing the OS:
Now you will see the Parallels configuration window. You will need to put your Windows XP disk in your CD-ROM, and click the green Power ON button on the right. And you will see your new virtual machine start up just like a PC with a new hard drive. The new virtual machine will try to boot from the hard disk image first then the CD-ROM. When it boots into the CD-ROM you can install MS Windows like you normally would on a PC. If you want to re-install Windows or want your virtual machine to boot from the CD-ROM or your floppy change the Boot Sequence in the Parallels configuration window. Then click the power on button. Note if your click on the Power Off button it is just like turning your computer off. Your virtual machine may go through the improper shutdown procedures the next time you power it up.

And there you have it. You are now running an encrypted OS.

Some Points to Keep in Mind:

If you have mounted your TrueCrypt volume everything on the volume is decrypted automatically. So let say you are you have mounted a TrueCrypt volume on your laptop on someone steals the laptop out of your hands or you have put your laptop into hibernate without dismount your TrueCrypt volume. Then everything on that TrueCrypt volume with be accessible to the thief.
Also these steps outlined here do not in anyway encrypt your network traffic. Anything you accessed on the network through your virtual machine can be accessed by a third party if it is not encrypted by other means.

Also any vulnerability in the OS you use as your guest OS can be exploited just as a normal PC can be exploited. So you will need to update your virtual machine just like you would your PC.    

blog comments powered by Disqus

Post a Comment

Related Posts with Thumbnails

  © Blogger template Webnolia by 2009

Back to TOP