|
Hiding Your
Files Made Easy...sort of
Joseph Ritchey
 What
if you have important, or personal files that need to be protected?
Would you hide them , encrypt them, or just stash them under your
bed? To solve this dilemma I am going to show how to encrypt your
entire OS. Sorry you Mac fanatics this technique isn't compatible
with you guys yet.
For this project I am going to use TrueCrypt to handle the
encryption. Why TrueCrypt? I choose TrueCrypt because it is an
on-fly encryption system. Meaning that the data is automatically
encrypted or decrypted right before they are loaded or saved,
without any user intervention. Any data that is store in a TrueCrypt
volume cannot not be read or decrypted without the using the correct
password.
As I mentioned before there is a problem when using a program like
TrueCrypt. When you decrypt a file and then access it your OS can
and often does make a cache or a temp file of your document while
you are working on it. Programs like word processors also make a
backup of your document for crash recovery. So even if your document
is encrypted your OS could be keeping a copy of your file in the
open.
To get past this issue you would have to encrypt parts of your OS
that would essentially make your OS quit working. Why is that you
ask? Well because you have to log into the encryption software to
get access to the encrypted OS info but you can't run the encryption
software working without the OS running. So you're stuck in a
chicken before the egg scenario.
This is where Parallels comes in. Parallels Workstation is desktop
virtualization software. What it does is create a virtual space (or
sandbox). Inside this sandbox you can install an OS that runs in a
separate memory space from your primary OS. IT gives PC users with
the ability to create completely networked, fully portable, entirely
independent virtual machines on a single physical machine. When you
install Parallels Workstation you then setup a virtual machine with
settings design for your guest OS. Parallels will then create a
configuration file and a hard drive image of your new virtual
machine. These are the files we are going to be encrypting. By the
way Parallels is a nice way to run some of those old windows 98
programs on your newer hardware.
The How-To:
For this How-To I am running MS Windows XP Service Pack 2 as my
primary OS and MS Windows XP Service Pack 2 as my guest OS. I am
setting it up with two XP installations because currently XP is the
most used OS for desktops and famous for it's cache and temp files.
Parallels Workstation is not limited to Windows XP for the primary
or guest OS, it is just what I am going to be using for this How-To.
Once our primary OS is installed and fully updated, I am going to
download and install TrueCrypt and Parallels Workstation. The order
that you install either of these does not matter. Parallels
Workstation as of this writing does cost about $50 US. TrueCrypt is
free.
The Hardware I'll be running on:
IBM ThinkPad R40
CPU: P4 2.2GHz
Memory: 1GB of RAM
HDD: 80GB
Video: ATI Mobility Radeon 7500
Network: Intel Pro/100 VE
The Install:
The TrueCrypt setup is straight forward. You
will need to select the basics, the installation location, file
extension association, etc ... And that's it.
The Parallels install is also just as straight forward. You will get
a MS Windows warning when Parallels installs it NIC driver. Just
click continue.
The Setup:
First you will need to create an encrypted
volume with enough room for your OS. For MS Windows XP I recommend a
minimum of 4GB. If you are going to using the encrypted OS for every
day use you will need more space. TrueCrypt does support Hidden
volumes. A hidden volume is True Crypt volume inside another
TrueCrypt volume. Now how is this hidden you ask? When you create a
TrueCrypt volume it is impossible to prove what if any data is
within the volume, because all of the free space is filled with
random data when the TrueCrypt volume is created. By design no part
of a dismounted TrueCrypt volume can be distinguished from random
data. Note: when you make a hidden volume it must have a different
password than the outer TrueCrypt volume.
Open TrueCrypt; in the main window click Create Volume. This
will open the TrueCrypt Volume Creation Wizard. Select Create a
Standard TrueCrypt volume and click Next. The next screen we
will be setting up the volume location. We are given the option of
Selecting a File and selecting a device. For this How-To we are
going to Select File. Then I am going to navigate to a folder
for this demo I am going select C:\MyOS and then type in a file
name, mine will be my_os. Click next and you will get the
Encryption Options window. You will have a whole bunch of
encryption options. Don't stress out about which one to select. They
are all strong encryption standards, you my want to test the
encryption algorithm just to make sure its compatible with your
system. I am going to select the AES algorithm with the RIPEMD-160
Hash. If you have an encryption algorithm preference please feel
free to use the algorithm that you feel most comfortable with.
Select next and now we are going to choose the Volume Size.
I am going to use an 8000MB file that's 8GB for the math impaired.
Then Select next. Now we are going to select the Volume Password.
Here the rule is the strong the password the better the security.
Strong encryption algorithms can fail with weak short passwords. A
strong password is 20+ characters with letters, number and special
characters (like punctuation marks).
Warning: TrueCrypt passwords are not recoverable, so do not
forget your password.
Next we will be formatting our new volume; you will need to select a
FAT volume if you want to create a hidden volume. Then click format.
Now TrueCrypt will take a few minutes formatting your new volume.
Depending on your system and the Volume size you choose, this may
take a while. As I mentioned before TrueCrypt is write the free
space in this volume with random data.
Now if you want to make a hidden volume, from the Volume Creation
Wizard select hidden volume option and click next. Now for the
Volume location select the, "create a hidden volume within an
existing TrueCrypt volume", option and click next. Now for the
Volume location select the file we created in the previous step. You
will have to enter volume's password and select next. You cannot
create a hidden volume inside a TrueCrypt volume that is already
mounted. You will now select the Encryption options for the hidden
volume. These steps are just like the steps for the Outer volume. I
am going to leave the encryption on the defaults and click next. Now
TrueCrypt will tell what the maximum size of you hidden volume can
be. I am going to select 7000MB. This will leave me with about a 1GB
of space in the outer volume to add files to if I wish. Select next.
Now enter a new password different from the outer TrueCrypt volume.
You can now select you file system options. I am going to select
NTFS for my hidden partition. Click next and we are done with
creating volumes.
Once TrueCrypt has finished formatting the Volume we can mount the
volume and access it like we would any hard drive. From the
TrueCrypt Window Select the Drive letter you want to mount TrueCrypt
on. Click the Select File button. Find your Outer TrueCrypt volume
we created in the first steps. Then click mount. Now you will be
asked for a password. To access the hidden volume enter the password
for the hidden volume here. If you want to access the outer volume
enter the password for the outer volume here. I am going to select
drive E:\ for the drive to mount my TrueCrypt volume on.
Now start Parallels. If this is the first time you are running
Parallels you will have to enter a validation key. You will be given
the option to create a new Parallels file or Open an existing file.
I am going to create a new file. From the Virtual Machine Wizard
Window click next. I am going to create a custom VM and click next.
For the Guest OS type select Windows, for the OS version select
Windows XP. And click next. Now select the amount of ram you would
like the new virtual machine to have access to. I am going to set it
to 512MB of ram and click next. Now I am going to create a new
virtual hard disk image and click next. For the virtual disk size I
am going to leave the default of 4096MB and select the Expanding
option. This will tell Parallels to start with a smaller disk size
and grow as we need it too. Next tell Parallels where to save the
virtual disk image too. Select E:\ where the TrueCrypt volume is
mounted too. Then give it a filename. I am going to choose Wimp, and
click next. You will then need to select your networking options.
Choose Bridged Ethernet if you want to connect the new virtual
machine to the Internet, choose Host-only if you want to create a
private network with the Primary OS, or select Networking not
required if you don't want the virtual machine to have any
networking options and click next. If you are using the network then
you will need to choose which network adapter you want the virtual
machine to bridge to. Check,"connect cable" if you want the virtual
machine to see the network as connected when we start it. Click next
and finally give the virtual machine a name and set where to store
the configuration file. I am going to save the configuration file in
the TrueCrypt hidden volume. And then click Finish.
Installing the OS:
Now you will see the Parallels configuration
window. You will need to put your Windows XP disk in your CD-ROM,
and click the green Power ON button on the right. And you will see
your new virtual machine start up just like a PC with a new hard
drive. The new virtual machine will try to boot from the hard disk
image first then the CD-ROM. When it boots into the CD-ROM you can
install MS Windows like you normally would on a PC. If you want to
re-install Windows or want your virtual machine to boot from the
CD-ROM or your floppy change the Boot Sequence in the Parallels
configuration window. Then click the power on button. Note if your
click on the Power Off button it is just like turning your computer
off. Your virtual machine may go through the improper shutdown
procedures the next time you power it up.
And there you have it. You are now running an encrypted OS.
Some Points to Keep in Mind:
If you have mounted your TrueCrypt volume everything on the volume
is decrypted automatically. So let say you are you have mounted a
TrueCrypt volume on your laptop on someone steals the laptop out of
your hands or you have put your laptop into hibernate without
dismount your TrueCrypt volume. Then everything on that TrueCrypt
volume with be accessible to the thief.
Also these steps outlined here do not in anyway encrypt your network
traffic. Anything you accessed on the network through your virtual
machine can be accessed by a third party if it is not encrypted by
other means.
Also any vulnerability in the OS you use as your guest OS can be
exploited just as a normal PC can be exploited. So you will need to
update your virtual machine just like you would your PC.
|
