TTFA2: Hiding Stuff on your Computer

From HacktionLab: A UK-wide network tech-activists providing meet-ups, events, workshops, national skillshare gatherings and hacklabs
Jump to navigationJump to search

Hiding Stuff on your Computer

This chapter will;

  • Tell you about encrypting information on your computer
  • Detail 'misdirection' as a way of hiding sensitive information
  • give you an introduction to the encryption software TrueCrypt

There are three basic solutions for hiding files - physical hiding, encryption and misdirection. Physical hiding would mean using a portable medium such a USB key and keeping it in a secure location, only to be brought out for editing.

Encryption is another solution which does not require any physical movement of media. Encrypted data cannot be read directly and must go through some kind of unlocking in order to be useful. Only those with the key will be let in.

The third solution, which can be used in conjunction with the others, relies on what stage-magicians call "misdirection." This means placing the material of interest in a place on a block device (i.e. a hard disk), a filesystem, or within another file or container, where nobody would think to look; or if they did look there, they would not be able to prove that it was really anything other than random information. This last case is an example of plausible deniability.

Using True Crypt

The tool TrueCrypt, which is is available for Window, Mad and Llinux, uses both encryption and misdirection. TrueCrypt will protect your data from being accessed by locking it with a password that you will create. If you forget that password, you will lose access to your data! TrueCrypt uses a process called encryption to protect your files. Please bear in mind that the use of encryption is illegal in some countries. Rather than encrypting specific files, TrueCrypt creates a protected area, called a volume, on your computer. You can safely store your files inside this encrypted volume.

TrueCrypt offers the ability to create a standard encrypted volume or a hidden volume. Either one will keep your files confidential, but a hidden volume allows you to hide your important information behind less sensitive data in order to protect it, even if you are forced to reveal your TrueCrypt volume

There is help online for installing, encrypting and using hidden volumes using True Crypt as part of the Basic Internet Security book.

Encrypting in Ubuntu

Ubuntu and offers the user the chance to encrypt the home directory and your entire drive during the installation process. The installation wizard will ask you to choose the partitioning method where we need to choose the ‘Guided – use entire disk and set up encrypted LVM’ option to encrypt our entire hard disk.

Virtual Memory

On all modern operating systems (e.g. Linux, Windows or OS X), there exists a feature called virtual memory. This kicks in when more memory is required than is provided for by the RAM chips in your computer. On Windows this information is stored in the pagefile on your hard drive and on Linux, BSD or OS X, it is stored on the swap partition. If you are not encrypting your entire hard drive you must also encrypt the pagefile or swap space to prevent people from reading the information that is left there you.

When encryption doesn't work

if your computer/laptop has been bugged or compromised in some way and your keystrokes are being recorded, it doesn't matter how good your cryptography is. Using a secure operating system which prevents keylogger installation (such as Linux), is a useful first step towards enhanced security.

What Next?

  • Install TrueCrypt and try encrypting drive and creating hidden volumes
  • Try encrypting your drives when you next install Ubuntu