Tuesday, October 29, 2013

Hide Your Computer In Your Computer


In the age of universal government surveillance, censorship and corruption there may be times that necessitate the hiding of sensitive information. The best way to prevent the discovery of the data is to make it appear that it doesn't exist.
Truecrypt can be used to hide files and operating systems(OSs). This tutorial will demonstrate how to install a hidden Windows 7 OS. This tutorial will be using VMware Player. However, the steps used in this tutorial can be used used with physical computers as well.
You can find out more about Truecrypt at http://www.truecrypt.org/.

Planning

The key consideration when planning your deployment of the hidden OS is the size of the hidden OS.
The disk or VMDK (virtual machine disk) will be divided into two partitions. Partition 2, which will contain the hidden OS must be 110% the size of the hidden OS. Therefore if the hidden OS is 60GB partition 2 must be at least 126GB in size. Partition one, which will house the hidden OS before it is encrypted and hidden will be 60GB as well. Therefore the total size of the disk/VMDK will have to be a minimum of 186GB.

Disk layout for a hidden OS


Installing the Hidden OS

Prerequisites:
  • This tutorial assumes that you have VMware Player installed on your computer. Please refer to www.vmware.com for more information about installing and using VMware Player.
  • Windows 7 ISO (disk image) with license key

Creating the Virtual Machine

  1. Open VMware Player.
  2. Create a new virtual machine by clicking on Create a New Virtual Machine.
  3. Choose I will install the operating system later and click Next.
  4. Choose Microsoft Windows and Windows 7 for the version and click Next.
  5. Create a name for the VM, choose a location to store the VM and click Next.
  6. Set the Maximum disk size to 190GB, choose Store virtual disk as a single file and click Next.
Note: The disk will be partitioned into two partitions, on 60GB and one 130GB.
  1. Click Customize Hardware and make the following changes before clicking Close and Finish.
    1. Memory: 2048MB
    2. Processors: 2
    3. New CD/DVD (SATA): Use ISO image (choose the Windows 7 ISO)
    4. Network Adapter: Bridged

Installing the Hidden OS

  1. Choose the newly added VM and click Play virtual machine.
  2. Set the Time and currency format for your country and click next.
Note: The Keyboard or input method must be set to US.
  1. Click Install Now.
  2. Accept the EULA and click Next.
  3. Click Custom (advanced).
  4. Click Drive Options (advanced).
  5. Click New.
  6. Set the Size to 61440MB and click Apply, and the click OK at the warning.
  7. Click Next.
  8. Enter a user name and add a computer name and click Next.
  9. Enter a password and hint and click Next.
  10. Click Use recommended settings.
  11. Choose the correct time zone and click Next.
  12. Choose your location (normally home or work) and click Next.
  13. Click Skip.
  14. Install the Windows license.
    1. Click on the Start button.
    2. Right click on computer and choose Properties.
    3. Click Change Product Key.
    4. Enter the product key and click Next.
  15. Add the second partition to the disk.
    1. Click on the Start button.
    2. Right click on computer and choose Manage.
    3. Click one Storage, Disk Management.
    4. On Disk ) there should be 130GB which are Unallocated.
    5. Right click on the unallocated space and choose New Simple Volume.
    6. Choose Next.
    7. Accept the default simple volume size and click Next.
    8. Choose the default drive letter and click Next.
    9. Click Next.
    10. Click Finish.
  16. Install Windows updates and any other desired software (VPN, proxies, GPG, TOR, etc).
  17. Finally, install Truecrypt.

Installing Truecrypt

  1. Run TrueCrypt Setup 7.1a.exe.
  2. Accept the EULA and click Next.
  3. Choose install and click Next.
  4. Accept the default installation settings and click Install.
  5. Once the installation has completed click OK.
  6. Click Finish.

Configuring The Hidden OS

  1. Run Trucrypt.
  2. Click System, Encrypt System Partition/Drive.
  3. Choose Hidden and click Next.
  4. Read about Hidden Operation Systems and click Next.
  5. Read the warning and click Yes.
  6. Read the information presented and click OK.
  7. When prompted by UAC click Yes.
  8. Read the page file warning and click Yes.
The system reboots
  1. Log in.
  2. Run Trucrypt.
  3. Click System, Encrypt System Partition/Drive.
  4. Choose Hidden and click Next.
  5. Read about Hidden Operation Systems and click Next.
  6. Read the warning and click Yes.
  7. Read the information presented and click OK.
  8. When prompted by UAC click Yes.
  9. Choose Multi-boot and click Next.
  10. Read the warning and choose Yes.
  11. Read the warning and choose Yes.
  12. Read the warning and choose Yes.
  13. Read the warning and choose Yes.
  14. On the Outer Volume page click Next.
  15. Choose the default settings and click Next.
  16. Choose the default outer volume size and click Next.
  17. Choose a password that you will be able to reveal to an attacker and click Next.
  18. Choose No and click Next.
  19. Move your mouse around randomly for a few moments and click Format.
  20. Read the warning and choose Yes.
The outer volume is now encrypted.
  1. Once the outer volume has been created click Next.
  2. On the hidden volume page click Next.
  3. Read the warning and click OK.
  4. Choose the default settings and click Next.
  5. Read the keyboard warning and choose OK.
  6. Read the password warning and click OK.
  7. Choose a strong secret password that you will not reveal to an attacker and click Next.
  8. Move your mouse around randomly for a few moments and click Format.
  9. Once the hidden volume is created click Next.
  10. On the Clone Operating System page click Start.
  11. You will be asked to restart. Click Yes.
The computer will now reboot
  1. Type the password for the hidden system and hit Enter.
The hidden volume will be encrypted
  1. Type the password for the hidden system and hit Enter.
  2. Log in to Windows.
  3. Read the warning and click OK.
  4. On the Hidden System Started page click Next.
  5. On the Original System page click Next.
  6. On the Wipe Mode page click Next.
  7. On the Wiping page click Wipe.
  8. Read the warning and click OK.
  9. Move the mouse randomly for a few moments and click Continue.
  10. On the UAC popup click Yes.
  11. On the popup click OK.
  12. Read the instructions and click OK.
  13. Read the warning and click OK.
  14. Click Exit.
  15. Shutdown your computer and wait a 10 minutes for the RAM to clear.

Installation of the Decoy OS

  1. Open VMware Player.
  2. Choose the newly added VM and click Play virtual machine.
  3. One the VM starts, click on the back screen and hit F2.
  4. Change the boot order:
    1. Choose Boot
    2. Choose CD-ROM Drive and then click “+” twice or until it reaches the top of the list.
    3. Hit F10.
    4. Choose Yes and hit enter.
  5. When the VM reboots hit the enter key.
  6. Set the Time and currency format for your country and click next.
Note: The Keyboard or input method must be set to US.
  1. Click Install Now.
  2. Accept the EULA and click Next.
  3. Click Custom (advanced).
  4. Click on Disk 0 Partition 2 and click Next.
  5. Enter a user name and add a computer name and click Next.
  6. Enter a password and hint and click Next.
  7. Click Use recommended settings.
  8. Choose the correct time zone and click Next.
  9. Choose your location (normally home or work) and click Next.
  10. Click Skip.

Installing Truecrypt

  1. Run TrueCrypt Setup 7.1a.exe.
  2. Accept the EULA and click Next.
  3. Choose install and click Next.
  4. Accept the default installation settings and click Install.
  5. Once the installation has completed click OK.
  6. Click Finish.

Configuring Encrypting the Decoy OS

  1. Run Trucrypt.
  2. Click System, Encrypt System Partition/Drive.
  3. Choose Normal and click Next.
  4. Choose Encrypt the Windows system partition and click Next.
  5. Choose Single-boot and click Next.
  6. Choose the default encryption options and click Next.
  7. Read the warning and click OK.
  8. Enter a strong password for the Windows partition that can be given to an attacker and click Next.
  9. Move your mouse randomly on the screen for a couple moments and then click Next.
  10. When the UAC pops up click Yes.
  11. Click Next.
  12. On the Rescue Disk page click Next.
  13. Read the warning and click OK.
  14. Click Burn and create the Recovery Disk.
  15. With the newly burned rescue disk in the CD/DVD-ROM, click Next.
  16. Once the Rescue Disk is verified click Next.
  17. On the wipe mode page click Next.
  18. On the System Encryption Pretest page click Test.
  19. Read the notes and click OK.
  20. When prompted reboot the computer.
  21. When the computer reboot enter the new decoy encryption password.
  22. When the Pretest Completed page opens click Encrypt.
  23. Read the warning and click OK.
  24. When the UAC pops up click Yes.
  25. Click finish.

Note: Once you have completed the installation of the decoy OS you should reboot the computer VM. As the VM restarts click F2 and set the boot order so that the VM boots from disk.
When you boot your computer your will be asked for a password. Enter the decoy password to access the decoy computer or enter the secret password to access the hidden OS. Ideally you should use the decoy OS as often as possible and only use the hidden OS when you need to be careful about your privacy.

Conclusion

Truecrypt is a powerful technology that can help you protect your information. Now that you know how to hide your OS take the time to learn how to encrypt files and volumes. 
Your privacy is a right. Fight for it and defend it!

Stand Tall,
Cameron Mottus









No comments:

Post a Comment