Using an unecrypted decoy OS with truecrypt hidden OS

Securitytruecrypt

Can the truecrypt bootloader be configured to run a non-encrypted operating system as well as an encrypted operating system on the same computer? That is, a dual-boot with an unencrypted "guest use" OS while still allowing a password-protected encrypted OS?

Best Answer

  • Despite being a bad decoy, you can still use an unencrypted system as the decoy by simply not encrypting the decoy OS after you install it, using the TrueCrypt rescue disk to restore the boot loader, and pressing [ESC] on boot, to boot the decoy.

    To boot the hidden OS, you type your password for it.

    You may want to change the boot loader screen to show a custom message such as "Press [ESC] to continue." so at first glance, no one else will realize that there is an encrypted hidden OS.

    When your decoy OS boots, it can see all the other partitions. You may then want to install tracking software (such as Prey) in case your computer or laptop gets stolen.

    You may also want to install something that formats and overwrites your encrypted partitions so basically it will destroy your hidden OS. You might as well make it destroy the decoy OS by deleting everything.

    So what happens is, upon boot, you have 2 choices:

    1. type your hidden OS password, and use your hidden OS as normal.
    2. type the wrong password, and it will simply hang. reboot.
    3. press [ESC] and it will boot your unencrypted decoy OS that will immediately attempt to locate itself and send an email to you, destroy the encrypted partitions, and destroy itself.

    The forensic team or dude will have to image your drive first, but it's possible they won't get that chance and your hidden OS will be safe (and gone.)

    Or maybe you are not concerned about the loss of data as much as the recovery of your stolen laptop, so therefore you have an unencrypted decoy OS that phones home when the thief uses it.

    You can make it easy for the thief to be distracted by installing 3 web browsers (Firefox, Internet Explorer and Chrome) and a bunch of freeware games and they are all on the desktop. Then you can secure the decoy OS by using a guest account, or using something like Deep Freeze to prevent permanent changes to the decoy OS.

  • Related Question