Well, I’ve been playing again ;-)
After what had happened to TallBloke, and given that the TSA et. al. think they can just take any old laptop and copy it any time you want to travel, I thought maybe it was time to get around to encrypting stuff. (Well, more stuff… For a while now I’ve had a PGP encryption utility for individual documents and the various unix utilities that let you whomp up modest levels of encryption)
What I’m talking about here is the ability to encrypt a file system so that anything you stuff onto it is automagically encrypted. You enter a password once when you mount the file system, then any file save / open is automatically encrypted / decrypted.
A brief survey led me to think TrueCrypt would serve my (admittedly very modest) needs. (And a h/t to whoever it was that posted the suggestion) I don’t really have any “secrets”. Life is a bit too boring for that now (thank God…) Mostly I just don’t like snoops. Especially officious snoops. Especially officious snoops who think a government paycheck give them power over others.
In a prior life I’d had particular fun running security operations at a couple of companies. (Mostly keeping bad guys out. Occasionally catching bad guys. Occasionally working with police of various flavors; and occasionally with TLAs* – but at arms length from the outside). So it’s not like I have “issues” with security. I just think the balance of “power” has tilted too far away from protecting personal liberties.
* TLA – Three Letter Agency. FBI, CIA, TSA, NSA, you know, LEO’s… (LEO being Law Enforcement Officer…)
A Story: Once, long ago, we set up a “honey pot” for hackers attempting to break in. An attractive and not-too-hard target. Lets you watch them (as they set off the hidden intruder alarms) so you can see what tools they have, what techniques they use, and if they do something ‘novel’, learn about it before they discover the main / real site… So, just for grins, I’d leave little “Easter eggs” for them to find. Have to keep things interesting so they hang around on the Honey Pot, after all… One of my favorites was to make a modestly large encrypted file that contained…. the encryption key to the file ;-)
It must be emotional hell to whack on a file named “Account Passwords” for Lord only knows how long, to discover it has a “modestly hard to crack, but crackable, short password” only to find that what is inside ia brief text saying: “Is this what you are looking for: passwordfoo2″ Yes, psy-ops are part of defending a site too ;-)
At any rate, I now have several encrypted file systems mounted on my computer. What’s in them? Why, all sorts of important secret things, not one of them has anything pointless like it’s own password… (well, maybe one or two ;-)
In early testing, I’m impressed with TrueCrypt.
It is very easy to use, and has a simple interface. Here’s a screen shot:
The algorithms it uses are strong. (Yes, you get to choose if you like). AES in 14 rounds, or a couple of others of similar strength (or better!). You can even choose to chain them in a few combinations. There are 3 Algorithms available: AES, Serpent, and Twofish. As near as I can tell, when you chain them, you only get one round of AES (but that’s OK…) and not all combinations are available. (For example, you can do AES or Twofish or AES-Twofish or Serpent-AES… but not AES-Serpent nor Twofish-AES. I think they are reasonable in putting the stronger encryption on the the outside, but it would be more “fun” to have a honey pot Easter Egg with increasing levels of difficulty ;-)
One a bit more digging, I found that this wasn’t really much of a limitation after all. You see, ANY file can be made into an encrypted file system. So far I’ve done it with plain text .txt and with bitmap .bmp files. It just doesn’t care. You can treat the file like any other. Back it up. Move it to another disk drive. Whatever. (just don’t overwrite the contents!) TrueCrypt lets you mount the encrypted file system inside of it and “voila” you have a “drive” that looks like any other. Say, the J drive…
Now the fun bit. On, say, J:\JunkFolder you can make a file J:\JunkFolder\Oldcrap.bmp (with an initial 0 bytes). Now inside the TrueCrypt applications, you can make THAT file another encrypted filesystem (of up-to the size of freespace in the first one…) You can use different encryption algorithms, hash functions; heck, even different file system types. ( I made an NTFS file system inside an encrypted FAT32 filesystem file…) Just for fun, I made a Serpent-Twofish-AES SHA-512 hash file system on an SD card (in a bitmap type file in with a bunch of pictures in a photos folder). Then, inside of it, made an AES (14 rounds) RIPEMD-160 file system using a .txt type file.
Turns out that even with all that nested encryption, speed was limited only by the SD card read/write speed.
For the test cases / Easter Eggs made on the computer directly, speed was quite good. It has a built in ‘benchmark’ feature available and depending on which method was chosen, speeds (for this laptop) were from about 49 MB/second for Serpent-Twofish-AES to 192 MB/sec for AES 14 rounds. Plenty fast, for sure.
Hidden File Systems – Steganography
But wait! There’s more!
You can make a limited kind of steganographic encrypted file system. In steganography, the data is scattered into a form that is conceptually a bit like a hologram. As you look at the data in different ‘angles’ you can find different views. One common method is to put a secret message in the last bit of the color of pixels in a picture. The human eye typically can’t see a ‘jitter’ of one pixel in, for example, hue, so that’s where you encode the secret email or plans or recipe for grandma’s soup. ( To counter this, some companies have a bit of software that automatically scrambles the last bit of image files… don’t want the kiddy porn getting past the image scanners hidden in a picture of Paris, after all… That’s Paris the city, not Paris the Hilton ;-)
In some of the Linux / Unix steganographic file systems you can have several (last I looked it was about 9 ) levels of password. Each one gives a view into a different “file system” all in the same block of bits.
Why do this?
Pretty simple, really. “Bad Guys” know that if they threaten you, you will give them the password. Even folks who think they are good guys (such as the US Government) may, by Force Of Law, compel you to give them the password. A steganographic file system lets you do that while NOT letting them get “the good stuff”. (The one with 9 levels is so that if they figure out it’s steganographic you have 8 bogus levels you can give them, one level of torture at a time… with the thought being that if they go for level 9, you likely didn’t “make it” some time back…)
For TrueCrypt there is only ONE level of steganography. That’s why I said it was a bit limited. HOWEVER: It has a ‘nice touch’. The hidden level is not protected from overwriting by the outer layer unless you chose to do so at the time you mounted the file system. IF the bad guy extorts the outer password, they don’t even know that the inner file system exists. THE ONLY thing that gives any indication it is there is if you give the hidden password at ‘mount time’, then it mounts the hidden file system.
So make a 100 GB file system, and have 50 GB in the hidden part, you can have what looks like a 1/2 full file system (decorate with what looks like important stuff, please!) that has another nearly 50 GB hidden. If the outer password is extorted, the file system is mounted as “normal” and looks like any other TrueCrypt filesystem. IFF anyone then writes data to it, the hidden stuff will be overwritten and destroyed. (In theory, one could be forced to mount it, and then say “Look, this is what’s here, I’ll show you it’s all a regular file system” and then drag some large folder into it. That would then overwrite the hidden bits…)
Plenty good enough for the Average Guy (especially as you could have the Stego file system inside some other file inside an encrypted volume…
Some More Features
The manual is over 118 pages. It’s not TOO hard (then again, I have some crypto background already) for the bits I read. But I’m no where near able to list all the features. Heck, I didn’t even read any of it prior to making the first file system; just the online notes of the Beginners Guide inside the FAQ
Mostly I just did the ‘novice install’ of a file system, then hit the tech specs part and a bit on what options were available.
What I liked the most was that these folks have thought about things in depth, have added the features that make it valuable, have left out he stuff that makes it hard to use, and have made sure the usual “stupid stuff” that breaks security are gone. So passwords and decrypted files only live in computer memory. Pull the cord, it’s gone.
You can chose to encrypt the whole disk, or given partitions, or flash disk, or files as filesystems. You can even put the entire operating system on an encrypted disk and be prompted for the password (or key files or key files on a fob) at boot time. Nice. Very nice. (I’ve not read that whole part of the manual as I’m unlikely to do it, but did note that the feature is there on a quick skim). You can even build encrypted file systems on CD or DVD for offline storage. Biggest issue I see is remembering the passwords. (Not a great idea to write them down where they can be easily found / extorted…)
It even allows for a hidden operating system on an encrypted partition.
As near as I can tell, the features ‘mix and match’, so in theory one could have a hidden OS on a hidden file system so that anything done (including all the various cookies, log files, history files, etc.) would be hidden and encrypted. Especially nice if you live in a country that punishes free speech and / or limits what you can look at. ( Or even just likes to put people in jail for ‘thought crimes’ like ‘hate speech’ or ‘being a skeptic’… As the rabid-Greens have said they would like to do via a requested “Climate Court”…)
Oh, and you can have the encrypted file systems automatically dismount (so require a new entry of the password) on any of: shutdown, logout, or screensaver activation. Yes, you could set your screensaver to 2 minutes, and if someone rings your doorbell in the dead of night, all it takes is asking them 120 seconds of questions until your open file system unmounts and goes back to requiring the password to decrypt and / or hidden… Don’t even need to touch the computer…
I Like It
All in all, I like the product.
It is open source freeware. It has thousands of very smart folks looking at it and contributing to it to assure it is not broken (and that no TLA has induced the corporate owner to put a back door into it …)
The interface is nearly trivial to use and the defaults are well thought out. IF you can create a new text file, click on 2 or three “yes do the default” choices, select your file in the selection window, click on ‘format’ and provide the same password twice, you can use it.
All the advanced features I’d want are there and then some (modulo that it would be fun to have more levels of Stego… but it’s easy to get confused with that many levels and damage or lose the hidden levels…). Heck, it may even solve one of the problems I’ve got with the HP Laptop. (HP did a particularly dumb kind of disk layout. It makes their automagic recovery feature work more easily, but it makes it a PITA to do a linux install on the box (no logical partitions, all physical and used). I plan to try installing a bootable Linux into one of the TruCrypt “disks” to see if that “fixes it” ;-) Though that will still leave the problem of needing a new ‘funny’ display driver 8-(
Again, I caution that it is EASY to forget or lose a password and there is no backdoor. It’s not like Microsoft Windows where if you forget things after a long vacation you can just get a Geek to break back in for you. Forget the password (say, after a car wreck and month in the hospital) and you have lost ALL the data on the encrypted partition. If that’s an unacceptable risk, then do something like using the VIN number from your car or your street address typed backwards. (And tell the method, though not the key itself, to a friend who can remind you after therapy ;-)
If you are sure you can accept that degree of ‘potential loss through security’, then consider putting some of your more sensitive things inside an encrypted file system. Especially if it is on an external device, a hacker breaking into the system can only get what you have open at the moment. (Assuming they don’t install monitoring code and you fail to notice it being active). Using a USB device with an activity light will further show if unexpected activity is happening (and you can just unmount the disk). I like “blinky lights” and more than once they have let me say “WHY is that disk / network / whatever active? I’m not doing anything…”
If nothing else, it at least means that if your laptop “goes walkies” (or is taken by a walk by TSA) you have ‘no worries’ about who saw what.
The TrueCrypt top level page where you can choose documentation, discussion, etc.
TrueCrypt Download (You have to choose Windows, Mac or Linux – yes it works on all three and filesystems can be moved between them ;-)
Why might you want to do this? Well, it doesn’t matter if it is your medical records (oh, wait, the Government is already demanding those…) or your financial data or love letters or just business proprietary information. IF you cross the US Border, it can be taken from you. Heck, if you are sitting at home drinking tea the Constable might bust in and demand your laptop. But, just to put a focus on it, this “black swan” story (someone deserves a h/t here) makes it clear what the New Normal is:
The United States Customs and Border Protection agency (CBP) asserts the unrestricted right to search laptop hard disks at the border. The Fourth and Ninth Circuit Courts of Appeal in the federal judicial system have recently given the CBP a green light to continue such searches. As the law now stands the CBP does not need a court order, a search warrant, a finding of probable cause or even a reasonable suspicion in order search your laptop hard disk. The CBP may pick travelers out for laptop searches entirely at random.
A bit further down it has a further warning:
Furthermore, if you think the CBP is unlikely to search your laptop because you are a respectable, well-dressed traveler, then consider this answer from the CBP website to the question, “How do officers decide which passengers to examine or search?”
Please be aware, some of CBP’s biggest seizures have come from inspections of “respectable looking” people, such as grandmothers, corporate executives, college professors, etc. Everyone is subject to a CBP inspection when they arrive in the U.S.
If even grandmothers are potentially suspect, then German venture capitalists and lawyers must be even more so.
So you have been warned.
Sitting at home with tea in hand, or crossing a border. Either one is sufficient for your disk to be archived by The Government and strangers to be wandering through all the files; rummaging around at will looking for some law to fit you.
It's trivial to encrypt the stuff on it, and even if all you use is the name of your spouses perfume, darned hard to decrypt. Oh, and for those SERIOUSLY at risk of TLA actions. Ponder the utility of a hidden Stego file system where the password is "I really DO NOT know!" that even if extracted via drugs is unlikely to be tried, and if it IS tried, is unlikely to have the capitalization and punctuation correct! (Security is often a mind game ;-)
If nothing else, think of the joy of having a 100 MB file named "Secret Formula" or "Chinese Plot", or even “FOIA To Be Released 2014″, visibly encrypted, and containing your shopping records ;-) Just knowing that someone, somewhere, is either wasting there time, or emotionally frustrated by it all, would be worth it…
In some small way, letting you say “I Am Spartacus!” too.