Truecrypt gives warning about nonstandard partition

For discussions about security.
Post Reply
Message
Author
User avatar
AF Branden
Posts: 165
Joined: Tue 15 Sep 2009, 10:17
Location: United States, WA

Truecrypt gives warning about nonstandard partition

#1 Post by AF Branden »

I want to use truecrypt to do a full disk encryption, but it gives me a warning that I don't quite understand.

Image

Now I noticed after working on quite a few laptops that some of them actually have no bios chip, and the bios is actually stored on the hard drive in some systems, could this be what this is referring to? I just want to encrypt my system without the fear that the system might not be bootable like this message is telling me. Thanks in advance.

This is a new Toshiba Satellite C655D by the way.
[img]http://i56.tinypic.com/nwymax.png[/img]

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#2 Post by Barkin »

If you must have your puppy operating system encrypted in addition to your data, you could use puppy’s own heavy (not light) encryption to encrypt the Puppy OS, and put your data (documents, photos, etc), on a separate truecrypt volume / partition.

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#3 Post by Flash »

I agree with Barkin; it is not necessary or even desirable to encrypt the entire hard disk. You only need to encrypt the partition where you keep your Save file and/or data. I'm not sure it's even possible to encrypt the system files that Puppy needs to load in order to boot. How would the computer be able to decrypt them in order for Puppy to run?

User avatar
AF Branden
Posts: 165
Joined: Tue 15 Sep 2009, 10:17
Location: United States, WA

#4 Post by AF Branden »

So then its not possible to do this?

Wouldn't it be able to run and boot just fine after you enter pre-boot authentication password?
[img]http://i56.tinypic.com/nwymax.png[/img]

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#5 Post by Flash »

What exactly is it you want to accomplish? To prevent anyone but you from using the computer? To make sure no one but you can ever see what you've stored in the computer?

Most computers nowadays allow you to set a password in the BIOS. This will prevent anyone but you from using the computer, as long as you don't forget the password. :lol: However, this level of access control does not protect data stored on the hard disk, which can be read by removing the drive and reading it from another computer. The only way guaranteed to prevent anyone from seeing the data on a hard disk is to encrypt the data. The downside of encrypting data on a hard disk is, if you forget the password (encryption key) there is essentially no hope of recovering the data. So plan carefully before you encrypt. :)

User avatar
AF Branden
Posts: 165
Joined: Tue 15 Sep 2009, 10:17
Location: United States, WA

#6 Post by AF Branden »

I mainly just want to make it so nobody can access the data on the drive whether its in this computer, or if they try taking the hdd out and putting it in another computer.

I think i'm just going to take your advice and only encrypt the system partition.

I'm guessing there is no possibility that traces of files that were previously deleted within the OS partition can be on the other 2 partitions, I don't want previously deleted data to be recovered with file recovery software either.
[img]http://i56.tinypic.com/nwymax.png[/img]

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#7 Post by jpeps »

AF Branden wrote: I don't want previously deleted data to be recovered with file recovery software either.
..then it has to overwritten, or zero'd out.

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#8 Post by Barkin »

jpeps wrote:
AF Branden wrote: I don't want previously deleted data to be recovered with file recovery software either.
..then it has to overwritten, or zero'd out.
http://puppylinux.org/wikka/wipefreespace [never used it myself though]

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#9 Post by jpeps »

Barkin wrote:
jpeps wrote:
AF Branden wrote: I don't want previously deleted data to be recovered with file recovery software either.
..then it has to overwritten, or zero'd out.
http://puppylinux.org/wikka/wipefreespace [never used it myself though]
dd if=/dev/zero of=/dev/drive bs=512

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#10 Post by Barkin »

jpeps wrote:dd if=/dev/zero of=/dev/drive bs=512
That's not the equivalent of "wipe free space" ... http://www.noah.org/wiki/Dd_-_Destroyer_of_Disks#Erase_MBR

https://en.wikipedia.org/wiki/Master_boot_record

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#11 Post by Sylvander »

Randomize however many times you'd like with

Code: Select all

dd if=/dev/urandom -of=/dev/sda
then zero out with

Code: Select all

dd if=/dev/zero -of=/dev/sda

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#12 Post by jpeps »

or individual files (as noted in the link)

dd if=/dev/zero of=somefile bs=1024 count=1M

User avatar
AF Branden
Posts: 165
Joined: Tue 15 Sep 2009, 10:17
Location: United States, WA

#13 Post by AF Branden »

Thanks guys, but I already know how to zero a drive. Whats the point in zeroing an encrypted drive though? If its encrypted doesn't that mean that all previously deleted files are encrypted too? Not to mention, its an added hassle to zero a drive every single time you delete sensitive files.
[img]http://i56.tinypic.com/nwymax.png[/img]

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#14 Post by Barkin »

AF Branden wrote:... I don't want previously deleted data to be recovered with file recovery software either.
Free programs Recuva [windows] or PhotoRec [linux] will show what, if any, old data is recoverable.

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#15 Post by Flash »

AF Brandon is right though; while theoretically anything that had been recorded on the hard disk or flash drive may be recoverable, it would be encrypted, unreadable without the key.

Post Reply