1
How do I write to the outer volume of a TrueCrypt partition, without affecting the hidden partition inside it?
1
How do I write to the outer volume of a TrueCrypt partition, without affecting the hidden partition inside it?
1
You must mount the outer volume with hidden volume protection enabled.
Er, that doesn't prevent corruption of the outer volume though; it only prevents corruption of the inner volume. It's not really made for doing this, is it? It looks more like last-resort protection to me. – user541686 – 2012-01-29T00:32:23.023
What would corrupt the outer volume that it needs protection against? – David Schwartz – 2012-01-29T00:32:58.247
Well, after TrueCrypt denies NTFS write access to a part of free space (which contains the hidden volume), it write-protects the entire outer volume. This means the volume will likely be in an inconsistent state (since e.g. the MFT will have been updated, whereas the file contents and the journal might not have been). Wouldn't this corrupt the outer volume? – user541686 – 2012-01-29T00:41:40.373
It will corrupt it in the sense that you can't modify it anymore. It will still be perfectly readable. You really aren't supposed to modify the outer volume -- it's purpose is to serve as a decoy. – David Schwartz – 2012-01-29T00:56:27.327
Huh? "You really aren't supposed to modify the outer volume -- its purpose is to serve as a decoy." --> "You should use the decoy operating system as frequently as you use your computer. Ideally, you should use it for all activities that do not involve sensitive data."...?
– user541686 – 2012-01-29T00:58:18.747You have to choose between security and usability. If you modify the outer volume, you either have to protect the inner volume or not. Neither way is particularly usable, IMO. – David Schwartz – 2012-01-29T02:27:59.140
How am I even supposed to boot into the outer volume without modifying it, let alone use it? Windows automatically writes a ton of data while booting, so it's not like I can tell it not to... and yet TrueCrypt itself recommends that I boot into the outer volume regularly (and in fact use it), so how do I do that? – user541686 – 2012-01-29T03:06:29.433
Very carefully. – David Schwartz – 2012-01-29T03:16:10.080
O___________O " – user541686 – 2012-01-29T03:16:56.173
Windows will not mount its boot partition writable until boot is essentially successful, at which time you have already most of the access control loaded, so if you're really careful you can use it. Alternatively, you can use the outer partition for paging/temp folder/browser cache (with inner partition protection enabled of course). – billc.cn – 2012-01-29T04:10:24.533
@billc.cn: If Windows doesn't mount its boot partition writable until it's successful, then how does it know when a boot fails? And why is it that, when I run Windows on VirtualBox on a growable differential disk, I get a steadily increasing (~200-MiB) growth of the differential disk on the first startup, before even the login screen comes? – user541686 – 2012-01-30T06:42:37.010
Windows considers a boot successful when it's about to show you the GUI bit not when the desktop is shown. This is when the boot progress bar disappears and before the welcome screen is shown to you. TrueCrypt driver should be ready at this stage, so is registry. – billc.cn – 2012-01-30T21:46:27.587