Is it possible to make truecrypt 100% portable by using vmware thinapp?

0

truecrypt and other OTFE cryptosystems require an extremely low level device driver to be running in the background for encryption/decryption operations.for this reason, one needs admin rights(atleast once i.e. the first time one wants to run truecrypt).

i was wondering if its possible to use vmware thinapp to truly portabilize truecrypt.vmware thinapp virtualises the filesystem and registry(but i dont think it can virtualize a kernel level device driver)

is it possible by some other virtualization product in the citrix xenapp family or the microsoft virtualization software family or by any other vendor offering virtualization solutions for enterprise-level-server-based-computing?

is what am trying to do somehow possible?

EDIT:i forgot to mention that plausible deniability is the major requirement in my case...also,i might have fallen into xy problem trap: https://meta.stackexchange.com/questions/66377/what-is-the-xy-problem

my original requirement is: OTFE encryption+plausible deniability+no admin privs

user221238

Posted 2013-05-19T16:59:13.040

Reputation: 73

I don't know for sure, but I think every other VM solution requires admin privilages too. I would re-word your tile to something like "Is it possible to make truecrypt portable without admin privileges" as the real thing blocking you is admin privs, not using a vm. – Scott Chamberlain – 2013-05-19T17:21:04.833

thnks scott, i understand that the real problem is admin privs – user221238 – 2013-05-19T17:24:16.353

its just tht am tryin to bypas admin privs by using a VM – user221238 – 2013-05-19T17:24:46.420

Yes, and I am saying don't fall in to the XY Problem. Your "problem" is a portable solution to have encrypted files without admin privs on the computer. but you are "asking" how to set up a vm to run truecrypt in without admin privs. It's two different questions with different answers. I don't think there is a way to do your "Y" but I provided a solution to "X" below.

– Scott Chamberlain – 2013-05-19T17:30:20.287

@ScottChamberlain Well, not all. There are some VM programs that do full software emulation (e.g. qemu). Actually, I think VirtualBox might work with 32-bit, though you wouldn't be able to install the network drivers. – Bob – 2013-05-19T17:49:26.513

yeah bob i've heard about embedded linux distros like embedded-dsl(damn small linux) – user221238 – 2013-05-19T17:53:24.933

it runs without admin privs and on top of another host OS just like some portable software like portable firefox – user221238 – 2013-05-19T17:54:29.360

Answers

1

I do not think it is possible to do this from inside the windows enviorment, however if you are able to boot to a USB drive or a boot CD you may be able to use something like true crypt talks about in their FAQ and then create a hidden partition in your true crypt container.

I live in a country that violates basic human rights of its people. Is it possible to use TrueCrypt without leaving any 'traces' on unencrypted Windows?

Yes. This can be achieved by running TrueCrypt in portable mode under BartPE or in a similar environment. BartPE stands for "Bart's Preinstalled Environment", which is essentially the Windows operating system prepared in a way that it can be entirely stored on and booted from a CD/DVD (registry, temporary files, etc., are stored in RAM – hard drive is not used at all and does not even have to be present). The freeware Bart's PE Builder can transform a Windows XP installation CD into a BartPE CD. Note that you do not even need any special TrueCrypt plug-in for BartPE. Follow these steps:

  • Create a BartPE CD and boot it. (Note: You must perform each of the following steps from within BartPE.

  • Download the TrueCrypt self-extracting package to the RAM disk (which BartPE automatically creates).

Note: If the adversary can intercept data you send or receive over the Internet and you need to prevent the adversary from knowing you downloaded TrueCrypt, consider downloading it via I2P, Tor, or a similar anonymizing network.

  • Verify the digital signatures of the downloaded file (see this section of the documentation for more information).

  • Run the downloaded file, and select Extract (instead of Install) on the second page of the TrueCrypt Setup wizard. Extract the contents to the RAM disk.

  • Run the file TrueCrypt.exe from the RAM disk.

Note: You may also want to consider creating a hidden operating system (see the section Hidden Operating System in the documentation). See also the chapter Plausible Deniability.

Scott Chamberlain

Posted 2013-05-19T16:59:13.040

Reputation: 28 923

yup, bartPE is a gr8 solution.....actually i had totally forgotten about that....maybe i was too much occupied with getting it to work from within windows 7 that i ignored the very easy and obvious solution-use an OS which runs on RAM – user221238 – 2013-05-19T18:00:02.600

think i'll go right away to truecrypt website and re-read their faq and documentation instead of tryin to rack my brains over this.thnks scott,for the reminder – user221238 – 2013-05-19T18:02:22.187

Asked: 2013-05-19T16:59:13.040

Viewed: 1 021 times

Active: 2013-05-19T17:52:53.463