Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > What is a good Windows XP file to store encrypted volumes

Thread Tools

What is a good Windows XP file to store encrypted volumes

Posts: n/a
Sebastian Gottschalk <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> Bill wrote:
>> Look at the _hidden_ uninstall service pack directories in a typical
>> Windows XP installation. They are in the \Windows directory,
>> usually, with folder names like '$NTUninstallKB999999_0$' and they
>> typically contain dll files. Create one that does not exist in real
>> life--probably a directory name starting with $NTUninstallKB0 since
>> all the current KB numbers are larger than that.

> Non-admin users don't have write-access there.

You've gotten things wrong once again, Sebastian. You really are the
consummate "contrary indicator" and "intelligent fool."

We already KNOW AS A CERTAINTY that the OP has admin rights on the local

What a doofus you are!


Reply With Quote
Posts: n/a
Sebastian Gottschalk <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> nemo_outis wrote:
>> No, Sebastian, it was NOT I who specified the type of adversaries but
>> rather the OP

> And I told you that your misunderstood this specification. Now, what
> about reading comprehension? Go figure!

Here, you thick-as-a-brick moron, is a verbatim quote from the OP's post:

But, my question is what file name and location would arouse the least
suspicion were a coworker to be snooping around looking for my personal
data on my WinXP computer?"

"Snooping coworker," Sebastian! That's the specific threat model POSED
BY THE OP just as I said. It was the OP, not I, who specified the threat
model (and who additionally even confined the "solution space" only to
recommending the most inconspicuous file type and location).

>> If the adversaries suspecting use of Truecrypt had even minimal
>> competence they would first try, NOT to pore through the HD looking
>> for oversized mislabelled nonfunctional files

> Right. He would use Google to find a program which does that for him.

No ordinary "snooping coworker" would be installing and launching
forensic tools. Moreover, this hypothetical NSA-geek snooping coworker
would not know if there were mislabelled files, alternate data streams, a
hidden partition, an even-more-hidden partition in the HPA, files or
directories hidden by a rootkit, or even whether Truecrypt or some other
program was being used.

Nor does the snooper know what method is used to hide the OP's personal
info or even if any such hiding is being done. He's just snooping

And, in the absence of specific info, the NSA-geek snooping coworker
would have no basis for limiting himself to searching for only one of
these stratagems but would either have to use a full-blown forensic tool
(e.g., Encase) to look for any and all of them or deploy a quiver of more
specific search tools. That isn't casual snooping, Sebastian!

No, a casual snoop will do just that: snoop around hoping to stumble upon
unsecured personal data or, failing that, to spot some anomaly that
catches his eye as a possible attempt to hide personal info. A slightly
less casual snoop may use some of the tools native to the environment
(e.g., regedit) but anything beyond that (e.g., installing and using
forensic ttools) is no longer casual snooping.

That's it, Sebastian. That's all the OP asked for: light-duty
camouflage. Nothing more.

But I'll go further, Sebastian, you doofus, in explaining that there is
NO satisfactory way of hiding Truecrypt from a skilled adversary, only
makeshift methods of hiding it from unskilled ones (such as the ones
asked for and given to the OP).

If you're of a mathematical bent call it a mini "existence proof" from
the makers of Truecrypt themselves. Perhaps it will even satisfy David
Eather's pretentious twaddle calling for "mathematical proof or a
conjecture of the computational bounds of an adversary."

You see, Sebastian, Truecrypt goes to great lengths to provide "plausible
deniability," even adding a nesting feature. But obviously "plausible
deniability: is a far weaker status that "undetectability of hidden data
in the first place." If the makers of Truecrypt thought there was an
effective way of providing undetectability they would not have futzed
around adding plausible deniability. QED


Reply With Quote
Lefty Bigfoot
Posts: n/a
On Fri, 19 Jan 2007 01:28:41 -0600, Jane_G wrote
(in article <(E-Mail Removed)>):

> What is a good filespec to hold an encrypted volume on WinXP?

Copy it to another operating system that's not put out by

All of God's creatures have a place..........
..........right next to the potatoes and gravy.
See also:

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic volumes and dynamic volumes Turtle Windows 64bit 6 08-06-2010 06:18 PM
store encrypted data in sqlite ? Stef Mientki Python 1 10-02-2009 08:37 PM
How to split a huge zip file into multiple volumes with the smallersize each? DD Java 3 11-28-2007 12:28 PM
Store encrypted password in database Java 4 03-22-2006 06:29 AM
store encrypted images and view them easily and securely free MP Digital Photography 0 05-31-2005 12:10 PM