What is a good Windows XP file to store encrypted volumes

Discussion in 'Computer Security' started by Jane_G, Jan 19, 2007.

  1. Jane_G

    Jane_G Guest

    What is a good filespec to hold an encrypted volume on WinXP?

    Based on extensive googling, I installed the TrueCrypt freeware disk
    encryption to safeguard my private files on a rather public computer.

    TrueCrypt requires a file name to contain the rather large encrypted volume
    file even if a hidden volume is used inside the regular encrypted volume.
    For example, the file name containing the encrypted volume could be
    C:\Documents and Settings\Administrator\My TrueCrypt Encrypted Volume.bin

    To contain the TrueCrypt encrypted volume, I can choose any file name and
    location that doesn't already exist. But, my question is what file name and
    location would arouse the least suspicion were a coworker to be snooping
    around looking for my personal data on my WinXP computer?

    Specifically what binary file could reasonable be expected to be a few
    megabytes in size, yet have a normal sounding name in a normal sounding
    location containing "gibberish" (ie encrypted data) that would not arouse
    suspicions that it is actually a TrueCrypt encrypted volume?
     
    Jane_G, Jan 19, 2007
    #1
    1. Advertising

  2. Jane_G wrote:

    > TrueCrypt requires a file name to contain the rather large encrypted volume


    No, it doesn't. You can also encrypt an entire partition.

    > To contain the TrueCrypt encrypted volume, I can choose any file name and
    > location that doesn't already exist. But, my question is what file name and
    > location would arouse the least suspicion were a coworker to be snooping
    > around looking for my personal data on my WinXP computer?


    Wild.Girls.swallow.everything.III.DVDRip.[PrOPer].Xvid.AC3.640x480.[3AC74AB].avi

    > Specifically what binary file could reasonable be expected to be a few
    > megabytes in size, yet have a normal sounding name in a normal sounding
    > location containing "gibberish" (ie encrypted data) that would not arouse
    > suspicions that it is actually a TrueCrypt encrypted volume?


    Compressed movie files. In fact, for sufficient bad parameters, you can't
    differ between a part of a broken video file, encrypted data and random
    data.

    If you want to go any further, there are steganographic file systems.
    Seemingly not implemented yet, they'd simply split up the data in
    sufficient small chunks, add MPEG headers and a main header at the front to
    make it a genuine MPEG movie containing either garbage or encrypted data.
     
    Sebastian Gottschalk, Jan 19, 2007
    #2
    1. Advertising

  3. Jane_G

    nemo_outis Guest

    Jane_G <> wrote in
    news::

    > What is a good filespec to hold an encrypted volume on WinXP?
    >
    > Based on extensive googling, I installed the TrueCrypt freeware disk
    > encryption to safeguard my private files on a rather public computer.
    >
    > TrueCrypt requires a file name to contain the rather large encrypted
    > volume file even if a hidden volume is used inside the regular
    > encrypted volume. For example, the file name containing the encrypted
    > volume could be C:\Documents and Settings\Administrator\My TrueCrypt
    > Encrypted Volume.bin
    >
    > To contain the TrueCrypt encrypted volume, I can choose any file name
    > and location that doesn't already exist. But, my question is what file
    > name and location would arouse the least suspicion were a coworker to
    > be snooping around looking for my personal data on my WinXP computer?
    >
    > Specifically what binary file could reasonable be expected to be a few
    > megabytes in size, yet have a normal sounding name in a normal
    > sounding location containing "gibberish" (ie encrypted data) that
    > would not arouse suspicions that it is actually a TrueCrypt encrypted
    > volume?
    >




    The following will not fool a sysadmin (well, not a good one) but it works
    very well against casual or inept snoops.

    Hide the Truecrypt file as an "alternate file stream" attached to some
    other file (which could itself be perfectly functional, such as an Excel
    file). The hidden stream will not show in any normal system operation
    (directory listings, etc.) although some (by no means all) antivirus
    software may report it.

    If the ordinary file you wish to use is, say, C:\directorypath\somefile.xls
    then create (and subsequently mount and use) the Truecrypt file as, say, C:
    \directorypath\somefile.xls:tc (i.e., the alternate file name - extent,
    really - is defined as prefixed by the regular file name and a colon)

    Regards,
     
    nemo_outis, Jan 19, 2007
    #3
  4. Jane_G

    vedaal Guest

    Jane_G wrote:

    > To contain the TrueCrypt encrypted volume, I can choose any file name and
    > location that doesn't already exist. But, my question is what file name and
    > location would arouse the least suspicion were a coworker to be snooping
    > around looking for my personal data on my WinXP computer?
    >
    > Specifically what binary file could reasonable be expected to be a few
    > megabytes in size, yet have a normal sounding name in a normal sounding
    > location containing "gibberish" (ie encrypted data) that would not arouse
    > suspicions that it is actually a TrueCrypt encrypted volume?



    a .dll file in the windows system folder
    [not high on the curious co-worker list of snoop folders ;-) ]
    and there are so many of them that most people have no idea of what
    they do,
    or if they are legitimately required to be there

    you can call it something benign and not unexpected, like
    'AdobeUPD.dll'
    (although i don't remember ever seeing a dll file 5mb or greater)


    vedaal
     
    vedaal, Jan 19, 2007
    #4
  5. Jane_G wrote:
    > What is a good filespec to hold an encrypted volume on WinXP?



    If using NTFS, check up on alternate data streams
     
    =?ISO-8859-1?Q?j=F8rgen?=, Jan 19, 2007
    #5
  6. jørgen wrote:
    > If using NTFS, check up on alternate data streams


    Just know, if they snoop around with special utilities, hidden files in
    alternate streams will be found rather quickly
     
    =?ISO-8859-1?Q?j=F8rgen?=, Jan 19, 2007
    #6
  7. Jane_G

    David Eather Guest

    nemo_outis wrote:
    > Jane_G <> wrote in
    > news::
    >
    >> What is a good filespec to hold an encrypted volume on WinXP?
    >>
    >> Based on extensive googling, I installed the TrueCrypt freeware disk
    >> encryption to safeguard my private files on a rather public computer.
    >>
    >> TrueCrypt requires a file name to contain the rather large encrypted
    >> volume file even if a hidden volume is used inside the regular
    >> encrypted volume. For example, the file name containing the encrypted
    >> volume could be C:\Documents and Settings\Administrator\My TrueCrypt
    >> Encrypted Volume.bin
    >>
    >> To contain the TrueCrypt encrypted volume, I can choose any file name
    >> and location that doesn't already exist. But, my question is what file
    >> name and location would arouse the least suspicion were a coworker to
    >> be snooping around looking for my personal data on my WinXP computer?
    >>
    >> Specifically what binary file could reasonable be expected to be a few
    >> megabytes in size, yet have a normal sounding name in a normal
    >> sounding location containing "gibberish" (ie encrypted data) that
    >> would not arouse suspicions that it is actually a TrueCrypt encrypted
    >> volume?
    >>

    >
    >
    >
    > The following will not fool a sysadmin (well, not a good one) but it works
    > very well against casual or inept snoops.
    >
    > Hide the Truecrypt file as an "alternate file stream" attached to some
    > other file (which could itself be perfectly functional, such as an Excel
    > file). The hidden stream will not show in any normal system operation
    > (directory listings, etc.) although some (by no means all) antivirus
    > software may report it.
    >
    > If the ordinary file you wish to use is, say, C:\directorypath\somefile.xls
    > then create (and subsequently mount and use) the Truecrypt file as, say, C:
    > \directorypath\somefile.xls:tc (i.e., the alternate file name - extent,
    > really - is defined as prefixed by the regular file name and a colon)
    >
    > Regards,
    >
    >
    >

    So, your saying it is OK that your security is not based on a
    mathematical proof or a conjecture of the computational bounds of an
    adversary, but rather based on the hope that the adversary is incompetent.

    Do you see anything wrong with that?
     
    David Eather, Jan 19, 2007
    #7
  8. Jane_G

    Someone Else Guest

    In Message-ID:<>,
    Jane_G <> wrote:

    >To contain the TrueCrypt encrypted volume, I can choose any file name and
    >location that doesn't already exist. But, my question is what file name and
    >location would arouse the least suspicion were a coworker to be snooping
    >around looking for my personal data on my WinXP computer?
    >
    >Specifically what binary file could reasonable be expected to be a few
    >megabytes in size, yet have a normal sounding name in a normal sounding
    >location containing "gibberish" (ie encrypted data) that would not arouse
    >suspicions that it is actually a TrueCrypt encrypted volume?


    Do a search on your own computer for all files larger than <some
    value>. On mine, I found some 50MB CAB files and a gigabyte swap
    file.

    You could put another CAB file into the same directory or create
    an "orphaned" swap file.

    But, these are examples from *my* system. You should find what's
    not unusual on your own. (Have you considered a thumb drive,
    instead?)

    Of course, this is the practical side. There are also the legal
    and ethical sides: The computer is owned by your company, and
    they might believe they have some say in what goes on it. They
    might even have a written policy about installing unauthorized
    software or about keeping personal files on work computers.
     
    Someone Else, Jan 19, 2007
    #8
  9. Jane_G

    nemo_outis Guest

    David Eather <> wrote in
    news::

    > nemo_outis wrote:

    ....
    >> The following will not fool a sysadmin (well, not a good one) but it
    >> works very well against casual or inept snoops.
    >>
    >> Hide the Truecrypt file as an "alternate file stream" attached to
    >> some other file (which could itself be perfectly functional, such as
    >> an Excel file). The hidden stream will not show in any normal system
    >> operation (directory listings, etc.) although some (by no means all)
    >> antivirus software may report it.
    >>
    >> If the ordinary file you wish to use is, say,
    >> C:\directorypath\somefile.xls then create (and subsequently mount
    >> and use) the Truecrypt file as, say, C:
    >> \directorypath\somefile.xls:tc (i.e., the alternate file name -
    >> extent, really - is defined as prefixed by the regular file name and
    >> a colon)
    >>
    >> Regards,
    >>
    >>
    >>

    > So, your saying it is OK that your security is not based on a
    > mathematical proof or a conjecture of the computational bounds of an
    > adversary, but rather based on the hope that the adversary is
    > incompetent.
    >
    > Do you see anything wrong with that?



    Short answer: No, I see nothing wrong with that.

    Longer answer:

    The OP framed her question in terms of using nothing stronger than an
    inconspicuous file. Compared to that, an alternate data stream is
    leagues ahead.

    Going further, the OP's threat model is coworkers who casually snoop,
    folks who are, if not outright incompetent, clearly without special
    resources or competence.

    Against a sufficiently competent, well-funded, and motivated adversary -
    especially one who has repeated unobserved direct access to the machine
    as could happen in a work environment - I fell confident in saying there
    is NO satisfactory method of disguising the use of Truecrypt.

    So, the task is not to overdesign the system inordinately in a misguided
    attempt to thwart the NSA. Instead, as with most security questions, the
    real task is to implement a scheme appropriate to the specified threat
    model.

    And this is exactly what my suggested use of ADS in these circumstances
    does. It is a convenient, readily implemented method that is entirely
    suitable and appropriate for the described threat model.

    Regards,
     
    nemo_outis, Jan 19, 2007
    #9
  10. nemo_outis wrote:

    >> So, your saying it is OK that your security is not based on a
    >> mathematical proof or a conjecture of the computational bounds of an
    >> adversary, but rather based on the hope that the adversary is
    >> incompetent.
    >>
    >> Do you see anything wrong with that?

    >
    > Short answer: No, I see nothing wrong with that.


    Then I pity you for not understanding what security is, but still posting
    in a.c.s . Security requires reliability, at least to a certain point,
    which is the pure contrary of unjustified hope.

    > And this is exactly what my suggested use of ADS in these circumstances
    > does. It is a convenient, readily implemented method that is entirely
    > suitable and appropriate for the described threat model.


    It isn't. Just run LADS, Streams or one of those many many other utilities
    and you'll easily see a very suspicious ADS.
     
    Sebastian Gottschalk, Jan 19, 2007
    #10
  11. Jane_G

    nemo_outis Guest

    Sebastian Gottschalk <> wrote in
    news::

    > nemo_outis wrote:
    >
    >>> So, your saying it is OK that your security is not based on a
    >>> mathematical proof or a conjecture of the computational bounds of an
    >>> adversary, but rather based on the hope that the adversary is
    >>> incompetent.
    >>>
    >>> Do you see anything wrong with that?

    >>
    >> Short answer: No, I see nothing wrong with that.

    >
    > Then I pity you for not understanding what security is, but still
    > posting in a.c.s . Security requires reliability, at least to a
    > certain point, which is the pure contrary of unjustified hope.
    >
    >> And this is exactly what my suggested use of ADS in these
    >> circumstances does. It is a convenient, readily implemented method
    >> that is entirely suitable and appropriate for the described threat
    >> model.

    >
    > It isn't. Just run LADS, Streams or one of those many many other
    > utilities and you'll easily see a very suspicious ADS.
    >



    Thank you for your response. My confidence in the accuracy of my answer
    is now greatly increased.

    You see, Sebastian, you are what can be characterized as an "intelligent
    fool." While not actually stupid, you are nonetheless so reliably and
    consistenly wrong that sensible folks treat you as an amazingly accurate
    "contrary indicator" and regard your condemnation instead as rock-solid
    validation of their views.

    You invariably want to use a sledgehammer to crack a peanut, and this
    produces solutions that are so tiresome and onerous that no one would
    ever be bothered implementing and using them (assuming, that is, that
    they would work at all in spite of their needless complication and
    intricacy). Your grandiose and overworked "solutions" are never suitable
    to the problem. No, you propose them only in a puerile - and failed! -
    attempt to seem knowledgeable.

    So, yes, Sebastian, of course streams can be detected! Any hiding or
    mislabelling technique is only suitable against casual adversaries. But,
    of course, those were precisely the type of adversaries that were
    specified!

    However, as a variant of the "hiding" genre, using ADS is vastly superior
    to using grossly oversized mislabelled file types. It is a highly
    effective technique against casual (and some not-so-casual) snoops.

    Regards,
     
    nemo_outis, Jan 19, 2007
    #11
  12. nemo_outis wrote:

    > of course streams can be detected! Any hiding or
    > mislabelling technique is only suitable against casual adversaries. But,
    > of course, those were precisely the type of adversaries that were
    > specified!


    Then you just got the specification wrong.

    > However, as a variant of the "hiding" genre, using ADS is vastly superior
    > to using grossly oversized mislabelled file types.


    Nonsense, since using such a bogus but well-known feature makes it way more
    suspicious.

    > It is a highly effective technique against casual (and some not-so-casual) snoops.


    As if those wouldn't know how to Google.
     
    Sebastian Gottschalk, Jan 19, 2007
    #12
  13. Jane_G

    nemo_outis Guest

    Sebastian Gottschalk <> wrote in
    news::

    > nemo_outis wrote:
    >
    >> of course streams can be detected! Any hiding or
    >> mislabelling technique is only suitable against casual adversaries.
    >> But, of course, those were precisely the type of adversaries that
    >> were specified!

    >
    > Then you just got the specification wrong.



    Congratulations, Sebastian! Your perfect record as a "contrary
    indicator" who always gets it wrong has been extended.

    No, Sebastian, it was NOT I who specified the type of adversaries but
    rather the OP - to whom I then responded with an appropriate solution.


    >> However, as a variant of the "hiding" genre, using ADS is vastly
    >> superior to using grossly oversized mislabelled file types.

    >
    > Nonsense, since using such a bogus but well-known feature makes it way
    > more suspicious.



    Goddammit, you're thick, Sebastian! The original question posed was how
    to make Truecrypt files less obvious to casual snoops at the OP's
    workplace, not thwart the NSA.

    If the adversaries suspecting use of Truecrypt had even minimal
    competence they would first try, NOT to pore through the HD looking for
    oversized mislabelled nonfunctional files (and, of course, far less for
    ADS) but rather look for the presence of the Truecrypt driver and its
    registry fingerprint which is blatantly there for anyone of non-casual
    competence to see and which is awkward for an unskilled person, such as
    the OP apparently is, to remove and replace regularly (sitting as it does
    as a legacy driver in currentcontrolset).

    We are, as the OP originally posed the problem, looking at adversaries
    whose investigative repertoire does not even extend that far. And so I
    guarantee that ADS will be far beyond the ability of such adversaries to
    discover.

    In short, Sebastian, the matter is settled; now all that remains is to
    see how long you foolishly persist in your truculent stupidity.

    Regards,
     
    nemo_outis, Jan 19, 2007
    #13
  14. Jane_G

    Wraeth Guest

    Jane_G wrote:
    > What is a good filespec to hold an encrypted volume on WinXP?
    >
    > Based on extensive googling, I installed the TrueCrypt freeware disk
    > encryption to safeguard my private files on a rather public computer.
    >
    > TrueCrypt requires a file name to contain the rather large encrypted volume
    > file even if a hidden volume is used inside the regular encrypted volume.
    > For example, the file name containing the encrypted volume could be
    > C:\Documents and Settings\Administrator\My TrueCrypt Encrypted Volume.bin
    >
    > To contain the TrueCrypt encrypted volume, I can choose any file name and
    > location that doesn't already exist. But, my question is what file name and
    > location would arouse the least suspicion were a coworker to be snooping
    > around looking for my personal data on my WinXP computer?
    >
    > Specifically what binary file could reasonable be expected to be a few
    > megabytes in size, yet have a normal sounding name in a normal sounding
    > location containing "gibberish" (ie encrypted data) that would not arouse
    > suspicions that it is actually a TrueCrypt encrypted volume?


    Jane-G,

    As you can no doubt see, there are a lot of suggestions for you to
    follow up on regarding the solution to your problem. However, to find
    the best solution applicable to your situation, it may be wise to
    consider exactly what scenario you are trying to avoid.

    From your post, you say that you don't want your co-workers, who
    occasionally snoop around your computer, to even know that you have the
    data. Therefore, it is not the content that you are hiding, but the
    existence.

    If this is the case, then perhaps it is not a wise idea to store the
    data on a computer to which your co-workers have access; instead, as
    suggested before, use a USB thumb drive, or burn the data to a removable
    disc. This way, you remove the threat that a co-worker with above
    average computer literacy (such as the IT administration or support
    team) will notice an unusual file with a large file, or recognize
    possibilities from the existence of TrueCrypt on the computer in question.

    If, however, it is only the content that you are wishing to hide, not
    the existence, then all you really need is a decent encryption program.
    If the file you wish to encrypt is large, then perhaps you could place
    the file into an archive and split the archive into separate files
    before you encrypt it.

    It would be a wise move, as also mentioned in a previous response, to
    consider the policies in effect at your workplace regarding the use of
    company computers for personal reasons. Another point is perhaps
    securing the computer against unauthorized use by your co-workers (if
    their use is constituted as unauthorized).

    I hope that this helps you with your problem, and that you find a
    solution that is manageable, practicable, and allows your data to remain
    undiscovered.

    Regards,
    wraeth
     
    Wraeth, Jan 20, 2007
    #14
  15. Jane_G

    David Eather Guest

    nemo_outis wrote:
    > David Eather <> wrote in
    > news::
    >
    >> nemo_outis wrote:

    > ...
    >>> The following will not fool a sysadmin (well, not a good one) but it
    >>> works very well against casual or inept snoops.
    >>>
    >>> Hide the Truecrypt file as an "alternate file stream" attached to
    >>> some other file (which could itself be perfectly functional, such as
    >>> an Excel file). The hidden stream will not show in any normal system
    >>> operation (directory listings, etc.) although some (by no means all)
    >>> antivirus software may report it.
    >>>
    >>> If the ordinary file you wish to use is, say,
    >>> C:\directorypath\somefile.xls then create (and subsequently mount
    >>> and use) the Truecrypt file as, say, C:
    >>> \directorypath\somefile.xls:tc (i.e., the alternate file name -
    >>> extent, really - is defined as prefixed by the regular file name and
    >>> a colon)
    >>>
    >>> Regards,
    >>>
    >>>
    >>>

    >> So, your saying it is OK that your security is not based on a
    >> mathematical proof or a conjecture of the computational bounds of an
    >> adversary, but rather based on the hope that the adversary is
    >> incompetent.
    >>
    >> Do you see anything wrong with that?

    >
    >
    > Short answer: No, I see nothing wrong with that.
    >
    > Longer answer:
    >
    > The OP framed her question in terms of using nothing stronger than an
    > inconspicuous file. Compared to that, an alternate data stream is
    > leagues ahead.
    >
    > Going further, the OP's threat model is coworkers who casually snoop,
    > folks who are, if not outright incompetent, clearly without special
    > resources or competence.
    >
    > Against a sufficiently competent, well-funded, and motivated adversary -
    > especially one who has repeated unobserved direct access to the machine
    > as could happen in a work environment - I fell confident in saying there
    > is NO satisfactory method of disguising the use of Truecrypt.
    >
    > So, the task is not to overdesign the system inordinately in a misguided
    > attempt to thwart the NSA. Instead, as with most security questions, the
    > real task is to implement a scheme appropriate to the specified threat
    > model.
    >
    > And this is exactly what my suggested use of ADS in these circumstances
    > does. It is a convenient, readily implemented method that is entirely
    > suitable and appropriate for the described threat model.
    >
    > Regards,
    >
    >

    The rub:

    The adversary is not the NSA. You saw how quickly SG was onto the
    faults in this idea. It will only take one person who knows what he is
    doing, to show one script-kiddie what to do, who will show everyone else
    and security becomes zero or even worse; the user still thinks they have
    some security and may well be indiscreet.
     
    David Eather, Jan 20, 2007
    #15
  16. Jane_G

    Bill Guest

    Jane_G wrote:
    > What is a good filespec to hold an encrypted volume on WinXP?
    >
    > Based on extensive googling, I installed the TrueCrypt freeware disk
    > encryption to safeguard my private files on a rather public computer.
    >
    > TrueCrypt requires a file name to contain the rather large encrypted volume
    > file even if a hidden volume is used inside the regular encrypted volume.
    > For example, the file name containing the encrypted volume could be
    > C:\Documents and Settings\Administrator\My TrueCrypt Encrypted Volume.bin
    >
    > To contain the TrueCrypt encrypted volume, I can choose any file name and
    > location that doesn't already exist. But, my question is what file name and
    > location would arouse the least suspicion were a coworker to be snooping
    > around looking for my personal data on my WinXP computer?
    >
    > Specifically what binary file could reasonable be expected to be a few
    > megabytes in size, yet have a normal sounding name in a normal sounding
    > location containing "gibberish" (ie encrypted data) that would not arouse
    > suspicions that it is actually a TrueCrypt encrypted volume?


    Look at the _hidden_ uninstall service pack directories in a typical
    Windows XP installation. They are in the \Windows directory, usually,
    with folder names like '$NTUninstallKB999999_0$' and they typically
    contain dll files. Create one that does not exist in real
    life--probably a directory name starting with $NTUninstallKB0 since all
    the current KB numbers are larger than that. Create the file as a
    hidden .dll file there. Since the folder will not be listed as a
    service pack in the registry, the system unistaller ought to ignore it,
    AFAIK. And those directories are a hidden forest that almost nobody
    but M$ understands :).
     
    Bill, Jan 20, 2007
    #16
  17. Jane_G

    nemo_outis Guest

    David Eather <> wrote in
    news::

    > The adversary is not the NSA. You saw how quickly SG was onto the
    > faults in this idea. It will only take one person who knows what he
    > is doing, to show one script-kiddie what to do, who will show everyone
    > else and security becomes zero or even worse; the user still thinks
    > they have some security and may well be indiscreet.



    Once again, with feeling:

    The method I outlined is entirely appropriate to the threat model specified
    by the OP: casual office snoopers. It is significantly superior to the
    grossly oversized, non-functional, muslabelled file ruse. Moreover, it is
    exceedingly straightforward and easy to implement since Truecrypt natively
    supports it with nary a tweak required (an important aspect given the
    obvious non-geekiness of the OP).

    And here's a flash for you: There is NO satisfactory method of hiding
    Truecrypt from a skilled adversary, especially on a workplace machine. As
    just one example, Truecrypt leaves awkward-to-erase tracks in the registry.
    An adversary of only modest skills using regedit would detect that
    Truecrypt was being used in seconds rather than having to do a full HD scan
    looking for ADS with special programs.

    Regards,
     
    nemo_outis, Jan 20, 2007
    #17
  18. Jane_G

    Paul Rubin Guest

    Jane_G <> writes:
    > Based on extensive googling, I installed the TrueCrypt freeware disk
    > encryption to safeguard my private files on a rather public computer.


    You should never store private files on a public computer. There's no
    way to know whether the public computer's software or even hardware
    has been modified to compromise your privacy (for example by recording
    your keystrokes). If you want to work on private files away from
    home, get a portable computer and keep your files on it. TrueCrypt is
    a good product for encrypting your files on your own computer, in case
    your computer falls into the wrong hands sometime after you've put
    your files on it. It can't solve the situation of a computer that's
    already in the wrong hands BEFORE you've put your files on it.
     
    Paul Rubin, Jan 20, 2007
    #18
  19. nemo_outis wrote:

    > No, Sebastian, it was NOT I who specified the type of adversaries but
    > rather the OP


    And I told you that your misunderstood this specification. Now, what about
    reading comprehension? Go figure!

    > If the adversaries suspecting use of Truecrypt had even minimal
    > competence they would first try, NOT to pore through the HD looking for
    > oversized mislabelled nonfunctional files


    Right. He would use Google to find a program which does that for him.
     
    Sebastian Gottschalk, Jan 20, 2007
    #19
  20. Bill wrote:

    > Look at the _hidden_ uninstall service pack directories in a typical
    > Windows XP installation. They are in the \Windows directory, usually,
    > with folder names like '$NTUninstallKB999999_0$' and they typically
    > contain dll files. Create one that does not exist in real
    > life--probably a directory name starting with $NTUninstallKB0 since all
    > the current KB numbers are larger than that.


    Non-admin users don't have write-access there.

    > And those directories are a hidden forest that almost nobody but M$ understands :).


    Wrong again.
     
    Sebastian Gottschalk, Jan 20, 2007
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David K
    Replies:
    3
    Views:
    517
    Herb Martin
    Nov 22, 2003
  2. °Mike°

    Re: MP3 volumes

    °Mike°, Aug 24, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    461
    °Mike°
    Aug 24, 2003
  3. jeroen

    Re: MP3 volumes

    jeroen, Aug 24, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    409
    jeroen
    Aug 24, 2003
  4. Ralph Wade Phillips

    Re: MP3 volumes

    Ralph Wade Phillips, Aug 24, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    439
    Ralph Wade Phillips
    Aug 24, 2003
  5. Turtle

    Basic volumes and dynamic volumes

    Turtle, Aug 6, 2010, in forum: Windows 64bit
    Replies:
    6
    Views:
    828
    Charlie Russel-MVP
    Aug 6, 2010
Loading...

Share This Page