Posted By RichC on March 1, 2008
I read a Washington Post story regarding border security measures which allows for searching hard-drives of someone’s computer entering the United States. Its a sensible approach to border security, but what will they find if someone wants to protect their data? Is there a way to still secure information? John Sawyer from the University of Florida IT security team wrote:
One method that I’d be willing to try is encryption, using the free, open-source tool, TrueCrypt. TrueCrypt creates an encrypted volume for storing sensitive information. The newest version — released last week — added support for Mac OS X (it already supports Windows and Linux). Applications like Firefox could even be run from the encrypted volume so that all browsing history and cached files would be encrypted. A key feature of TrueCrypt — in contrast to full disk encryption, which is visible when the computer boots — is that the TrueCrypt volume can’t easily be detected. It just looks like random data.
Since I already use Truecrypt on my VistaOS notebook, I attempted to create the hidden volume inside the fully encrypted volume mentioned by Sawyer. It worked like a charm and was a cinch. (HMM … cinch … that will be a post for tomorrow)
Here’s how it might work if someone was to have their sensitive data stored on their hard-drive with this ‘hidden volume encryption’ method. When a border agent (or thief) opens your computer they will request your login and expect that you would allow access. (easy enough to access the data on your hard-drive even without the login so that’s not really security) The agent would then detect the encrypted data volume and see the truecrypt files (.ts) and software — and again a request would be made to access this encrypted data. You would offer the password and access to this encrypted volume and it would mount revealing your data, BUT not the hidden encrypted volume inside which holds the information you want to protect. The beauty is that outside of a polygraph, there is no way to determine if you used this hidden volume inside the Truecrypt encrypted volume.
I also installed the newly released Macintosh Truecrypt software, but I noticed it doesn’t offer a hidden encrypted volume option … yet. (only the single encrypted volume)