Create A Hidden Encrypted Volume On Your Computer To Hide Sensitive Data

Using full-disk encryption (FDE) is a great first step if you want to protect your data, but sometimes it isn't enough. You may be forced by law to decrypt your data, so if you truly want to stay protected you need to hide your sensitive files elsewhere and use your primary disk as a decoy.

Security expert Brandon Gregg explains:

FDE drives still leave your data and personal information vulnerable in at least two scenarios: 1) You are forced to turn over your password (as in Judge Blackburn's District Court ruling), or 2) Someone has hacked into your live machine and remotely recording your keystrokes/data while you work. To address these issues, we are also going to put our personal/business files in an encrypted directory — but not using just any encryption scheme. Encryption with hidden volumes is the key to really protecting your information and rights. With a correctly implemented hidden volume on your encrypted hard drive, you don't have to worry when someone cracks (or coerces you into giving up) the password. When they use it to open the door, they will only see the closet.

Brandon suggests using a bad password for the "closet" (your encrypted hard drive — not the sensitive data), such as "password". It'll get cracked easily, which will encourage the person looking at your data to believe that you're not smart enough to hide and encrypt your truly sensitive data elsewhere. Keeping that data in a secret volume is a very clever trick and requires hardly more work than encrypting your disk in the first place. If you're looking to keep your files secure, this is a great way to do it.

Three steps to properly protect your personal data [CSO Online via Quora]


Comments

    Or use Truecrypt which allows the creation of two different encrypted containers in the same f/s or file. It's impossible to tell if there is one or two defined so providing no one actually knows you're using a 'hidden' volume (in Truecrypt speak) then the breaking of the first password looks like it's worked and there is no clue that there was further hidden data stored.

      +1 This

    If you were forced by law to decrypt your data, shouldn't you just decrypt your data?

      That would seem to be the obvious answer.

      Colour me naive but exactly what justification is there for concealing data from law-enforcement authorities?

      The whole 'taking the fifth' concept seems to be leveraged only by those intent on avoiding the consequences of their crimes and if this is now extended to cover deliberate concealment of evidence it woudn't seem to be a good thing.
      It's akin to a search warrant not covering the padlock on your cosy little 'Dexter' room in the basement.

        The "I've nothing to hide so why do it" excuse is dangerous, and how intrusive body scans are being passively unchallenged.

        Maybe every traveller should be strip searched and cavity probed before every domestic flight. Anyone disagreeing must have something up there!

        No. We just need to protect what rights we do have and refuse to budge. "All that is necessary for evil to triumph is for good men to do nothing".

    or just say... oh, I've forgotten the password.

    "Judge Blackburn’s District Court" ruling was in the US and is beening appealed as a violation of the US Fifth Amendment. I don't know of any test case in Australia yet. Anyone know Australian Law well enough to guess the outcome of such a case?

      Maybe I missed something but US law does not apply in Australia. We have no fifth amendment (it is the 5th amendment of the US constitution they are talking about) and rulings in US courts don't apply here. So Blackburn's decision is not valid here......... unless we have been invaded by the US and I missed it?

    Security by obscurity is not security at all.

    I'd rather setup another profile that has a script that if loaded will delete the encrypted container. Or perhaps re-encrypts it with a random password...

    I heard that Bangkok Post is hiring, you;d be perfect with writing crap in English.

      Pot. Kettle. Black.

    I've had a guest lecturer come in that handled forensic computing.

    Hidden partitions were basically useless.

    He was able to find it, and restore it, even when it was corrupted.

    He said something along the lines of "rookies tend to miss them"

    This is very useful. Say your a computer hacker and you hack into a business accounts computer server (now this person isnt stupid and has encryption) but because i have hacked the computer i can simply turn it off. Same go's for pretty much every encryption hiding/folder hiding software. There is a couple of folder tricks in windows that can make a folder and its entire contents disappear from trace until you open up a history path in by going in there so not accessing your data is impractical. This is one of the best methods i have seen to hiding data from anyone. The only problem is hiding the fact that the volume or data is there. There is a risky but good way to trick your hdd into thinking it has more space than it does left on the disk so you can completly hide any trace of files but if u fill the disk you could kill the hdd.

    I have plenty to hide - but if I tell you I'd have to .....
    With the advent of the SSD many of us hold all of our information on a storage [usually HDD] drive. If this is in the form of an external drive, which you are able to seperate [AND HIDE] from your computer I'd say 85% of your problems are solved. Now if you are really a very bad person [politician - priest] you also have the option of FDE for the external drive which you have hidden. There are other security measures you could add, but if I told you I'd have to ...

Join the discussion!

Trending Stories Right Now