1 00:00:00,120 --> 00:00:02,650 Welcome to part one of this module. 2 00:00:02,850 --> 00:00:08,580 In this video we're going to be looking at free and open source encryption in a Windows environment 3 00:00:08,640 --> 00:00:16,200 using two nearly identical pieces of software very script and it's forebear True Crypt. 4 00:00:16,200 --> 00:00:20,920 Before we begin I want to go over what this module is going to be about briefly. 5 00:00:20,970 --> 00:00:28,620 This section of the class is going to be focusing on encryption as well as anonymity as these two subjects 6 00:00:28,620 --> 00:00:30,200 are very closely linked. 7 00:00:30,210 --> 00:00:35,490 If you are just coming from the Met a split module you may be expecting this section to follow a strict 8 00:00:35,490 --> 00:00:38,010 progression like the last one did. 9 00:00:38,040 --> 00:00:42,150 But that is not really necessary in this case. 10 00:00:42,180 --> 00:00:44,780 We will be moving from one subject to another. 11 00:00:44,790 --> 00:00:50,640 And while I will try to structure each presentation in such a way that it builds upon the next it shouldn't 12 00:00:50,640 --> 00:00:53,540 be absolutely necessary to follow these videos in order. 13 00:00:53,550 --> 00:00:59,940 For example if you wish to learn about virtual private networks and you don't care very much about encrypting 14 00:00:59,940 --> 00:01:05,790 data locally you may wish to skip these initial videos if on the other hand you only want to learn about 15 00:01:05,790 --> 00:01:12,270 encryption or how to encrypt your operating systems specifically or how to setup an encrypted dual boot 16 00:01:12,270 --> 00:01:15,690 situation or see an overview on cryptocurrency. 17 00:01:15,750 --> 00:01:18,040 You can just skip to the relevant videos. 18 00:01:18,090 --> 00:01:23,970 With that being said Taken together this module should present you with the tools you need to achieve 19 00:01:24,000 --> 00:01:25,820 a strong degree of anonymity. 20 00:01:25,830 --> 00:01:32,640 However it is your responsibility to use what you learn here in conjunction with good operational security 21 00:01:32,730 --> 00:01:33,660 or opsec. 22 00:01:33,660 --> 00:01:38,490 This will be spoken of more at length as we go along the presentation for today. 23 00:01:38,490 --> 00:01:43,260 As I said we'll be on open source encryption in windows here on the desktop. 24 00:01:43,260 --> 00:01:45,180 I've placed two icons. 25 00:01:45,180 --> 00:01:52,370 The first is True Crypt seven point one A and the second is a program called Vera crypt. 26 00:01:52,380 --> 00:01:58,400 There is a reason why I'm talking about both of these two pieces of encryption software. 27 00:01:58,440 --> 00:02:05,100 Even though True Crypt is no longer being offered by the developers it is quite old and it's probably 28 00:02:05,100 --> 00:02:07,410 not really recommended that you use it over a very crypt. 29 00:02:07,410 --> 00:02:12,720 However if you do decide to seek it out you will need to make sure that you've downloaded a good copy 30 00:02:12,720 --> 00:02:20,970 of it and there are web pages such as this one where you can verify the individual hash of each True 31 00:02:20,970 --> 00:02:25,690 Crypt file to ensure that you have a legitimate copy. 32 00:02:25,690 --> 00:02:26,560 Very crypt. 33 00:02:26,560 --> 00:02:33,580 On the other hand is still under development and can be downloaded directly from Vera crypt dot F. are 34 00:02:33,880 --> 00:02:40,570 both true crypt in Vera crypt can be used in what is called portable mode meaning you only have to directly 35 00:02:40,570 --> 00:02:46,270 install them if you want to use certain features such as full disk encryption which I'll speak about 36 00:02:46,270 --> 00:02:52,510 shortly if you wish to download and install Vera crypt and just go ahead and download the installer 37 00:02:52,600 --> 00:02:58,690 and run it and walk through the installation process normally there's no special hurdles if you wish 38 00:02:58,690 --> 00:03:04,840 to use it in portable mode simply download Vera crypt portable and when you open it you will get a file 39 00:03:04,840 --> 00:03:10,300 that looks like this and you can actually run better script just by clicking on the very crypt icon 40 00:03:10,330 --> 00:03:15,910 and it will work perfectly in portable mode again with the exception of full disk encryption the same 41 00:03:15,910 --> 00:03:21,520 is also the case for True Crypt which can likewise be used in portable mode or installed. 42 00:03:21,520 --> 00:03:22,990 So what are these programs. 43 00:03:22,990 --> 00:03:30,540 Put simply they are tools that allow you to encrypt files drives and even entire operating systems. 44 00:03:30,610 --> 00:03:36,610 They will allow you to create what are called hidden volumes which are best described as secret files 45 00:03:36,700 --> 00:03:42,600 within secret files and they will allow you to mount and read any applicable volumes. 46 00:03:42,610 --> 00:03:48,640 True Crypt seven point one a was the final version of this encryption software that was simply the best 47 00:03:48,700 --> 00:03:49,420 of the best. 48 00:03:49,420 --> 00:03:57,280 Between the years 2000 and until about 2014 or so there were no known instances of the encryption being 49 00:03:57,280 --> 00:04:00,700 broken or backdoor ID when it was used properly. 50 00:04:00,700 --> 00:04:07,000 The software was so popular and so widely trusted that it received a well-funded independent audit which 51 00:04:07,000 --> 00:04:09,060 you can read about online if you wish. 52 00:04:09,070 --> 00:04:14,950 The findings were that while this software did have a few minor issues the overall encryption security 53 00:04:14,950 --> 00:04:20,860 was rock solid except in a very few rare cases where windows cryptographic malfunctioned. 54 00:04:20,860 --> 00:04:22,990 Even this was not a deal breaking bug. 55 00:04:22,990 --> 00:04:29,980 However since the software also collects entropy from other sources thus it doesn't rely only upon windows 56 00:04:30,040 --> 00:04:32,770 and I will be speaking about this more later as well. 57 00:04:32,770 --> 00:04:39,310 The project ended when the mysterious developers of the software declared they would no longer be updating 58 00:04:39,310 --> 00:04:45,130 it and it was widely believed this was due to governmental pressure to shutter a project that was considered 59 00:04:45,130 --> 00:04:52,120 an existential threat to national security because it was never actually broken and because the developers 60 00:04:52,150 --> 00:04:57,970 chose to shut down rather than bowed to pressure to compromise the project with the installation of 61 00:04:57,970 --> 00:05:03,670 a backdoor true crypto seven point one a remains an extremely desirable piece of software. 62 00:05:03,670 --> 00:05:09,370 That being said the last version of true crypto was released a little over four years ago and it is 63 00:05:09,370 --> 00:05:10,660 not reasonable. 64 00:05:10,660 --> 00:05:14,000 In early 2019 to use it as a demonstration. 65 00:05:14,020 --> 00:05:16,060 Shortly after True Crypt was shuttered. 66 00:05:16,060 --> 00:05:23,470 The code itself was forked by independent developers who also made it truly open source very crypt and 67 00:05:23,470 --> 00:05:29,230 True Crypt are essentially the exact same thing but with a few caveats. 68 00:05:29,260 --> 00:05:35,740 Everything you learn here using very crypt will also apply to True Crypt except in a very few cases 69 00:05:35,830 --> 00:05:39,040 and I'll try to point out these little differences as we go along. 70 00:05:39,070 --> 00:05:44,260 If you work with both these pieces of software the first thing you'll notice is that there are user 71 00:05:44,260 --> 00:05:47,230 interfaces are exactly the same. 72 00:05:47,230 --> 00:05:52,210 As I said everything you learn using very script will apply to true script. 73 00:05:52,210 --> 00:05:58,810 The biggest difference between true script and Vera crypt is that true script cannot encrypt an operating 74 00:05:58,810 --> 00:06:02,920 system if it uses a you EFI bootloader. 75 00:06:02,920 --> 00:06:11,230 It's MPR only very crypt on the other hand has you EFI support very crypt also has updated the encryption 76 00:06:11,230 --> 00:06:18,220 to be supposedly stronger although keep in mind no true crypt file has yet been shown to possess pregnant 77 00:06:18,220 --> 00:06:19,120 all encryption. 78 00:06:19,120 --> 00:06:23,470 The tradeoff is the very script is just slightly slower than true crypt. 79 00:06:23,590 --> 00:06:30,400 Generally speaking for best performance vs. security I recommend using True Crypt if you plan to encrypt 80 00:06:30,580 --> 00:06:34,470 older computers and very crypt for anything more recent. 81 00:06:34,480 --> 00:06:37,030 The technique shown here will work for both. 82 00:06:37,030 --> 00:06:43,270 We will start with a quick demonstration to illustrate what I'm talking about here on the desktop. 83 00:06:43,270 --> 00:06:47,440 We have this text file called Secret Death Star plans. 84 00:06:47,440 --> 00:06:52,360 It is vitally important that we get those plans to Princess Leia and the Rebel Alliance. 85 00:06:52,390 --> 00:06:55,630 If the Galactic Empire should catch us we'll be done for. 86 00:06:55,630 --> 00:07:01,720 So in this fictional scenario it's not a good idea to just upload our secret file in the clear or to 87 00:07:01,720 --> 00:07:05,590 carry it openly on our laptop or U.S. B Drive. 88 00:07:05,590 --> 00:07:10,170 Instead we're going to create a file called an encrypted container. 89 00:07:10,180 --> 00:07:16,200 This can be done in very crypto portable mode and such containers can also be mounted in portable mode. 90 00:07:16,270 --> 00:07:22,600 If you prefer to do this we would launch the program and then click the create volume button. 91 00:07:23,040 --> 00:07:27,890 We're then presented with the volume Creation Wizard which gives us three options. 92 00:07:27,900 --> 00:07:33,780 We'll be going over each of these but to start with we're going to make sure that the first radial button 93 00:07:34,080 --> 00:07:34,790 is checked. 94 00:07:34,800 --> 00:07:38,720 Create an encrypted file container then we'll click next. 95 00:07:38,790 --> 00:07:43,930 The second menu tells us that we can create a standard volume or a hidden one. 96 00:07:43,980 --> 00:07:50,100 A standard volume is very straightforward and we'll be doing that first but in the next demonstration 97 00:07:50,130 --> 00:07:52,190 we'll see how to create a hidden one. 98 00:07:52,200 --> 00:07:54,120 So for now click next. 99 00:07:54,120 --> 00:07:56,700 Now we need to specify a location. 100 00:07:56,700 --> 00:07:58,490 This can be somewhat misleading. 101 00:07:58,500 --> 00:08:04,680 We are not going to select the file that we want to encrypt because that would delete the file. 102 00:08:04,680 --> 00:08:09,200 Instead we're going to create what is called an encrypted container. 103 00:08:09,210 --> 00:08:13,190 Think of an encrypted container like a safe with a combination lock. 104 00:08:13,230 --> 00:08:15,810 The safe will be empty when we first create it. 105 00:08:15,840 --> 00:08:21,960 We will supply the combination to unlock it and then we'll place our file inside. 106 00:08:22,110 --> 00:08:26,310 Once we close the safe everything inside will be encrypted. 107 00:08:26,310 --> 00:08:30,840 Also make absolutely sure that the never say of history button is checked. 108 00:08:30,840 --> 00:08:36,780 The whole point of programs like this is really privacy and so you don't want them saving history at 109 00:08:36,780 --> 00:08:38,870 any rate for this demonstration. 110 00:08:38,870 --> 00:08:49,480 We'll be selecting the desktop and we'll name our file container r2 d2 then we'll click next. 111 00:08:49,480 --> 00:08:52,810 With that done we're now presented with the encryption options. 112 00:08:52,810 --> 00:08:55,690 This can look a bit daunting at first glance. 113 00:08:55,690 --> 00:09:01,030 If we pull down the first context menu we can see all of our encryption options. 114 00:09:01,030 --> 00:09:03,970 You can research these on your own if you wish. 115 00:09:03,970 --> 00:09:09,100 Everyone out there has their own opinion about which algorithm is the best and why. 116 00:09:09,100 --> 00:09:15,670 The fact is at the time of this recording there are no known instances of any of these algorithms being 117 00:09:15,670 --> 00:09:16,320 broken. 118 00:09:16,330 --> 00:09:20,940 They are all rock solid so there really isn't any wrong choice here. 119 00:09:20,980 --> 00:09:28,110 But one thing to consider a single algorithm alone is going to be faster in terms of read write speeds 120 00:09:28,120 --> 00:09:29,390 once we're done. 121 00:09:29,440 --> 00:09:37,450 If you choose to use a cascade of algorithms such as for example ATX to fish serpent it may slow things 122 00:09:37,450 --> 00:09:42,160 down considerably when encrypting a U.S. beat device. 123 00:09:42,160 --> 00:09:48,340 It might slow down your read write speeds and when encrypting an entire operating system your performance 124 00:09:48,340 --> 00:09:49,940 will suffer greatly. 125 00:09:49,960 --> 00:09:57,370 For that reason I recommend using a single selection for full disk encryption and a cascading option 126 00:09:57,490 --> 00:10:04,090 only for small files or USP devices when speed is less important than security. 127 00:10:04,090 --> 00:10:06,150 One final thing to note here. 128 00:10:06,220 --> 00:10:12,160 This is going to be our first difference between true crypto and bankrupt very crypto has a few extra 129 00:10:12,220 --> 00:10:18,820 options such as Camellia and I really don't know how to pronounce this Xena. 130 00:10:18,920 --> 00:10:19,920 Chuck. 131 00:10:20,020 --> 00:10:26,290 These are Japanese and Russian ciphers respectively because they're new additions. 132 00:10:26,290 --> 00:10:31,670 I cannot comment on their merit though I am confident they are strong or they wouldn't be included. 133 00:10:31,690 --> 00:10:40,090 Nevertheless for this demonstration we'll be selecting a triple layer cipher encryption ATX 2 fish serpent 134 00:10:40,920 --> 00:10:45,450 our second choice is going to be the hash algorithm we want to use. 135 00:10:45,460 --> 00:10:52,840 Another difference between versions here is that in True Crypt you'll see our IP BMD dash 160 which 136 00:10:52,840 --> 00:10:54,670 was removed from their script. 137 00:10:54,680 --> 00:11:00,400 Our IP BMD was somewhat recently defeated along with SHA 1. 138 00:11:00,400 --> 00:11:05,260 This should in no way affect our IP BMD 160. 139 00:11:05,260 --> 00:11:11,020 However it is no longer considered one of the strongest choices so it has been removed very crypt has 140 00:11:11,020 --> 00:11:13,720 replaced this choice with stream bog. 141 00:11:13,810 --> 00:11:19,170 Now once again there really isn't a wrong choice here although everyone has their own opinion. 142 00:11:19,180 --> 00:11:26,110 SHA 512 is used by the United States military and Whirlpool is an extremely popular choice as well. 143 00:11:26,110 --> 00:11:34,240 Keep in mind that our IP BMD dash 160 and Shaw 256 may have slightly faster performance. 144 00:11:34,240 --> 00:11:38,590 So balance your choice between your means for security and speeds. 145 00:11:38,590 --> 00:11:44,900 In this case we're going to select Shaw 512 in this next step. 146 00:11:44,900 --> 00:11:51,170 We need to specify how big are encrypted container is going to be going back to the earlier analogy. 147 00:11:51,170 --> 00:11:58,220 How big of a volt do you want the size of the encrypted container can vary from the stated minimum size 148 00:11:58,220 --> 00:12:04,460 for the file format you selected to the maximum amount of free space on the partition or device that 149 00:12:04,490 --> 00:12:10,760 you're using for now let's just go with one megabyte. 150 00:12:10,760 --> 00:12:15,860 This is because our text file that we want to encrypt is measured in kilobytes. 151 00:12:15,860 --> 00:12:22,280 We need to make sure that our encrypted container is slightly larger than whenever file or files that 152 00:12:22,280 --> 00:12:24,470 we wish to store inside it. 153 00:12:24,470 --> 00:12:26,600 Then we need to set our password. 154 00:12:26,600 --> 00:12:30,890 Obviously you want to use a very strong password here. 155 00:12:30,920 --> 00:12:33,800 If you're going to be bothering using encryption at all. 156 00:12:33,830 --> 00:12:39,350 If the password can be easily brute forced then you might as well not even bother. 157 00:12:39,350 --> 00:12:43,760 You also have the option to use what are called key files. 158 00:12:43,760 --> 00:12:50,770 In other words you can specify files that need to be present when you input your password. 159 00:12:50,780 --> 00:12:57,380 It's a bit like having a combination lock on your vault but also requiring physical keys as well to 160 00:12:57,380 --> 00:12:58,520 get the door open. 161 00:12:58,520 --> 00:13:04,670 This gets a bit complicated so we won't be using key files in this particular example but keep in mind 162 00:13:04,760 --> 00:13:07,730 that doing so is an option for added security. 163 00:13:07,790 --> 00:13:14,990 However if you decide to use a file or files one thing you absolutely need to keep in mind is that if 164 00:13:14,990 --> 00:13:22,100 the file changes even slightly you won't be able to open your encrypted volume even with the correct 165 00:13:22,100 --> 00:13:23,000 password. 166 00:13:23,120 --> 00:13:29,540 If you forget your password or if you lose your key files or if your key files become in some way changed 167 00:13:29,540 --> 00:13:33,940 or corrupted even by a few killer bytes you're simply out of luck. 168 00:13:33,980 --> 00:13:41,600 So be very careful with your selections here key files can be mostly anything by the way a photo a text 169 00:13:41,600 --> 00:13:44,500 file an MP for whatever you like. 170 00:13:44,510 --> 00:13:48,050 So these do add a much greater level of security. 171 00:13:48,290 --> 00:13:54,440 But again just remember if you touch the file after creating the container and it gets even slightly 172 00:13:54,440 --> 00:13:57,130 changed you'll be out of luck. 173 00:13:57,140 --> 00:14:04,760 A very crypt also offers a third option here that true crypt does not and that is the use P I am box. 174 00:14:04,760 --> 00:14:12,050 This gets really deep but basically PCM stands for personal iterations multiplier it is a parameter 175 00:14:12,050 --> 00:14:18,560 that was recently introduced and allows the control of the number of iterations used by the hitter key 176 00:14:18,570 --> 00:14:20,150 derivation function. 177 00:14:20,150 --> 00:14:26,140 This value can be specified through the password dialog or in the command line. 178 00:14:26,180 --> 00:14:33,410 If no PCM is specified Vera crypt will use the default number of iterations used in prior versions going 179 00:14:33,410 --> 00:14:35,120 all the way back to True Crypt. 180 00:14:35,150 --> 00:14:37,900 You absolutely do not need to do this. 181 00:14:37,910 --> 00:14:41,150 However the option is available and that is why I mentioned it. 182 00:14:41,150 --> 00:14:45,950 I'm not going to practice what I preach in this example I'm going to use a dirt simple password 183 00:14:48,670 --> 00:14:50,950 once you've been put in your password click next 184 00:14:54,250 --> 00:14:59,490 and when I click next to the program warns me that I'm being an idiot and that I should use a password 185 00:14:59,490 --> 00:15:05,820 of at least 20 characters but will ignore this for now this next screen has a couple of things going 186 00:15:05,820 --> 00:15:06,540 on. 187 00:15:06,570 --> 00:15:14,700 First we can see the file system we want are encrypted container or partition to be formatted with depending 188 00:15:14,700 --> 00:15:16,970 on the size of the container or partitions. 189 00:15:16,980 --> 00:15:23,400 Your options here are going to be different very small containers will be limited to fat ex fat and 190 00:15:23,400 --> 00:15:28,350 possibly fat 32 large files will also include NTFS. 191 00:15:28,350 --> 00:15:31,930 Be aware that very crypto includes ex fat as an option. 192 00:15:31,950 --> 00:15:33,480 True Crypt does not. 193 00:15:33,480 --> 00:15:36,560 This will be important later but I thought it worth mentioning now. 194 00:15:36,570 --> 00:15:40,680 You can also adjust the cluster size although I do not recommend this. 195 00:15:40,680 --> 00:15:44,720 You can leave it by default unless you have a specific reason to do otherwise. 196 00:15:44,730 --> 00:15:52,390 There is a slight cosmetic difference between versions here but if we click this box we can see that 197 00:15:52,390 --> 00:15:55,360 the symbols have been changed to numbers and letters. 198 00:15:55,360 --> 00:16:03,130 This is our random pool and as we move the mouse around within the very script or True Crypt window 199 00:16:03,460 --> 00:16:07,160 the complexity of the pool will grow. 200 00:16:07,160 --> 00:16:09,350 This is one of the safety precautions. 201 00:16:09,380 --> 00:16:16,540 These pieces of software use so that you are not 100 percent dependent upon windows cryptographic functions. 202 00:16:16,550 --> 00:16:22,910 These functions can fail and it can also be potentially compromised by nation state actors to produce 203 00:16:22,970 --> 00:16:25,880 a weak or predictable random pool. 204 00:16:25,880 --> 00:16:33,160 This would make it trivially easy to obtain the master key and access the file or the container rather. 205 00:16:33,230 --> 00:16:39,350 For that reason it is recommended that you waive your mouse cursor around inside this window like a 206 00:16:39,350 --> 00:16:45,170 crazy person for as long as you can stand it in order to increase the cryptographic strength and randomness 207 00:16:45,200 --> 00:16:48,290 of your encrypted container file or partition. 208 00:16:48,320 --> 00:16:55,400 If for some reason you want the header or master key to not appear on the screen simply uncheck this 209 00:16:55,400 --> 00:16:56,810 box. 210 00:16:56,810 --> 00:16:58,820 Otherwise click format. 211 00:17:01,180 --> 00:17:04,270 The volume has been created so we'll exit the wizard. 212 00:17:04,330 --> 00:17:05,950 I'm going to minimize this for the moment 213 00:17:09,250 --> 00:17:12,220 we can see the volume has been created. 214 00:17:12,250 --> 00:17:13,240 We can see here. 215 00:17:13,270 --> 00:17:17,620 But it isn't immediately clear what the file is. 216 00:17:17,770 --> 00:17:26,090 However one thing I want to point out when we click properties is that this file still contains certain 217 00:17:26,090 --> 00:17:35,770 metadata that can be used to identify where and when it was created notice that the date created owner 218 00:17:35,770 --> 00:17:38,740 and computer information are displayed. 219 00:17:38,740 --> 00:17:41,310 And this information cannot be properly removed. 220 00:17:41,350 --> 00:17:46,840 If this is a concern you may wish to create a file like this or rather an encrypted container I should 221 00:17:46,840 --> 00:17:53,140 be calling it that on a system that you have no personal connection with or possibly in a live boot 222 00:17:53,140 --> 00:17:54,250 situation. 223 00:17:54,250 --> 00:17:56,190 One last thing to point out. 224 00:17:56,500 --> 00:18:03,790 We can once again right click on this file and we can rename it and give it any file extension that 225 00:18:03,790 --> 00:18:06,430 we wish for example. 226 00:18:06,430 --> 00:18:07,210 Period. 227 00:18:07,570 --> 00:18:08,450 I and I. 228 00:18:08,470 --> 00:18:10,950 Now it looks like your typical iron I file. 229 00:18:10,960 --> 00:18:14,510 They could maybe hide in a game directory or something like that. 230 00:18:14,530 --> 00:18:22,430 We could even disguise this file as an MP for or a picture file or anything we like. 231 00:18:22,570 --> 00:18:28,630 Just by changing the file extension now of course the file won't behave like any of those things but 232 00:18:28,630 --> 00:18:31,440 the point is to make it more inconspicuous. 233 00:18:31,510 --> 00:18:34,650 At any rate so we now have r2 d2. 234 00:18:34,750 --> 00:18:38,860 We need to put the death star plans inside it to do this. 235 00:18:38,860 --> 00:18:41,440 We will once again open Vera crypt. 236 00:18:41,440 --> 00:18:47,320 Please note that Vera crypt is backwards compatible with True Crypt meaning that it can open a True 237 00:18:47,320 --> 00:18:48,260 Crypt container. 238 00:18:48,270 --> 00:18:51,640 Provided that you check the little box that says True Crypt mode. 239 00:18:51,640 --> 00:18:54,000 The reverse however is not true. 240 00:18:54,010 --> 00:19:00,330 True Crypt cannot open a very crypt container so begin by selecting a drive on this list. 241 00:19:01,660 --> 00:19:05,980 I recommend using Z unless you have a Z drive already. 242 00:19:05,980 --> 00:19:15,500 Then we click select file we'll select r2 d2 and we will click open. 243 00:19:15,500 --> 00:19:21,240 Now all we have to do is press the Mount button and supply our password 244 00:19:24,250 --> 00:19:30,340 if you were to mount a true script file you would click the true script mode button right here. 245 00:19:30,400 --> 00:19:37,990 Auto detection simply means that the program will auto detect which cipher methods are being used when 246 00:19:37,990 --> 00:19:40,720 it attempts to mount the file. 247 00:19:40,720 --> 00:19:46,370 It might save time if you manually input this but you really don't need to. 248 00:19:46,390 --> 00:19:52,570 If you wish to use key files you would click this box and then specify them will address mount options 249 00:19:52,600 --> 00:19:53,280 a bit later 250 00:19:56,120 --> 00:20:03,720 display password is self-explanatory so we'll click OK after a few moments we can see that the container 251 00:20:03,720 --> 00:20:10,680 has been mounted to drive Z the space left inside the container is listed encryption algorithm method 252 00:20:10,680 --> 00:20:17,340 or methods used and the type of the container which in this case is normal with the container now mounted 253 00:20:17,430 --> 00:20:18,880 as a drive. 254 00:20:18,990 --> 00:20:21,480 We go to our computer 255 00:20:26,060 --> 00:20:33,800 and we see that it appears as local disk Z as if it were a partition or a US b device. 256 00:20:33,800 --> 00:20:38,000 So we'll simply open it and we can see that the file is empty. 257 00:20:38,000 --> 00:20:42,800 So now we want to put our supersecret Death Star plans inside 258 00:20:47,310 --> 00:20:54,490 and now we will close the file and then when we're done interacting with the container we can go back 259 00:20:54,490 --> 00:21:04,020 to the very crypt or True Crypt window and simply click dismount. 260 00:21:04,040 --> 00:21:05,660 Now when we go back to the computer 261 00:21:10,110 --> 00:21:16,290 we can see that the Z drive is gone and we can see that the text file is nowhere to be found. 262 00:21:16,290 --> 00:21:17,960 Of course I did just delete it. 263 00:21:17,970 --> 00:21:19,920 But you do get the idea. 264 00:21:19,920 --> 00:21:24,780 It's now contained inside our encrypted container r2 d2. 265 00:21:24,780 --> 00:21:30,510 Now we can feel a lot safer uploading this file to the cloud or whatever else we want to do that might 266 00:21:30,510 --> 00:21:33,360 bring it into contact with unfriendly eyes. 267 00:21:33,360 --> 00:21:37,890 This first method was how to create a normal encrypted container. 268 00:21:37,890 --> 00:21:45,480 Now we're going to take a look at how to create a hidden container and exactly what such a container 269 00:21:45,480 --> 00:21:46,630 actually is. 270 00:21:46,650 --> 00:21:52,030 The Death Star plans are now safely in our TOS memory banks. 271 00:21:52,080 --> 00:21:54,570 He's ready to seek out Obi Wan Kenobi. 272 00:21:54,600 --> 00:22:00,650 But what if an imperial agent puts a blaster to Princess lay his head. 273 00:22:00,660 --> 00:22:05,060 What if Darth Vader demands that she give up the encryption password. 274 00:22:05,220 --> 00:22:07,150 What then. 275 00:22:07,200 --> 00:22:14,910 What do you do when you find yourself in a situation where for whatever reason you cannot refuse to 276 00:22:14,910 --> 00:22:17,360 hand over your encryption key. 277 00:22:17,400 --> 00:22:20,620 This is where hidden containers come into play. 278 00:22:20,670 --> 00:22:29,880 The basic idea is that you create a container within a container one password unlocks the so-called 279 00:22:30,000 --> 00:22:31,570 outer volume. 280 00:22:31,590 --> 00:22:37,210 This is a container where you keep files that you don't actually mind giving up to an adversary. 281 00:22:37,260 --> 00:22:42,800 A second password will unlock the hidden volume which contains the real files. 282 00:22:42,840 --> 00:22:51,660 It is not currently directly possible to tell if an encrypted container exists within another encrypted 283 00:22:51,660 --> 00:22:52,280 container. 284 00:22:52,280 --> 00:22:56,370 That is to say a hidden volume within an outer volume. 285 00:22:56,370 --> 00:23:00,010 There are circumstances where it might be possible. 286 00:23:00,210 --> 00:23:04,500 And these are detailed in the very script and True Crypt docu documentation. 287 00:23:04,500 --> 00:23:07,490 And I do encourage you to read these when you have a chance. 288 00:23:07,500 --> 00:23:13,140 However generally speaking there really is no way to tell unless a mistake is made. 289 00:23:13,170 --> 00:23:15,540 And this gives you plausible deniability. 290 00:23:15,540 --> 00:23:19,040 Princess Leia can give Darth Vader the fake password. 291 00:23:19,080 --> 00:23:25,710 Vader opens up or choose memory banks and gets Layers collection of vacation photos tax records and 292 00:23:25,710 --> 00:23:27,620 her My Little Pony fanfics. 293 00:23:27,630 --> 00:23:34,780 He may strongly suspect the presence of a hidden volume but there's no way to prove it definitively. 294 00:23:34,800 --> 00:23:39,890 The process for creating such a volume is only slightly more complicated than a regular one. 295 00:23:39,900 --> 00:23:46,650 So once again we're going to open up their crypt or True Crypt and we're going to click the create volume 296 00:23:46,650 --> 00:23:53,490 button once again we'll select an encrypted file container in the volume Creation Wizard. 297 00:23:53,490 --> 00:24:00,280 That's the first option and click Next Only this time we're going to click the radial button for hidden 298 00:24:00,310 --> 00:24:03,100 very crypt volume click. 299 00:24:03,100 --> 00:24:11,020 Next we will be choosing normal mode as a side note you could use direct mode to create a hidden volume 300 00:24:11,020 --> 00:24:13,970 in an already existing volume. 301 00:24:14,020 --> 00:24:19,770 But I recommend doing this all as one procedure for reasons that I'll explain shortly. 302 00:24:19,810 --> 00:24:28,060 For now click Next once again will need to specify what we want to place the file and give it a name. 303 00:24:28,090 --> 00:24:30,790 So again I'm going to pick the desktop. 304 00:24:30,790 --> 00:24:41,210 Call it bebe 8 save and make sure never save history is checked click next. 305 00:24:41,230 --> 00:24:44,960 Now we're going to create the outer volume exactly as before. 306 00:24:45,130 --> 00:24:52,360 Select the encryption that you want however make certain that whatever encryption and hash algorithms 307 00:24:52,360 --> 00:25:00,030 you select are selected again for the hidden volume so once again I'm going to do a yes to fish serpent 308 00:25:00,870 --> 00:25:07,260 though again there are no wrong choices here and SHA 512 when you've made your selections click next. 309 00:25:07,410 --> 00:25:13,610 This time let's give it a decent amount of space so that we can see alternate format options. 310 00:25:13,680 --> 00:25:23,950 We'll do 100 megabytes and we'll need to set a password for the outer volume to be credible. 311 00:25:23,950 --> 00:25:31,480 This should be a long and powerful password and it must be distinctly different from the one you use 312 00:25:31,510 --> 00:25:35,590 to setup the secure hidden volume. 313 00:25:35,590 --> 00:25:40,710 Again you have the option to use key files or p.m. if you so desire. 314 00:25:47,500 --> 00:25:54,970 Once again you're going to want to waive your mouse cursor around like a crazy person to build up randomness 315 00:25:58,150 --> 00:26:00,220 for the encryption process. 316 00:26:00,370 --> 00:26:05,260 Notice again that we can change our file system format for the outer volume. 317 00:26:05,260 --> 00:26:09,310 This choice will not affect the file system of the hidden volume. 318 00:26:09,310 --> 00:26:13,390 But notice what happens when we select a.. 319 00:26:13,450 --> 00:26:21,170 F S for the outer volume and try to click format it will give us this warning. 320 00:26:21,320 --> 00:26:24,820 And this may seem complicated but bear with me. 321 00:26:24,890 --> 00:26:36,350 Note that the f 80 or x f 80 file system is more suitable for outer volumes than the NTFS file system. 322 00:26:36,440 --> 00:26:42,650 For example the maximum possible size of the hidden volume will very well very likely be significantly 323 00:26:42,650 --> 00:26:47,540 greater if the outer volume is formatted as fat or ex fat. 324 00:26:47,540 --> 00:26:54,560 The reason is that NTFS file system always stores internal data exactly in the middle of the volume 325 00:26:54,590 --> 00:26:59,860 and therefore the hidden volume can reside only in the second half of the outer volume. 326 00:26:59,870 --> 00:27:08,420 What this is telling you is if you have a 100 megabyte file and you create an outer volume that is just 327 00:27:08,420 --> 00:27:16,010 intended to be fake and you're not planning to really use it for very much and then you select NTFS 328 00:27:16,070 --> 00:27:24,200 for the outer volume format you're only going to have about 50 megabytes for the hidden volume. 329 00:27:24,260 --> 00:27:30,950 That's because it stores things directly in the middle of the volume so it's going to be a lot of wasted 330 00:27:30,950 --> 00:27:40,190 space particularly on a larger drive such as for example and an external USP drive. 331 00:27:40,190 --> 00:27:46,460 Of course if you decide to format with fat or ex fat you might want to have a reason in your head for 332 00:27:46,460 --> 00:27:47,360 why you did that. 333 00:27:47,360 --> 00:27:53,100 If you're ever asked why you chose that file format over NTFS. 334 00:27:53,360 --> 00:27:56,070 So with that being said we're going to click No. 335 00:27:56,270 --> 00:28:05,800 And we're going to go with other fatter X Fadl choose X fat this time I'll leave the random pool header 336 00:28:05,800 --> 00:28:11,960 key and master key hidden just because I can and will click format. 337 00:28:11,960 --> 00:28:13,120 One more thing. 338 00:28:13,220 --> 00:28:17,600 True Crypt being older does not have X fat as an option. 339 00:28:17,600 --> 00:28:21,260 You can create a volume that exceeds two terabytes. 340 00:28:21,260 --> 00:28:29,450 Using True Crypt but you must use the NTFS file system for any outer volume you create and that will 341 00:28:29,450 --> 00:28:33,550 mean a lot of wasted space in the inner volume. 342 00:28:33,590 --> 00:28:36,200 The process is relatively quick. 343 00:28:36,320 --> 00:28:43,880 Once again we are presented with a window that allows us to open the outer volume the volume is now 344 00:28:43,880 --> 00:28:48,630 mounted and we can put files we don't care about inside. 345 00:28:48,770 --> 00:28:54,440 These are files that look important but we can afford to allow an adversary to see them. 346 00:28:54,440 --> 00:29:00,470 Please be aware that this is really your one and only chance to add files to the outer volume. 347 00:29:00,470 --> 00:29:04,670 It is possible to mount the outer volume later in protected mode. 348 00:29:04,670 --> 00:29:11,330 However you won't be able to add files to it and if you add files to it outside of protected mode you 349 00:29:11,330 --> 00:29:18,110 run the risk of damaging files in the hidden volume so take some time now to place files in the outer 350 00:29:18,110 --> 00:29:21,800 volume before proceeding to the next step. 351 00:29:25,140 --> 00:29:37,610 I really should have created a fake one but fake map to Luke Skywalker and we will save as and will 352 00:29:37,620 --> 00:29:41,630 place it on the desktop. 353 00:29:41,740 --> 00:29:43,920 This fake map 354 00:29:47,830 --> 00:29:52,830 so we'll click open outer volume we'll drag our file inside 355 00:29:58,730 --> 00:30:03,230 and I realized that emptying the recycling bin is not really securely deleting the file. 356 00:30:03,230 --> 00:30:05,690 But again this is just a demonstration. 357 00:30:05,690 --> 00:30:10,850 So now our fake map is inside the outer volume. 358 00:30:10,850 --> 00:30:14,990 And this is what we don't mind an adversary seeing. 359 00:30:14,990 --> 00:30:22,040 So if we're ever forced to give up our password and they mount this volume they're going to see this 360 00:30:22,130 --> 00:30:29,420 fake file that looks real and it looks like something that you would want to encrypt but it's actually 361 00:30:29,420 --> 00:30:31,280 completely irrelevant. 362 00:30:31,280 --> 00:30:37,130 When we're done we'll close that and we'll click next. 363 00:30:37,130 --> 00:30:39,890 Now it's time to create the hidden volume. 364 00:30:39,890 --> 00:30:46,130 We need to use the same options here that we used for the outer volume which is to say the same encryption 365 00:30:46,160 --> 00:30:49,340 algorithm and hash algorithm click next. 366 00:30:49,370 --> 00:30:52,660 Here again we have to allocate space. 367 00:30:52,760 --> 00:30:59,270 You can make the hidden volume very small if you want to add files to the outer volume later so as to 368 00:30:59,270 --> 00:31:02,490 avoid damaging the contents of the hidden volume. 369 00:31:02,780 --> 00:31:08,570 As a rule though you really don't want to ever add anything to the outer volume ever again. 370 00:31:08,780 --> 00:31:16,280 If you use any format other than NTFS for the outer volume you should be able to allocate as much space 371 00:31:16,400 --> 00:31:18,110 as you have left. 372 00:31:18,200 --> 00:31:23,230 You won't be able to use a decimal point so select the killer byte radial option. 373 00:31:23,420 --> 00:31:30,560 If you care about that tiny bit extra it's not a bad policy to leave a tiny bit extra for the outer 374 00:31:30,560 --> 00:31:32,560 volume just in case 375 00:31:35,330 --> 00:31:41,440 when you're ready click Next select your hidden password. 376 00:31:41,460 --> 00:31:44,230 This is the real password. 377 00:31:44,340 --> 00:31:46,950 The one you keep secret no matter what. 378 00:31:47,220 --> 00:31:53,040 If forced to give a password you would give the password to the outer volume and keep this password 379 00:31:53,040 --> 00:31:53,880 to yourself 380 00:31:57,530 --> 00:32:01,230 when ready click next for the hidden volume. 381 00:32:01,240 --> 00:32:07,900 We're gonna go ahead and we're going to select NTFS for the file format although you can use another 382 00:32:07,900 --> 00:32:10,730 file system if you so desire. 383 00:32:10,780 --> 00:32:18,180 Then we're going to wave our mouse around as randomly as possible we can leave the master key hidden 384 00:32:18,180 --> 00:32:21,170 it doesn't matter and we will click format. 385 00:32:21,330 --> 00:32:28,110 Be aware that formatting the hidden volume does not take as long as formatting the outer layer provided 386 00:32:28,110 --> 00:32:29,720 you do this all at once. 387 00:32:31,790 --> 00:32:40,260 This is telling us that we have successfully created the hidden volume so we'll exit now let's go ahead 388 00:32:40,260 --> 00:32:44,120 and create a file. 389 00:32:44,140 --> 00:32:45,080 Want to hide 390 00:33:04,290 --> 00:33:04,940 once again. 391 00:33:04,950 --> 00:33:11,730 We're going to select whatever drive we want to mount our newly created container on. 392 00:33:11,940 --> 00:33:13,200 We will select file 393 00:33:15,900 --> 00:33:21,500 and select our container click mount. 394 00:33:21,540 --> 00:33:29,850 Now if we enter the outer volume password we will be mounting the false layer the outer volume but we're 395 00:33:29,850 --> 00:33:32,430 going to do the hidden volume 396 00:33:37,550 --> 00:33:44,000 noticed that this time under type we see the word hidden so if we go to computer 397 00:33:49,850 --> 00:33:54,710 we can see the amount of space by the way that we have in this drive that is free 398 00:34:00,710 --> 00:34:04,850 and we'll go ahead and we'll put our real map inside 399 00:34:12,340 --> 00:34:13,360 then we'll dismount 400 00:34:15,970 --> 00:34:19,480 and we'll go ahead and we'll mount the outer volume 401 00:34:24,120 --> 00:34:28,110 this time when we go to computer and access our zip drive. 402 00:34:28,260 --> 00:34:33,210 We can see the fake map notice also that under type. 403 00:34:33,210 --> 00:34:35,100 It says normal. 404 00:34:35,100 --> 00:34:37,350 It's not really a normal volume. 405 00:34:37,380 --> 00:34:39,660 It's a it's an outer layer. 406 00:34:39,690 --> 00:34:46,290 Well but in order to make the deception convincing it will report itself as being normal. 407 00:34:46,290 --> 00:34:55,680 Now if we wanted to mess around with the outer layer without running the risk of damaging the hidden 408 00:34:56,010 --> 00:35:03,800 inner layer we need to take one more step in the mounting process. 409 00:35:03,840 --> 00:35:07,230 We're going to click mount options. 410 00:35:07,260 --> 00:35:08,130 We're going to click. 411 00:35:08,130 --> 00:35:15,660 Protect hidden volume against damage by writing to the outer volume then we need to select our hidden 412 00:35:15,660 --> 00:35:19,400 volume password click. 413 00:35:19,430 --> 00:35:26,790 OK and now we supply our outer volume password as normal 414 00:35:32,880 --> 00:35:35,070 notice this time under type. 415 00:35:35,070 --> 00:35:37,950 The outer volume now says outer. 416 00:35:37,950 --> 00:35:44,850 This reveals that a hidden volume exists so only do this if you are alone and only do this when you 417 00:35:44,850 --> 00:35:51,440 wish to make changes to the contents of the outer volume without risking damage to the inner volume. 418 00:35:51,660 --> 00:35:56,940 What you have just seen as the basic premise for the more advanced forms of encryption that we'll be 419 00:35:56,940 --> 00:35:59,010 seeing next. 420 00:35:59,040 --> 00:36:03,470 Let's go ahead and encrypt a USP thumb drive 421 00:36:06,470 --> 00:36:09,350 so I've gone ahead and I've plugged in the USP device. 422 00:36:09,350 --> 00:36:15,430 Now this device was already formatted with very script which is to say it's already encrypted. 423 00:36:15,450 --> 00:36:21,800 This is good because it allows me to show off what happens when you plug in any sort of an encrypted 424 00:36:21,800 --> 00:36:22,500 device. 425 00:36:22,520 --> 00:36:26,410 The operating system will look at it and it will see random data. 426 00:36:26,420 --> 00:36:30,350 It will not recognize the device as being formatted. 427 00:36:30,350 --> 00:36:37,100 If you click format and then if you were to click the Start button or whatever continuation button your 428 00:36:37,100 --> 00:36:42,930 operating system offers you you would delete your encrypted data. 429 00:36:42,950 --> 00:36:45,440 So be very careful not to do this. 430 00:36:45,440 --> 00:36:46,750 I have seen it happen. 431 00:36:50,710 --> 00:36:56,980 So to start out with we're going to click the create volume button once again only this time we're going 432 00:36:56,980 --> 00:37:02,050 to select the second radial option in the very script Creation Wizard. 433 00:37:02,080 --> 00:37:08,550 This is the same for true script by the way encrypt a non sys partition or drive. 434 00:37:08,570 --> 00:37:11,300 This is the most suitable option for flash drives. 435 00:37:11,300 --> 00:37:20,060 You could also create an encrypted container as you have seen before and store it on the drive. 436 00:37:20,090 --> 00:37:28,380 But this would be much more obvious to someone looking at it click next and we will go ahead and make 437 00:37:28,380 --> 00:37:38,480 this a hidden volume just like what you saw previously will click Next we'll do this in normal mode. 438 00:37:40,460 --> 00:37:44,100 And now we need to select the device. 439 00:37:44,110 --> 00:37:51,030 Now this is a little bit tricky or confusing to some people. 440 00:37:51,700 --> 00:38:02,300 If the device has no partition table you can select the device by its name and this will encrypt the 441 00:38:02,300 --> 00:38:03,870 entire drive. 442 00:38:03,890 --> 00:38:09,830 However you can't do this if you have a partition or partitions on the drive. 443 00:38:10,010 --> 00:38:17,880 And the reason you might not want to do this is that some operating systems get a little bit overzealous 444 00:38:18,410 --> 00:38:26,930 about formatting any device that they don't automatically recognize formatting the partition will simply 445 00:38:26,930 --> 00:38:33,980 show an encrypted partition or a lot of nonsense data and you'll still be prompted to format the device. 446 00:38:33,980 --> 00:38:42,940 But by doing this the device won't even have a basic partition table so it is up to you and I don't 447 00:38:42,940 --> 00:38:47,490 really have any advice on this it depends on your personal security needs. 448 00:38:47,560 --> 00:38:55,900 However an expert will still be able to detect True Crypt or very crypt headers so I'm of the opinion 449 00:38:55,900 --> 00:38:59,400 that it really doesn't matter that much. 450 00:38:59,470 --> 00:39:04,930 I personally go with this option which is to say I encrypt the drive. 451 00:39:05,200 --> 00:39:11,500 I find this to be easier and more reliable and I don't really like wiping up the partition table on 452 00:39:11,500 --> 00:39:13,510 a drive before encrypting it. 453 00:39:13,540 --> 00:39:15,340 It is your option. 454 00:39:15,340 --> 00:39:18,750 So I'm simply pointing that out when you've made up your mind. 455 00:39:18,760 --> 00:39:20,890 Click OK. 456 00:39:21,040 --> 00:39:22,970 Make sure never save history is checked. 457 00:39:23,020 --> 00:39:28,080 Unless of course you wanted to save the history and click next. 458 00:39:28,090 --> 00:39:30,050 This is the outer volume creation. 459 00:39:30,100 --> 00:39:32,020 This is exactly the same as before. 460 00:39:32,410 --> 00:39:41,260 However I am going to point out that cascading ciphers will make for a slower read right speed when 461 00:39:41,260 --> 00:39:50,320 you are moving files back and forth from the encrypted USP device not anywhere near as slow as an encrypted 462 00:39:50,350 --> 00:39:53,390 operating system or partition would be. 463 00:39:53,410 --> 00:40:01,600 I personally still think that cascading ciphers is a good way to go for USP devices but you are perfectly 464 00:40:01,600 --> 00:40:06,360 okay using something like a yes serpent or to fish. 465 00:40:06,430 --> 00:40:08,820 You don't need to use a cascading cipher. 466 00:40:08,890 --> 00:40:13,280 These are still very very strong encryption options. 467 00:40:13,330 --> 00:40:14,530 It is your choice. 468 00:40:14,530 --> 00:40:16,380 I'm going to go with once again. 469 00:40:16,380 --> 00:40:27,020 Actually we'll mix things up or go with let's go with the one I can't pronounce who is unique. 470 00:40:27,020 --> 00:40:30,220 Serpent Camellia. 471 00:40:30,380 --> 00:40:36,150 That was my best guess and we don't have to do Shaw 512. 472 00:40:36,350 --> 00:40:47,570 In this case we'll do Whirlpool click Next also notice that the maximum amount of the space is going 473 00:40:47,570 --> 00:40:54,140 to be used for the outer volume and then we can set the space that we want to use for the inner or hidden 474 00:40:54,140 --> 00:40:58,420 volume depending on which file format we go with click. 475 00:40:58,420 --> 00:41:02,350 Next we will supply the outer volume password 476 00:41:09,350 --> 00:41:09,920 okay. 477 00:41:11,910 --> 00:41:15,030 Again key files or PCM can be set. 478 00:41:15,030 --> 00:41:20,260 Click Next Wave your mouse cursor around like a crazy person. 479 00:41:20,280 --> 00:41:24,730 Also notice the format options that are currently available. 480 00:41:24,960 --> 00:41:31,890 And remember that formatting the outer volume to NTFS is not recommended for the reasons that we've 481 00:41:31,890 --> 00:41:33,000 gone over. 482 00:41:33,360 --> 00:41:41,010 Once your randomness pool is completed to your satisfaction and by the way this board down here is just 483 00:41:41,010 --> 00:41:42,360 a recommendation. 484 00:41:42,570 --> 00:41:50,360 You can do this for hours if you want to which I will of course not do in this video. 485 00:41:50,710 --> 00:41:52,630 And you can't set the cluster. 486 00:41:52,630 --> 00:41:55,600 Though I personally always leave it as default. 487 00:41:55,600 --> 00:41:57,660 When you're ready click format. 488 00:41:59,650 --> 00:42:04,450 And it will warn you that all files currently stored on the device will be deleted. 489 00:42:04,450 --> 00:42:06,640 Please keep this in mind. 490 00:42:06,910 --> 00:42:09,860 Files on the device are not going to be encrypted. 491 00:42:09,880 --> 00:42:13,770 You are overwriting everything to create an encrypted container. 492 00:42:13,780 --> 00:42:20,500 By doing this you will then place the files that you wish to be encrypted inside that container. 493 00:42:20,500 --> 00:42:25,210 So please don't get confused and delete any important data when you're ready click. 494 00:42:25,210 --> 00:42:31,000 Yes because this is a USP device with significantly more space. 495 00:42:31,030 --> 00:42:40,400 The encryption process is going to take a while on a particularly large drive such as perhaps a three 496 00:42:40,400 --> 00:42:42,400 terabyte external hard drive. 497 00:42:42,410 --> 00:42:45,200 This process can actually take days. 498 00:42:45,380 --> 00:42:47,150 So please bear that in mind 499 00:42:49,830 --> 00:42:56,520 once the process is complete will open the outer volume exactly as we did in the prior demonstration 500 00:42:57,060 --> 00:43:03,840 and will place a fake file into it so we'll click the open outer volume button and I don't have a fake 501 00:43:03,840 --> 00:43:10,530 file prepared so let's just grab BBH which is an encrypted container and drag it right in there. 502 00:43:10,530 --> 00:43:13,350 This is something that you can in fact do. 503 00:43:13,530 --> 00:43:19,920 If you're really paranoid you could create a Russian doll of encryption so to speak with an encrypted 504 00:43:19,920 --> 00:43:26,560 container inside another encrypted container inside another encrypted container and so on and so forth. 505 00:43:26,760 --> 00:43:36,600 If you really wanted to in fact is the WikiLeaks insurance file that was released some time ago is an 506 00:43:36,600 --> 00:43:45,300 example of implementing just such a multilayered container where if one layer of encryption is penetrated 507 00:43:45,570 --> 00:43:47,940 there is another encrypted container beneath it. 508 00:43:47,940 --> 00:43:52,120 And if that layer is penetrated and so on and so on and so forth. 509 00:43:52,350 --> 00:44:00,090 It's also a way of releasing passwords incrementally so that if you wish a particular file to be released 510 00:44:00,090 --> 00:44:04,620 at a certain date for example this might be one way of doing it. 511 00:44:04,620 --> 00:44:12,300 In any case we've now created our hidden layer and we've placed in our our data that we don't care if 512 00:44:12,300 --> 00:44:13,840 that gets detected. 513 00:44:14,100 --> 00:44:20,800 So we'll close this click neck and now exactly as before we're going to set up the hidden volume same 514 00:44:20,800 --> 00:44:21,710 selection. 515 00:44:21,730 --> 00:44:29,050 I am not going to try this word again and Whirlpool for the hash algorithm and we will select the amount 516 00:44:29,050 --> 00:44:36,520 of space the maximum in this case is going to be eight hundred and thirty five megabytes. 517 00:44:36,520 --> 00:44:40,510 We could do it in kilobytes to get that extra point 8 4 but I don't care. 518 00:44:40,570 --> 00:44:51,040 8 3 5 and we'll click Next we'll ignore this warning and we'll supply our password 519 00:44:59,400 --> 00:45:02,440 and this time we will select NTFS. 520 00:45:02,730 --> 00:45:10,440 Again you could do fatter ex fat if you so desired fat 32 is also an option in some cases for larger 521 00:45:10,440 --> 00:45:21,980 drives and once you're satisfied with the random pool collection you simply click format and notice 522 00:45:21,980 --> 00:45:26,780 that this will not take as long to format the hidden volume as the outer volume because we're doing 523 00:45:26,780 --> 00:45:28,380 this all at once. 524 00:45:28,430 --> 00:45:34,360 That's something to keep in mind when you're formatting a four terabyte drive or something of that nature. 525 00:45:34,550 --> 00:45:40,070 If it takes two or three days to do the outer volume it will not necessarily take more than five minutes 526 00:45:40,430 --> 00:45:41,800 to do the hidden volume. 527 00:45:41,810 --> 00:45:49,100 This is one of the advantages of doing it all at once and it will warn you not to select a mount point 528 00:45:49,550 --> 00:45:52,310 for the drive letter that is currently assigned to the device. 529 00:45:55,180 --> 00:45:58,790 Volume successfully created. 530 00:45:59,010 --> 00:46:01,470 We will exit this. 531 00:46:01,470 --> 00:46:03,320 We will select a mount point. 532 00:46:03,360 --> 00:46:12,180 Again I'm just going to pick Zed and we will use auto mounts and we will give it our hidden password 533 00:46:14,530 --> 00:46:19,960 please keep in mind that auto Mount is a bit longer than a specific mount because it's going to check 534 00:46:20,080 --> 00:46:27,670 every possible mount point for a very decrypt file and if you click the true crypt option box it will 535 00:46:27,670 --> 00:46:33,820 check for True Crypt as well it will automatically recognize headers but this may take some time. 536 00:46:33,850 --> 00:46:39,100 I just wanted to show off that the option is available because there may be circumstances where you 537 00:46:39,100 --> 00:46:45,100 don't know if a device that you have is actually encrypted because for some reason you can't see the 538 00:46:45,100 --> 00:46:51,280 headers which is a rather complicated process to figure out exactly what kind of random data is on a 539 00:46:51,280 --> 00:46:52,360 drive. 540 00:46:52,360 --> 00:47:00,670 So keep the auto mount devices option in mind if you wish to relatively quickly check to see if a device 541 00:47:00,700 --> 00:47:03,880 or a container is a true crypto or very crypto file. 542 00:47:03,880 --> 00:47:14,660 The USP device is now mounted exactly as a container file would be so we open up our Z drive and we 543 00:47:14,660 --> 00:47:15,710 can now interact with it. 544 00:47:17,100 --> 00:47:25,860 We've placed our hidden file in the hidden container We dismount all and we're done. 545 00:47:25,970 --> 00:47:32,300 And keep in mind it's possible to encrypt pretty much anything you don't have to only use an encrypted 546 00:47:32,300 --> 00:47:42,470 container or a USP drive you could encrypt an SD card or a non sys partition or really any anything 547 00:47:42,470 --> 00:47:44,850 that can contain a file system. 548 00:47:44,900 --> 00:47:50,360 What you have to keep in mind is that things get complicated when you look at encrypting an operating 549 00:47:50,360 --> 00:47:53,710 system which is what we're going to be looking at in the next video. 550 00:47:53,720 --> 00:47:57,720 The USB stick can be mounted exactly the same way as a file container. 551 00:47:57,830 --> 00:48:00,980 You just plug it in and you can use auto mount. 552 00:48:01,100 --> 00:48:07,850 And keep in mind you can melt file containers in very crypt that are True Crypt formatted in the portable 553 00:48:07,850 --> 00:48:10,850 versions as well as in the installed versions. 554 00:48:10,860 --> 00:48:12,620 That's just something to keep in mind as well. 555 00:48:12,620 --> 00:48:18,490 One more thing I'd like to call your attention to in this by the way concludes the practical demonstration 556 00:48:18,500 --> 00:48:19,400 part of this video. 557 00:48:19,400 --> 00:48:25,010 So if you got what you needed and you don't care to hear the history of True Crypt and bear crypt then 558 00:48:25,010 --> 00:48:26,350 I'll see you in the next video. 559 00:48:26,390 --> 00:48:31,980 If you do want to hear this one thing I want to point out is true crypt was in fact audited. 560 00:48:32,090 --> 00:48:37,190 And you can find this information online quite easily is True Crypt AUDITED YET dot com. 561 00:48:37,190 --> 00:48:38,450 Now this was some time ago. 562 00:48:38,450 --> 00:48:45,080 This was obviously back in 2015 after the project had been officially shuttered by the developers. 563 00:48:45,080 --> 00:48:47,610 Now they did find a few issues. 564 00:48:47,610 --> 00:48:50,220 None of them in my opinion are deal breakers. 565 00:48:50,230 --> 00:48:52,810 And the encryption remained extremely strong. 566 00:48:52,820 --> 00:48:58,800 The project therefore it was believed and opinions do differ on this point. 567 00:48:58,850 --> 00:49:05,990 It was believed that the project was shut down because the developers who were essentially a group of 568 00:49:06,020 --> 00:49:06,730 unknowns. 569 00:49:06,740 --> 00:49:15,170 They were quite shadowy received pressure from a governmental entity requiring them to insert a backdoor 570 00:49:15,290 --> 00:49:17,930 or weaken the encryption in some way. 571 00:49:17,930 --> 00:49:23,240 They chose not to do this and instead completely pulled the plug on their own project. 572 00:49:23,270 --> 00:49:30,770 Shortly after that the code was forked and although True Crypt was open source it was always kind of 573 00:49:30,770 --> 00:49:39,050 this nebulous sort of quasi open source will very crypt is 100 percent open sourced. 574 00:49:39,050 --> 00:49:46,490 It was also audited and some of the changes that were made to Vera crypt for example support for you 575 00:49:46,490 --> 00:49:52,070 EFI boot loaders was initially found to be somewhat pregnant all. 576 00:49:52,070 --> 00:49:59,210 Now this has been fixed with current versions of Vera script and new updates are constantly being released. 577 00:49:59,210 --> 00:50:07,340 This is the advantage of open source encryption over let's say a a private corporate offering such as 578 00:50:07,340 --> 00:50:15,170 for example bit locker open source means that there are many eyes upon a project and the methods used 579 00:50:15,500 --> 00:50:17,720 the encryption algorithms used. 580 00:50:17,780 --> 00:50:24,770 All of that can be tested and examined in detail to make sure that it is in fact trustworthy with a 581 00:50:24,770 --> 00:50:31,700 corporate offering a closed source offering that is to say for example bit locker you can never be sure 582 00:50:32,000 --> 00:50:38,570 that whoever is offering the software hasn't either weakened the encryption in some way or installed 583 00:50:38,660 --> 00:50:45,380 some form of a backdoor that they would then give up to a governmental entity or even use themselves 584 00:50:45,380 --> 00:50:46,940 for their own private gain. 585 00:50:46,940 --> 00:50:51,800 These are things to consider and this is why I think that open source encryption really open source 586 00:50:51,890 --> 00:50:55,550 anything is very important in the security sphere. 587 00:50:55,550 --> 00:51:02,090 I strongly encourage you if this is a subject that you find interesting to research this very carefully 588 00:51:02,090 --> 00:51:08,450 on your own and see what all the different encryption software does and how it stacks up and so forth 589 00:51:08,480 --> 00:51:14,360 against other forms of encryption true crypto and very script are only really useful in Windows however 590 00:51:14,600 --> 00:51:21,800 they can be installed in Linux and you can mount true crypto in very clipped files in linux using the 591 00:51:21,800 --> 00:51:23,630 Linux versions of these programs. 592 00:51:23,630 --> 00:51:28,280 We will be looking at Linux encryption programs later in this module. 593 00:51:28,280 --> 00:51:34,940 The final thing I wish to say here is that there are different laws concerning encryption in different 594 00:51:34,940 --> 00:51:36,140 parts of the world. 595 00:51:36,140 --> 00:51:41,640 Obviously it is perfectly legal in the United States to use encryption. 596 00:51:41,660 --> 00:51:46,790 However that may not be true everywhere depending on what part of the world you live in. 597 00:51:46,790 --> 00:51:55,040 Encryption may in fact not be legal or you may be under a legal obligation to give up your password 598 00:51:55,070 --> 00:51:56,810 without any form of warrant. 599 00:51:56,810 --> 00:52:04,190 I am obviously not a lawyer or a legal expert so I must at this time now admonish you to make certain 600 00:52:04,460 --> 00:52:09,710 that you are using this encryption in a lawful way for whatever part of the world you're living in. 601 00:52:09,710 --> 00:52:14,930 With that being said will look at full disk encryption in the next video. 602 00:52:14,930 --> 00:52:21,860 And keep in mind that although True Crypt is a very good piece of software it is out of date. 603 00:52:21,890 --> 00:52:27,600 So if you're using it in a professional environment you're probably going to raise some eyebrows and 604 00:52:27,600 --> 00:52:31,620 not everyone believes that this remained impregnable. 605 00:52:31,620 --> 00:52:33,920 I have not seen any evidence that it was broken. 606 00:52:33,930 --> 00:52:41,430 However I would only consider using True Crypt in this day and age on older computers particularly 32 607 00:52:41,430 --> 00:52:42,240 bit computers. 608 00:52:42,240 --> 00:52:49,430 If I were to encrypt an entire operating system I would not use True Crypt on anything modern. 609 00:52:49,530 --> 00:52:55,800 Remember that very crypt has you EFI bootloader support True Crypt does not and very crypt can handle 610 00:52:55,800 --> 00:52:58,860 much larger files than True Crypt can. 611 00:52:58,890 --> 00:53:04,080 So that is something to keep in mind and remember to always do your due diligence with these programs 612 00:53:04,140 --> 00:53:09,510 and stay up to date to make sure that none of these inscriptions have been broken. 613 00:53:09,510 --> 00:53:18,180 This is a constantly evolving subject and newer and better programs updates and encryption methods are 614 00:53:18,180 --> 00:53:22,950 constantly being released as old ones come into question. 615 00:53:23,100 --> 00:53:24,980 So that's something to keep in mind. 616 00:53:24,990 --> 00:53:28,060 Thank you for your attention and I'll see you next time.