Armory, TrueCrypt, and Hidden Operating System - Problem

[andy48]

I am trying to set up and use Armory with a hidden O/S with TrueCrypt for plausible deniability.  (Armory offline is in the hidden O/S.)  The problem I'm having is that I can't write to any other partitions except for the outer partition when I need to sign a transaction.  This breaks the rule of plausible deniability because writing to the outer partition is registered by the unhidden O/S, not to mention you have to read the file and delete it which leaves in on the drive (although encrypted, but on the "less secure" side).

Any thoughts?  The TrueCrypt forum guys sent me here wondering if Armory could be set up different to do transaction signs (like maybe through QR codes or something I can write down).

Cheers.

-Andy

[etotheipi]

I am trying to set up and use Armory with a hidden O/S with TrueCrypt for plausible deniability.  (Armory offline is in the hidden O/S.)  The problem I'm having is that I can't write to any other partitions except for the outer partition when I need to sign a transaction.  This breaks the rule of plausible deniability because writing to the outer partition is registered by the unhidden O/S, not to mention you have to read the file and delete it which leaves in on the drive (although encrypted, but on the "less secure" side).

Any thoughts?  The TrueCrypt forum guys sent me here wondering if Armory could be set up different to do transaction signs (like maybe through QR codes or something I can write down).

Cheers.

-Andy

I'm not sure I understand the problem.  Can't the hidden OS read and write to a USB key?   Does the inner O/S run at the same time as the outer OS?  Sorry, I have no experience with this, so I need a little better background, first.

QR codes will not be able to handle a significant number of transactions.  I'd have to use some kind of QR-code movie in order to make it reliable.  There's a lot of discussion about alternatives in this thread about offline alternatives.

Do you think the inner OS can talk to a serial port without registering with the outer OS?  That's a very solid solution, anyway.  If not, maybe QR codes are the best solution.  But can you access the camera "safely"? 

P.S -- DISCLAIMER:  I do not endorse the use of Bitcoin in any way not consistent with laws in your (or any) jurisdiction!  Please pay your taxes, and please don't do illegal stuff with Bitcoin, with Armory, or any of my advice!  I claim no responsibility for your crimes or jail time!  (but please believe me, I don't follow privacy==must-be-doing-something-illegal, this is for those who have such motives in reading this thread!).

[andy48]

I appreciate the help.  The hidden O/S is so no one knows it's there, I'm not doing anything illegal, and yes, I'm going to have a hefty tax bill due to cryptocurrencies in 2014!  But I'm not complaining! 

Having said that, the problem I have with TrueCrypt is that when you are in the hidden O/S, you can't write to anything but the outer partition.  If you don't know much about it, I would suggest reading this:  http://www.truecrypt.org/docs/?s=hidden-operating-system or at least going down and looking at the purple-ish diagram of the volumes and partitions.  The problem I'm having is no one from TrueCrypt knows much about Armory and no one from Armory seems to know much about hidden O/S's using TrueCrypt (at least not that I've found yet)!

They restrict writing to pretty much anything but the outer partition.  The problem with that is that if I load the "decoy" O/S so that I can pick up the file, the decoy O/S has a record or journal entry of access to the signed file.  Apparently that's no bueno with them...

Cheers.
Andy

[Dabs]

Deep Freeze the decoy OS. Or in my case, I use an unencrypted decoy OS, and since I'm assuming this is Windows, I turn of last access times. That's an anti-forensic technique.

Also, from my understanding, the hidden OS makes all other non-hidden partitions as read-only, so that no data leaks out, except external hard drives or USB flash drives.

I use TrueCrypt, but I've rarely had to use the hidden OS feature, I just experimented with it a few times when I got an old laptop to play with. A competitor (DiskCryptor) can also change the way your system boots up, so you have a decoy OS that runs by default and the hidden OS launches only with the correct password.

But I've stuck with TrueCrypt for now. For file based volumes, I even have a quick delete program I made that wipes the first, middle, and last 8 megabytes of the file container; quickly nukes my 100 gigabyte volume within less than a quarter of second beyond reasonable recovery.

[andy48]

Dabs,

I'm not sure what you are suggesting.  Do you have a recommendation for tools to use?  AFAIK TrueCrypt doesn't allow writing to external HDs or USB drives.  This is my major problem because I want a hidden OS so if someone is holding a gun to my head and wants to take my Bitcoins, I can take them to a place where I have a wallet with a small amount as a decoy.

Using Armory, I can't sign the transaction because I can't write the file anywhere except the outer partition, log into the decoy OS, get the signed file (leaving a whole mess of information in the file system that the file existed).

Any thoughts?

[Dabs]

I haven't tried the Hidden OS in a while, but I think the documentation mentions that it will not allow writes to local file systems. Meaning, external drives should be writable even when using the hidden OS.

Someone has to try it though. I don't have the space to do it on my computer right now.

As for someone holding you up, you're screwed basically. If they know enough about encryption, they will beat you up until you give up the password to the hidden OS which you didn't make, or until they're satisfied that it really doesn't exist. They will not believe you have 10 bitcoins and only 10 bitcoins in your decoy OS. They will keep you in jail for a few months until you tell them about your paper wallet, or give them the key to your safe deposit box in the bank, or ... ... ...

Also, if they're smart, they will be studying you, without you knowing it, and they will realize that you might possibly have a hidden OS.

What's better is a kill switch. When you press it (some key combination) or you double click the icon, your computer reboots and starts erasing itself. It only needs a second to wipe the first megabyte, and then the entire encrypted drive is essentially gone.

Then you can prove that it is indeed gone. If they look at the data, you can show them the zeros.

Or, if you're low-tech, the computer has an electronically activated thermite mixture on top of the hard drive. Press the switch and it melts the computer with 5000+ degrees of heat. If your drive was encrypted, then it's gone.

Now, about your back up... ... ... You'll have to convince the bad guys that you don't have a back up. You can prepare a paper backup of Armory, and intentionally burn one copy leaving fragments visible. Then that's what you show them.