Subscribe to Anti-Forensics
Encryption
Conducting Your “Business” from Wireless Networks
If you conduct online business under an alias such as “Mr. Green” or “Zero Cool” then using wireless networks that do not belong to you and have no connection to you is a great way to cover your tracks. You might just be a small time spammer trying to pay your rent. You could be a hacktivist preparing to deface a website. You could be many things and have numerous goals but the anonymity provided by using wireless networks that do not belong to you and have no connection to you is golden.
Using Just Full Disk Encryption is Not Enough
So you’ve installed full disk encryption using TrueCrypt. You also remembered from a previous article on here that contained in the TrueCrypt boot loader is the string “TrueCrypt Boot Loader” which is a dead giveaway to the fact that you are using encryption software. In response to this you have also performed the simple disk modification to get rid of the identifiable string with a hex editor like in this article.
Now your hard drive is free from unwanted tampering and access without your permission, right?
Modify TrueCrypt Encryption Boot Loader Strings
In a previous post I mentioned that TrueCrypt leaves behind a string in its boot loader (that identifies it as a TrueCrypt boot loader) when using the full disk encryption feature. As you can see in the screenshot below I have modified the original “TrueCrypt Boot Loader” string to read “Windows Boot Loader.”
Full Disk Encryption With TrueCrypt on Windows XP
TrueCrypt is a piece of amazing, free and open-source encryption software. One of TrueCrypts main features is the ability to encrypt an entire hard disk where the Windows operating system has been installed.
Recent Comments