May 3, 2010

How to Encrypt Windows 7/Vista on a Dual Boot System

The aim of this post is to explain how to encrypt MS Windows 7/Vista using TrueCrypt after having installed and encrypted Ubuntu GNU/Linux as explained earlier.

Note: I am aware that certain editions of MS Windows 7, for example, allows the user to use (MS acquired) BitLocker; however, for certain reasons, I prefer not to use BitLocker and to use TrueCrypt instead.

In order to do this, you will have to:
1. Install TrueCrypt on your Windows machine.
2. In TrueCrypt, go to the System menu and choose "Encrypt System Partition/Drive..." Then answer the questions that follow next. On my test systems, the answers were as follows.
3. Type of System Encryption: Normal.
4. Area to Encrypt: Encrypt the Windows system partition. (GNU/Linux is already encrypted.)
5. Number of Operating Systems: Multi-boot. (because I have a GNU/Linux installation.)
6. Boot Drive: Yes. (I tried two different installations, in one case Windows 7 had a separate 100 MB boot partition and in the other case Windows 7 didn't have one. In both cases, answering "Yes" to this question will yield the required results.)
7. Number of System Drives: 1 (I was trying this on a system with 1 hard disk.)
8. Non-Windows Bootloader: No (GRUB was not installed on the MBR; it was installed on the GNU/Linux /boot partition instead.)

After this step, you will be asked to burn a TrueCrypt recovery CD. Once this CD is created, you will be able to test your system (not encrypted yet) with the TrueCrypt Bootloader. If everything went fine, you will be asked to encrypt your hard drive - a step that will take one or more hours depending on the size of your hard disk, choice of encryption algorithm, among other options which you might have chosen.

This is a screenshot of the TrueCrypt bootloader menu.


You can hit Esc key to boot other partitions, such as the GRUB installed on a /boot.


If you choose to boot the GNU/Linux parition from the TrueCrypt Boot Loader menu, you will be taken to the familiar GRUB page as this one.

This GRUB menu is still not updated after encrypting the Windows parition; therefore, it still enlists Windows 7 among the boot options. Choosing to boot Windows 7 from GRUB will result in an error (because it is encrypted!). Updating the GRUB menu should remove Windows 7 from the list.
Posted by nyxyn at Monday, May 03, 2010

May 2, 2010

Encrypted Ubuntu 10.4 on a Dual Boot System

The aim of this post is to discuss how to encrypt your Linux installation on a disk drive that boots MS Windows 7/Vista and Ubuntu Linux 10.4 (should be applicable to previous versions of Ubuntu as well).

Note: A later post will be added to discuss how to encrypt your MS Windows in order to have both systems encrypted.

Why would you want to encrypt your hard disk? One reason would be to protect your data against theft, etc. Other reasons will be left to your vivid imagination.

There are two cases:

Case 1 (GNU/Linux uses the whole hard disk):
In case 1 you only have a Debian GNU/Linux or one of its derivatives such as Ubuntu 10.4 alone with any MS Windows systems. If this is the case, you can easily download Ubuntu Text-based installer and when you reach the "Partition disks" step, all you have to do is to choose the "Guided - user entire disk and set up encrypted LVM." This option should be easy and therefore it will not be further discussed in this post.

Case 2 (GNU/Linux is installed next to a previous MS Windows installation):
You use MS Windows 7/Vista and Ubuntu 10.4; this is a more complicated option. Of course, I advise against using MS Windows products; however, if for some reason you must keep it on your desktop/laptop, then you can follow the steps below.

1. Get Ubuntu 10.4 Text-based Installer.
2. Make sure that you have unallocated (unpartitioned) space for Linux. You can shrink your MS Windows 7 using the Ubuntu installation disk.
3. To create an encrypted installation of Ubuntu, I suggest following Installing Ubuntu with full disk encryption at Learning Linux blog.

I am writing the steps of the Learning Linux post in my own words with few small changes:

1. Boot Ubuntu Text-based Installer disk.
2. When you reach the "Partition disks" step, choose "Manual".

3. Create a non-encrypted /boot partition. Default option is 254.8 MB Ext2 file system. You should specify the mount point as /boot.


4. You need to choose "Configure encrypted volumes" which gives you the option to "Create encrypted volumes" in the free unallocated space.


5. Once done you will be asked to create more encrypted volumes, choose "Finish" to exit this process. After you click "Finish" you will be asked for the encryption password. Make sure that your password is long, complicated, difficult to guess, etc.
6. Next you need to "Configure the Logical Volume Manager" and you should use the previously encrypted partition as the "new volume group".


7. Create two "Logical Volumes": The first will later serve as your root partition the second will be your swap partition (hence it should be roughly twice the size of your RAM.)


8. Configure the first encrypted Logical Volume as Ext4 and mounted as /.

9. Configure the second encrypted Logical Volume as Swap.

10. Your final table should be as shown below.



Next you can proceed with the installation normally and you will have 2 options regarding GRUB:
1. If you don't want to encrypt your MS Windows, then install GRUB on your MBR. In this case, you should be able to boot both MS Windows and your encrypted GNU/Linux installation.
2. If you also want to encrypt your MS Windows, then install GRUB on your /boot partition (usually /dev/sda2 or /dev/sda3 depending on your Windows installation.) In this case, you will continue to be able to boot Windows normally; however, you will not be able to boot GNU/Linux yet. Following the next post How to Encrypt Windows 7/Vista on a Dual Boot System, you will be able to encrypt your MS Windows using TrueCrypt and then you will be able to use your TrueCrypt Boot Loader to reach GRUB and boot your encrypted GNU/Linux installation.
Posted by nyxyn at Sunday, May 02, 2010
Labels: , , ,

New Scam: newfriendly.com / camputa.com

I got this scam email on May first and I am pasting it below just in case anyone was in doubt after receiving it and couldn't figure the scam trick at once.


The email received is pasted below:
746341 sent you a Care2 eCard!

746341 sent you an eCard from Care2! Click on the following link to view your eCard, or paste it into your browser:

http://www.care2.com/send/pickup/1120-95509-65505-3097

This Care2 eCard was sent May 1, 2010 and will be available for 14 days.

Warm wishes,
www.Care2.com
Where spreading love & laughter helps save the world.
Every time you send a FREE Care2 eCard you can generate donations for worthwhile charities. Learn More.


As you can see, the scammer is using www.care2.com services to trick the users. Care2 appears to be a respectable e-greeting card site, although I have never used their services before (and don't plan to use e-greetings either). If we click on the greeting card link, we will be taken to a greeting card with the following text under it,
l7c5r5q
Hi Ahmad... This is difficult for me to do because Im shy..but I have a crush on you. Ive never been able to tell you for reasons which you would quickly identify as obvious if you knew who this was. With that said I want you to guess who I am and approach me yourself.

To help you out with your guessing I made a few pictures and videos with Ahmad written on my body. Theyre kind of risque photos so I had to made a profile at www.newfriendly.com (copy & paste or type www.newfriendly.com into your web browser). My username in the members area is AhmadandME09. Its a free website but you might need a CC or Debit to verify your age because I had to. Sigh.

But anyway sign up at www.newfriendly.com and once you are inside search for me. I want you to guess who I am and then approach me yourself. Im shy and this is the bravest thing Ive probably ever done but you need to do the rest.

Kisses

f9n6z5e3


So, this is what they are after all! They want me to give credit card to a scam website! If you write http://www.newfriendly.com in your browser, you will be taken to the final scam website http://www.camputa.com/ which looks pure scum to me.

After writing this post, I searched the net and it seems that this scam has started several months ago with some variations of the techniques.

Be careful and browse safe!


Ahmad
Posted by nyxyn at Sunday, May 02, 2010
Subscribe to: Posts (Atom)