operating system residing within a hidden volume
(see the section
Hidden
Operating System
), then, in addition to the above, you must follow these security requirements
and precautions:
o
You should use the decoy operating system as frequently as you use your computer.
Ideally, you should use it for all activities that do not involve sensitive data. Otherwise,
plausible deniability of the hidden operating system might be adversely affected (if you
revealed the password for the decoy operating system to an adversary, he could find
out that the system is not used very often, which might indicate the existence of a
hidden operating system on your computer). Note that you can save data to the decoy
system partition anytime without any risk that the hidden volume will get damaged
(because the decoy system is not installed in the outer volume).
o
If the operating system requires activation, it must be activated before it is cloned
(cloning is part of the process of creation of a hidden operating system — see the
section
Hidden Operating System
) and the hidden operating system (i.e. the clone)
must never be reactivated. The reason is that the hidden operating system is created by
copying the content of the system partition to a hidden volume (so if the operating
system is not activated, the hidden operating system will not be activated either). If you
activated or reactivated a hidden operating system, the date and time of the activation
(and other data) might be logged on a Microsoft server (and on the hidden operating
system) but not on the decoy operating system. Therefore, if an adversary had access
to the data stored on the server or intercepted your request to the server (and if you
revealed the password for the decoy operating system to him), he might find out that
the decoy operating system was activated (or reactivated) at a different time, which
might indicate the existence of a hidden operating system on your computer.
For similar reasons, any software that requires activation must be installed and
activated before you start creating the hidden operating system.
o
When you need to shut down the hidden system and start the decoy system, do
not
restart the computer. Instead, shut it down or hibernate it and then leave it powered off
for at least several minutes (the longer, the better) before turning the computer on and
46
booting the decoy system. This is required to clear the memory, which may contain
sensitive data. For more information, see the section
Unencrypted Data in RAM
in the
chapter
Security Requirements and Precautions
.
o
The computer may be connected to a network (including the internet) only when the
decoy operating system is running. When the hidden operating system is running, the
computer should not be connected to any network, including the internet (one of the
most reliable ways to ensure it is to unplug the network cable, if there is one). Note that
if data is downloaded from or uploaded to a remote server, the date and time of the
connection, and other data, are typically logged on the server. Various kinds of data are
also logged on the operating system (e.g. Windows auto-update data, application logs,
error logs, etc.) Therefore, if an adversary had access to the data stored on the server
or intercepted your request to the server (and if you revealed the password for the
decoy operating system to him), he might find out that the connection was not made
from within the decoy operating system, which might indicate the existence of a hidden
operating system on your computer.
Also note that similar issues would affect you if there were any filesystem shared over a
network under the hidden operating system (regardless of whether the filesystem is
remote or local). Therefore, when the hidden operating system is running, there must
be no filesystem shared over a network (in any direction).
o
Any actions that can be detected by an adversary (or any actions that modify any data
outside mounted hidden volumes) must be performed only when the decoy operating
system is running (unless you have a plausible alternative explanation, such as using a
"live-CD" system to perform such actions). For example, the option '
Auto-adjust for
daylight saving time
' option may be enabled only on the decoy system.
o
If the BIOS, EFI, or any other component logs power-down events or any other events
that could indicate a hidden volume/system is used (e.g. by comparing such events with
the events in the Windows event log), you must either disable such logging or ensure
that the log is securely erased after each session (or otherwise avoid such an issue in
an appropriate way).
In addition to the above, you must follow the security requirements and precautions listed in the
following chapters:
•
Security Requirements and Precautions
•
How to Back Up Securely
|