# InfoSecurity Tek: Complete True Crypt Tutorial by Verto



## Weston (Aug 25, 2013)

This is an article re-posted from the deep-web - I simply cut and pasted it and it is not my original work. Credit goes to Hannibal for writing and Verto for making public - if you find Verto's lair in the deep web much respect to you. 

I covered up parts talking about what type of crime this person committed because it annoyed me and didn't need to be mentioned here on STP. Make sure to take note about that last part about 2 passwords - one for you and a dummy password for the authorities... This is better explained at www.truecrypt.com

*Complete TrueCrypt Tutorial*
by *Verto* » Wed May 01, 2013 8:52 pm

Author: Hannibal

What is TrueCrypt?

TrueCrypt, for those who don't already know, is an encryption software for Windows 7/Vista/XP, Mac OS X, and Linux.

It is basically a way of creating areas of your hard drive that are encrypted so that you can hide sensitive data and information there.

Furthermore, you are able to encrypt your entire hard drive so that at boot, your computer will not be able to start without entering the correct password.

This excerpt from TrueCrypt's website offers a more detailed explanation than I can provide:

TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on the fly (right before they are written to the disk) in RAM. Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory (RAM) requirements for TrueCrypt. For an illustration of how this is accomplished, see the following paragraph.

Let's suppose that there is an .avi video file stored on a TrueCrypt volume (therefore, the video file is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system launches the application associated with the file type – typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process repeats. This process is called on-the-fly encryption/decryption and it works for all file types, not only for video files.

Note that TrueCrypt never saves any decrypted data to a disk – it only stores them temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your computer, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted (without proper system shut down), files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile).

Source: http://www.truecrypt.org/docs/


Why should I use TrueCrypt?

TrueCrypt is a must for anyone doing anything illegal or blackhat through the use of a computer.

Even if you are not participating in blackhat activities, there are still a plethora of reasons, limited only by your own creativity, as to why you would want to use TrueCrypt.

There is an interesting story going around about one individual that used TrueCrypt and avoided certain jail time because of it.

For those that don't feel like reading it, basically the story is that this individual downloaded [some bullshit]. He was caught and all of his computers were seized, and he was taken into custody.

Upon analyzing his computer, they agents hit a dead end once they found that he had used whole drive encryption on all of his hardware.

I'm sure there's more to the story that he has you believe about him not being involved in [Bullshit], but nevertheless, the story goes as follows:

This isn't meant to be advertising for or against computer encryptions. Facts are, I encrypted my computer and it saved my life, my reputation and everything I have.

In February 2004 my house was raided by the FBI. They came with the full van and armed agents. They rushed in, presented a warrant and mentioned they had proofs somebody here had downloaded [Bullshit]. Now understand this: this isn't a whole [Bullshit] is good / [Bullshit] is bad story. I don't know if people who [Bullshit] turn into [Bullshitters] or not (I don't think they do). I am not saying what I did was good, or even legal.

[Paragraph removed due to Bullshit]

They promptly took my computer, my external external hard drive and my laptop. They took my parents' computer as well. I was detained for interrogation.

And I was smart.

The very first thing I said, even before the interviewer dropped his pen, is "I want my attorney." Note: I had no attorney. I was bluffing. The officer said "Sure," took a few notes, and asked me for a few details "to file the case." Yes, he tried to trick me into talking, or at least starting to talk. I immediately repeated: "I want my attorney." That is the ONLY thing I said. I wanted to yell at him "I DON'T GIVE A SHIT ABOUT YOUR FILE" but I did not.

He eventually complied, asked for his details, at which point I said I did not have an attorney but was in the process of finding one. However, I wanted a public defender. They charged me with possession of [Bullshit], mentioning my computer as proof. Inside, I laughed a bit, knowing what was waiting.

I was formally charged, set bail, paid it, and let out. And then began a quite dramatic - but funny - turn of events. When you file charges in my state, the defendant has the right to a speedy hearing AND, of course, a preliminary hearing. I expressed my rights fully (eventually hired an attorney, my public defender didn't do much).

The police - and FBI - had one problem.

My hard drives were all encrypted.

Even my laptop was encrypted. Back home, I took care to properly destroy anything that could ever get me in trouble - even letters I wrote as a child. The police had rapidly checked for more evidence, but as they wouldn't find anything, they did not take the time to look for drugs, drugs equipment and other evidences for other crimes.

Two weeks later I got a call from someone claiming to work for the FBI. Apparently they were unable to decrypt my hard drives and required my help. I told them to talk to my attorney. I was summoned in and the only thing I told them was "I want my attorney".

They wanted the password

-We know you encrypted your data. We even know which program you used. By law, you are required to decrypt the data.

-I want my attorney.

They complied, my attorney came (at high cost) and the situation was re-explained to him (I, of course, already told him the situation, and he recommended not helping them a damn). He told them they had no legal stand.

They formely ordered me to decrypt my data, threatening to charge me with terrorism, and I refused one last time. I was jailed again for a night and new charges were pressed for obstruction (i.e. refusing to help on an investigation).

Fast-forward a week, I get a formal plea bargain. [Bullshit about Bullshit]. The other charge would be drop. Quite a good deal, huh? My public defender STRONGLY told me to accept as the conviction rate was "nearly 99%". My attorney told me to invoke my 5th amendment and refuse any cooperation.

Fast-forward to the preliminary hearing. The judge has to decide whether or not there is enough evidence to prosecute me. He asks for the investigator, who explains the situation, and for the forensic expert. To make a short story, they mention my IP clearly downloaded [Bullshit]. Looks like I'm finished.

Except for one thing. It has been so long between the download and the raid it was hard to prosecute me on the IP address alone. The record were old, incomplete, poorly filed. My attorney did a good job making the forensic expert admit "mistakes were possible."

Then came my turn. The expert told the judge they could not find any trace of [Bullshit] because my hard drives were encrypted. He said it was a clear proof I "was hiding something probably worse" at which point he was promptly stopped by my attorney (speculation is not accepted in court). The judge agreed. The expert closed his statement by saying that I had not only encrypted my hard drives, but external drive and laptop.

Then came my turn. The judge summoned me, asked me a few questions, and finally asked: "Why did you encrypt your hard drive?" Think fast. What could I reply!!!

"For safety and privacy, your honor. In case of theft."

"Why do you refuse to decrypt your data?"

The $1,000 question (note: this is not exactly what was said, just how I recall it). What can I say? Quick, a word with a lawyer. Then, the genius answer:

"Your honor I would like to invoke my 5th amendment" "Alright".

Oh, the irony of 5th amendment. If you don't invoke it, you have to incriminate yourself. If you do invoke it, you indirectly admit guilt. Of course that can't be used against you, but whatever.

There were a few more statements, and eventually the prosecution had nothing. The judge took a moment to think, then said two words that would change my life. "Case dismissed" due to "lack of evidence". I was ecstasic.

The prosecution party was furious. They closed the file. The judge was about to end the audience when I said:

"Your honor, they still have my computer. I want it back!"

"You just had a criminal case dimissed."

"It's my stuff. I want it back"

"Very well. Your town's police department has 30 days to give you your material back. Audience finished".

I was very happy. I felt I added to the insult with that last request. The prosecution party couldn't believe it, after all that work.

I got my stuff back and it took me a full month before I dated to open my computer again. I was afraid they put a bug or would still try to harass me or incriminate me. I feared they were waiting for me to decrypt me to charge me again. I waited one whole month, then decrypted the file - saved the files I wanted to keep then formatted it all, writing random 0's and 1's.

So this is it. TrueCrypt certainly saved my life, reputation and money. Without it, there is no doubt the police would have found the pictures, and convicted me. I would be on the same registery as rapists and pedophiles - all this for a mistake of mine. But encryption - and refusing to give up despite the threats of being charged with a much more serious crime - kept me free.


Is using TrueCrypt illegal?

In some countries, the use of encryption of any kind is illegal. This includes TrueCrypt.

If you happen to live in one of these countries, are being charged with a cyber crime, and they find any encrypted contents on your hard drive, you can bet you're in for a rough time.

They will physically beat the shit out of you and torture you into providing them with the password or key-files to the volume.

Furthermore, it can even be illegal for you to transmit encrypted files from one country to another.

I urge you to check up on the laws in your country and ensure that the methods outlined below are actually legal in your country and you're not just digging yourself a bigger hole.

If you live in the United States, TrueCrypt is legal, and the passwords for your archives are protected under the 5th Amendment.

If you live in a country where it is illegal, there are things you can do to use TrueCrypt a bit more safely.

One example is to use a Hidden Archive. This is basically like a suitcase with a false bottom.

One password - the one you would give to authority's if interrogated and tortured - will open the archive and display certain contents, while the second password will open the same archive but display different contents.

However, this doesn't change the fact that using encryption is illegal.


----------

