Manual VeraCrypt 1.16 (page 48 of 162) (English)

658731

Zoom out

Zoom in

1/162

after the hidden system has been created. Afterwards, in order to achieve plausible deniability,

VeraCrypt will prompt you to install a new system on the partition and encrypt it using VeraCrypt.

Thus, you will create the decoy system and the whole process of creation of the hidden operating

system will be completed.

Plausible Deniability and Data Leak Protection

For security reasons, when a hidden operating system is running, VeraCrypt ensures that all local

unencrypted filesystems and non-hidden VeraCrypt volumes are read-only (i.e. no files can be

written to such filesystems or VeraCrypt volumes).

Data is allowed to be written to any filesystem

that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a

container stored on an unencrypted filesystem or on any other read-only filesystem).

There are three main reasons why such countermeasures have been implemented:

It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes.

Note that we officially recommend that hidden volumes are mounted only when a hidden

operating system is running. For more information, see the subsection Security

Requirements and Precautions Pertaining to Hidden Volumes.

In some cases, it is possible to determine that, at a certain time, a particular filesystem was

not mounted under (or that a particular file on the filesystem was not saved or accessed

from within) a particular instance of an operating system (e.g. by analyzing and comparing

filesystem journals, file timestamps, application logs, error logs, etc). This might indicate

that a hidden operating system is installed on the computer. The countermeasures prevent

these issues.

It prevents data corruption and allows safe hibernation. When Windows resumes from

hibernation, it assumes that all mounted filesystems are in the same state as when the

system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem

accessible both from within the decoy and hidden systems. Without such protection, the

filesystem could become corrupted when mounted by one system while the other system is

hibernated.

If you need to securely transfer files from the decoy system to the hidden system, follow these

steps:

Start the decoy system.

Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.

Start the hidden system

If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as

read-only).

Copy the files to the hidden system partition or to another hidden volume.

Possible Explanations for Existence of Two VeraCrypt Partitions on Single Drive

An adversary might ask why you created two VeraCrypt-encrypted partitions on a single drive (a

system partition and a non-system partition) rather than encrypting the entire disk with a single

encryption key. There are many possible reasons to do that. However, if you do not know any

This does not apply to filesystems on CD/DVD-like media and on custom, atypical, or non-standard devices/media.

Report abuse

Libble takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Product:

Forumrules

To achieve meaningful questions, we apply the following rules:

First, read the manual;
Check if your question has been asked previously;
Try to ask your question as clearly as possible;
Did you already try to solve the problem? Please mention this;
Is your problem solved by a visitor then let him/her know in this forum;
To give a response to a question or answer, do not use this form but click on the button 'reply to this question';
Your question will be posted here and emailed to our subscribers. Therefore, avoid filling in personal details.

new questions and answers
new manuals

You will receive an email to register for one or both of the options.

Get your user manual by e-mail

Enter your email address to receive the manual of VeraCrypt 1.16 in the language / languages: English as an attachment in your email.

The manual is 2,98 mb in size.

You will receive the manual in your email within minutes. If you have not received an email, then probably have entered the wrong email address or your mailbox is too full. In addition, it may be that your ISP may have a maximum size for emails to receive.

The manual is sent by email. Check your email

If you have not received an email with the manual within fifteen minutes, it may be that you have a entered a wrong email address or that your ISP has set a maximum size to receive email that is smaller than the size of the manual.

The email address you have provided is not correct.

Please check the email address and correct it.

Your question is posted on this page

Would you like to receive an email when new answers and questions are posted? Please enter your email address.

Info

VeraCrypt 1.16 Manual

Product: