TrueCrypt and TCGINA

May 31, 2007 at 1:31 am 3 comments

Since I own a portable computer, hardware theft is a real threat. Apart from the hardware, all my personal documents like pictures, e-mail (Thunderbird, as I used to use) containing passwords, FileZilla.xml file containing passwords and so much other valuable information will be lost too, eventually causing not only a hardware but also an identity theft.

Therefor, I’ve been planning to store my personal files on a TrueCrypt volume for some time now, but now I made the big step. TrueCrypt rules all other encryption software since:

  • it is open source: the risk of back doors (for e.g. CIA) is minimal
  • it’s completely cross OS (I tried mounting and writing to a TC volume on Ubuntu, it worked without problems)
  • it is actively developed and has lots of options

I’ve got > a year of experience already with the Linux version of TrueCrypt (installed on my Debian server), so I more or less already know what TrueCrypt can do. I downloaded TrueCrypt 4.3a and created a 30 GB file on my second partition (which I usually make for data). I chose to use a file rather than a device, since backing up is much easier. Instead of copying a thousand of files, one big file can be back upped. I also chose for a fixed and not a dynamic (sparse) volume, since the performance of dynamic volumes doesn’t seem to be that good (as the installer and some web sites told me).

For the TC volume to mount, I chose to add a key file. Without this key file, it’s even harder to crack the TC volume. A key file can be no matter what, I downloaded some file from some years ago that can be widely found on the Internet (in case I lose it).

Next I wanted to put sensitive data into the TC volume. I created a new Firefox profile into the newly created (and mounted) volume, which is in fact a virtual disk (I chose T:\). Since I switched to Gmail, I installed the Gmail Checker. As the password was still automatically filled in after a reboot (without mounting my TC volume), I wanted to:

  • mount my TrueCrypt volume automatically at startup
  • autoplay the Gmail Checker application from the encrypted volume (and probably other applications too)

So I started to play with autorun.inf a little bit, without result. Next: the good old batch files. As I’ve read here, the volume password is not masked in the DOS prompt. This is definitely not what I want, so I looked further and saw a comment about a VBS script with a masking possibility, but that didn’t work for me.

I started experimenting a little bit, and following little batch script worked fine (automount.bat), masked the password (as it asked the password using a little TC GUI) including the possibility to ‘autorun’ some applications:

@echo off
C:\"Program Files"TrueCryptTrueCrypt.exe /v "<volume>" /q /k "<key file>" /lt /hn
(other commands here)

Next add this batch script to the startup folder (Start -> All Programs -> Startup) and off you go.

Yay! Well.. Not that fantastic. It appeared that Gmail Checker doesn’t keep its passwords in a configuration file, instead it’s saved in Windows itself (WininetCacheCredentials), which is easily ‘recoverable’. No luck so far..

By the way, I know that the key file is being specified, this could seem strange to some. But as I’m planning to copy the whole volume (residing in a file) to a safe backup place without the key file, my volume should be safer.

I almost gave up, but suddenly I found this topic. Apparently, there exists something like ‘TCGINA’ that encrypts a whole Windows user profile, including regedit information. It’s a hook on GINA, and therefor TCGINA is able to request the TC volume password before logging in. Just what I’ve been looking for. Even better, it is an ‘official’ third party project, residing on the TrueCrypt homepage. Very nice!

So I installed the latest stable version of TCGINA (1.16), which obviously didn’t work since TrueCrypt 4.3 was required (not 4.3a). I searched the forum and yes! There was an RC2 of TCGINA 1.17 available. I had to create a new user (so my settings were lost). As my (automatically detected) previously created TC volume used a keyfile, I had to add some things to the register (as described in tcgina.pdf) and had to reboot. Done!

My profile folder (C:\Documents and Settings\username\) is moved to the encrypted volume’s T:\Documents and Settings\username\. The ‘My Documents’ folder (which normally resides under …\username\) is moved also, so all (newly added) documents will be encrypted.

Conclusion: the TrueCrypt homepage should mention the possibilities of TCGINA! I’ve never heard of it before and (until now at least) I’m very pleased with it.


Entry filed under: encryption, security, TCGINA, TrueCrypt, Windows.

Windows problems LaCie F.A. Porsche edition 500GB disassembled

3 Comments Add your own

  • 1. pv  |  June 21, 2007 at 3:11 pm

    TCGINA is nice, gotta have something similar on linux too.

    I wonder if TCGINA can be used with hidden volumes. Imagine entering one pass and you get your real files and another pass you get a dummy profile.

  • 2. pressworthly  |  June 21, 2007 at 4:07 pm

    Since version 1.9, it should:

    New: Support for mounting outer volumes with hidden volume protection by using a concatenated password where the password of outer and hidden volume are separated by the first space character (Note that the keyfiles of the outer volume are then also used to decrypt the header of the hidden volume)

  • 3. arty  |  September 28, 2007 at 3:15 pm

    “it is open source: the risk of back doors (for e.g. CIA) is minimal” If your concern is hardware theft, I wouldn’t be too concerned about the CIA ;). Also, I use keypass to store my passwords for its easy of copy pasting passwords, CNTRL +B for user name and Cntrl + C for password, and I just cntrl V it in the webpages. If you have more than 15 passwords for stocks, email, forum etc it is very useful.

    I’ve had a positive experience and a negative experience with truecrypt. The negative was long ago a sector became corrupted and I lost a 20 gig partition of photos I was trying to archive which I had spent several days scanning. So I learned from that and put a exact copy on another computer. Now, my positive incidence was a while ago somebody stole a jump drive from my house and I think it is unlikely they’ll know to break my truecrypt volume with a 15 digit + number password.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


May 2007
    Nov »

Most Recent Posts

%d bloggers like this: