EvilZone

General Tech => Operating System => : thenewbieencryptor July 10, 2014, 08:25:58 PM

: Plausible deniability in Qubes OS?
: thenewbieencryptor July 10, 2014, 08:25:58 PM

Hi, I have recently found about Qubes OS that is a Linux distribution based around the Xen hypervisor. However, I'm not sure if it supports anything like plausible deniability file system. I mean, I would like to install security-focused operating system from which I can launch different virtual machines with other operating systems, preferably one of them hidden (so that its existence cannot be proved). If that's not possible, at least using hidden containers that can be separated from other processes (through sandboxing in Qubes) should be possible but hidden OS would be better.

Is it possible with Qubes OS or would you suggest some other solution?

It is also possible for me to install any Linux distribution with True Crypt and some containers, including hidden ones with operating system to be virtualized. But I guess using hidden True Crypt container with OS is not the best possible choice. What would you suggest?

: Re: Plausible deniability in Qubes OS?
: lucid July 10, 2014, 11:19:31 PM

I suggest you get a regular linux distro and learn how to use linux instead of just trying some auto-anon distro.

: Re: Plausible deniability in Qubes OS?
: neomagik July 14, 2014, 09:14:17 PM

:

Just real quick:

* cryptsetup tcryptOpen in hidden partition
* do not worry, tcrypt crypto itself is ok, the dmcrypt emulation because it supports
  PD hidden volumes
* does not really matter which distro you use, personally I prefer Alpine Linux
  because it leaves little of distro cruft to screw things up (ie LFS approach is
  preferred).
* do NOT use unused space on disk (ie suspicious hole in partition table),
  instead mkswap partition and tcrypt fde at some offset there. The idea is
  to have it as some random gibberish in unused swap space which is accidentaly
  left out from "regular" OS fstab.
* in my Alpine setup, I have USB key with tiny alpine install which just asks for
  passphrase and fires up xen guest on that my primary hidden disk volume.
  That way no bootloader evidence and the OS is amnesiac w/o passphrase.



Edit; typos, formatting. protip request; how can one turn off wysiwig formatting on this board?

: Re: Plausible deniability in Qubes OS?
: Kulverstukas July 15, 2014, 06:42:07 AM

wysiwyg editor can be turned off in the profile settings, under forum look or something.