0

OBJECTIVE

I have a flash drive and I want a custom memory management to work with "secret files". I need some help on how to achieve the following with two partitions on my device:

  1. READ Only OR CDFS Partition
  2. Hidden / Unmounted Partition

Partition 2 will contain raw / cyphered data. Its purpose is to be assessed by a utility on partition 1 that will uncypher / read the data on part. 2.

  • The utility on 1 will also allow to add data on part. 2.
  • I don't want the part. 2 to be mounted on Windows / Linux / OSX when the device is plugged.
  • The part. 2 will be accessed from its UID path if possible. This can change depending on the solution adopted.

How can I get such behavior?

WHAT I HAVE TRIED SO FAR

  • I've used an utility called BOOTICE to edit the partition ID but the Hidden IDs are respected only on Linux / OSX, not on Windows.
  • I've read somewhere that Hidden IDs are respected on windows on fixed drives only but not on removable devices. So I've tried to flip the removable bit on the flash without success.
  • Part 2 is FAT32 formatted at the moment.
Ahmed Ashour
  • 2,350
  • 2
  • 14
  • 21
Jean-Charbel VANNIER
  • 121
  • 4

1 Answers1

1

As I understand it "Hidden" partitions are a relic for working around the limitations of MBRs and early windows versions. They're useful for having more than one logical volume on a drive and for telling the OS not to look at certain partitions at boot time.

I don't know what you mean about "hidden" partitions being respected on linux, because you can definitely mount them. If you want the contents of the "hidden" partition to be confidential you should consider encrypting it.

If you really just want to have unciphered content on the disk but hidden from the OS, a cross platform way would be to create a partition and a file system on it and then delete that partition from the partition table.

You'd then provide an "unlock" script that will restore the partition table (easy) or a program that will mount the partition using FUSE/winFsp (a bit harder).

A cross platform encrypted filesystem will be easier than either of those.

cmc
  • 121
  • 3
  • As you suggested, I am removing the partition from the PT. The problem with running a script to restore it is that I cannot know when the device will be unplugged, therefore I don't know when to rollback to the "hidden PT". I'm used with Dokany (Fuse for Windows), do you have any clue on how can I mount the partition if she's not on the PT ? Is it even possible ? – Jean-Charbel VANNIER Oct 16 '18 at 10:43
  • You can mount a partition that is not in the partition table with FUSE/winFsp by accessing the block device directly. – cmc Oct 16 '18 at 15:11
  • Turns out that on linux you can give an offset to mount as well: https://superuser.com/questions/1173600/how-to-mount-a-partition-by-specifying-block-range-instead-of-partition-on-linux I don't know how to do that on Windows. You'd have to look into it. – cmc Oct 16 '18 at 15:12