This project has moved and is read-only. For the latest updates, please go here.

Windows Upgrade on hidden system

Topics: Users Discussion
Jan 26, 2015 at 7:03 PM
Windows 10 is coming. I would like to know if you can upgrade from an operating system (Windows 7 for me) to another system (Windows 10) with the hidden system, without loosing data.

Thanx you.
Jan 26, 2015 at 10:06 PM
No you cannot upgrade the OS for either the decoy OS or hidden OS. You have to start over.

Per the FAQ:

Note: If the system partition/drive is encrypted and you want to reinstall or upgrade Windows, you need to decrypt it first (select System > Permanently Decrypt System Partition/Drive). However, a running operating system can be updated (security patches, service packs, etc.) without any problems even when the system partition/drive is encrypted.
Jan 26, 2015 at 10:16 PM
but can we: Decrypt the Decoy os, upgrade windows of the decoy OS, recrypt the Decoy OS, and have a Windows 10 for the Decoy and still Windows 7 for the hidden?

I don't think so because Veracrypt ask to have the same OS but we never know :)
Jan 26, 2015 at 10:32 PM
Yes. That should work. I misunderstood your posting as wanting to upgrade the hidden OS.

Per the documentation on Hidden Operating System.
Note: When you enter a pre-boot authentication password, the VeraCrypt Boot Loader first attempts to decrypt (using the entered password) the last 512 bytes of the first logical track of the system drive (where encrypted master key data for non-hidden encrypted system partitions/drives are normally stored). If it fails and if there is a partition behind the active partition, the VeraCrypt Boot Loader (even if there is actually no hidden volume on the drive) automatically tries to decrypt (using the same entered password again) the area of the first partition behind the active partition where the encrypted header of a possible hidden volume might be stored (however, if the size of the active partition is less than 256 MB, then the data is read from the second partition behind the active one, because Windows 7 and later, by default, do not boot from the partition on which they are installed). Note that VeraCrypt never knows if there is a hidden volume in advance (the hidden volume header cannot be identified, as it appears to consist entirely of random data). If the header is successfully decrypted (for information on how VeraCrypt determines that it was successfully decrypted, see the section Encryption Scheme), the information about the size of the hidden volume is retrieved from the decrypted header (which is still stored in RAM), and the hidden volume is mounted (its size also determines its offset). For further technical details, see the section Encryption Scheme in the chapter Technical Details.
Jan 27, 2015 at 6:10 PM
Ok thanx, I'll probably do it. But why does Truecrypt/Veracrypt ask to have the same operating system for this situation? Deniability ?
Jan 27, 2015 at 7:26 PM
Can you point me to the documentation that discusses this restriction for the OS upgrade only performed on the decoy OS?