This project has moved. For the latest updates, please go here.

Dear Idrassi - a follow-up - same issue happens on 3 different computers

Topics: Technical Issues
Sep 17, 2016 at 6:45 AM
Edited Sep 17, 2016 at 6:52 AM
Dear Idrassi,

This is a follow-up about the following thread regarding the Evil Maid message when setting up a Hidden Operating System. The 1s post of this old thread in link below has all the details needed for this follow-up thread. I've recently tried the whole thing again, first on my system and a second time on my cousin's brand new computer, and a third time on my friend's old computer with VC1.17 and VC1.18, and in all occasions, the Evil Maid message came up using the steps as described in post 1 in this old thread.

https://veracrypt.codeplex.com/discussions/653605

It seems that the Evil Maid false positive is not a coincident and perhaps there is something incorrect/inaccurate about its detection mechanism. If you see the old thread above (in post 17 from top, use name "Bestgps)) there was another user reporting about the same issue, and recently in July there was 2 other users reporting the Evil Maid message in this following thread (in posts 1 and 3 by users "crus" and "testoslav").

https://veracrypt.codeplex.com/discussions/655052

If possible, would you please try creating the hidden OS with a fresh Wins 7 installation to see if the Evil Maid message comes up? I spent so much time on this and as illustrated in this thread it seems that it merits an investigation as to whether a fix to the Evil Maid detection mechanism is need. THANKS a lot if you can take a closer look on your side.
Sep 17, 2016 at 6:51 AM
Edited Sep 17, 2016 at 6:52 AM
The following is what I did in my recent intallation of VC1.17 and VC1.18 on 3 different computers. NOTE THAT in every attempt of creating the Hiddern OS, I used Windows 7 64 bit (official licenced copy) and did not even attempt a connection to the internet for once for Windows updates. I haven't installed any 3rd party softwares, not Antivirus programs and not even the drivers that come with the orignal motherboard's CD. So, it's just a FRESH installation of Windows 7 alone, then an installation of VC, and the process of creating the OS began. This is to prevent any potential false positives caused by FLEXnet Publisher/SafeCast.

Summary below about the installation of VC1.17 and 1.18 on 3 different desktop computers, and Evil Maid messages came up in all occasions when creating a Hidden OS. 2 of the 3 computers are new build, while 1 is an 1-yr old computer.

1) A fresh installation of Windows 7 and VC1.17 on my brand new computer again, Evil Maid message appeared. Erased and formatted the hard drive, then installed Windows 7 again but this time with VC1.18, Evil Maid message came up again when creating Hidden OS..

2) A fresh installation of Windows 7 and VC1.17 on my cousin's brand new computer, Evil Maid message appeared. Erased and formatted the hard drive, then installed Windows 7 again but this time with VC1.18, Evil Maid message came up again when creating Hidden OS.

3) A fresh installation of Windows 7 and VC1.17 on my friend's old computer, Evil Maid message appeared. Erased and formatted the hard drive, then installed Windows 7 again but this time with VC1.18, Evil Maid message came up again when creating Hidden OS.

Again for details of how I created the hidden OS and when the Evil message came up, please see post1 in this old thread.
https://veracrypt.codeplex.com/discussions/653605
Coordinator
Oct 6, 2016 at 10:19 PM
Thank you very much for your tests. It was very helpful in fixing the issue as indicated here: https://veracrypt.codeplex.com/discussions/653605#post1485481
Nov 3, 2016 at 8:01 AM
Hi Mounir,

Just to provide an update about the issue. The Evil Maid false positve issue is gone in my latest test. Thanks.

And just in case any other VC users still experience the same Evil Maid detection issue with the latest version of VC, please provide your feedbacks.

Again thanks Mounir for following up on the issue and your effort and dedication in the VC project is very much appreciated by all VC users. Keep up the good work.