Hiding one drive from another within Windows 7 or Windows 10.

[Technique]

Currently i'm on Windows 7 but i'm also asking this question with a view to shifting to Windows 10 in the near future.

 

I know right now i can hide one drive from another with the way i have the PC set up as i do - that is i have Windows 7 installed on one physical drive (call it drive 1, for ease) and also Windows 7 installed on a second physical drive (call it drive 2). Now moving on from the fact that this is an unusual dual boot setup...

 

Now with this setup, if i type in diskmgmt.msc to the start menu from within disk 1, select disk 2 within Disk Management and remove the drive letter then disk 1 can no longer 'see' disk 2, in that it no longer shows up in 'Computer'.

 

My question is, if there was no dual boot and Windows (be it 7 or 10) was only installed on disk 1 which had two or more user profiles, is there a way of 'hiding' disk 2 from certain profiles? Do you just do the same removal of a drive letter within that persons profile or would that not work?

[+BudMan MVC]

2 users accounts on the same OS...  Is this other account admin?  If not just don't give them permission to the folders you don't want them to have access to. That could be the root of your d drive for example if you so desired.

[Technique]

They don’t have to be admin. It depends whether you need to be admin to install anything, if so then they’ll also be admin but without knowledge that you can stop one drive ‘seeing’ another which is why it would be easier/better to totally hide that drive if possible rather than a we’ll let you see it exists so you’re curious about it but you can’t click it kind of setup. 

[Peresvet]

All the secrets will be revealed one day.

 

Spoiler

Seriously, you better just unplug the drive physically and act as if nothing's happened every time.

 

[Dick Montage]

You have the whole thing a bit "wrong".  You aren't hiding "one drive from another", you're simply removing drive-access without a letter.  A drive is a drive, it can't "see" another drive - the person at the computer can.

 

Anyway, your answer is: Permissions.

[n_K]

Go into bios and disable one of the drives.

[+BudMan MVC]

Just at a loss here why it would be an issue with your GF?  But if your wanting to hide your p0rn from her.. Just mount the disk to a subfolder somewhere under your profile and don't give her permission to your profile.  Or just mount and unmount the disk when you need it or don't need it.

 

Keep in mind if she is admin on the box, she can do anything and find anything.

[Peresvet]

Psychologists insist that a key to a healthy relationship is unconditional trust.

 

In the 21st century, it means sharing your phone and PC passwords - your digital self, your online identity - with your significant other (so that your wifey knows you aren't texting some other girl while you are in the bathroom and can always double check you).

 

If you can't do it, if you have a stash of hidden pics from previous relationships and what not, then what's the point of being in a relationship?

 

Leave your past behind and set yourself free.

 

You should reformat that other drive and be happy  

Edited August 26, 2019 by Peresvet

[Technique]

13 hours ago, Human.Online said:

You have the whole thing a bit "wrong".  You aren't hiding "one drive from another", you're simply removing drive-access without a letter.  A drive is a drive, it can't "see" another drive - the person at the computer can.

 

Anyway, your answer is: Permissions.

Does it not equate to the same thing? If you're on your OS drive and in Computer drive X is not listed then in a way it cannot be seen?

I'm not wishing to argue over the finer detail so i'll settle at saying you're right then if that helps?

 

It seems that unlike an OS installed on drive 1 & 2 where a letter can be removed and therefore the drive (as far as the drive lists in Computer go) cannot be seen. An individual could obviously give the drive a letter & see it but they would need to know how to do that and just that wouldn't happen anyway ..... it seems that one OS on drive 1 with different user profiles does not allow you to do the same, otherwise after 6 posts from people it would've been mentioned.

 

Thanks all for the responses.

[+BudMan MVC]

There is no way to only mount a local drive letter for a specific user profile in windows AFAIK.. Now if it was share across the network - that is easy.

 

But you could for sure mount it a folder under your profile that only you would be able to see, etc.

 

Again if her profile is admin she could find it.  Never under estimate the skill set of a user as a form of security or the curiosity of a woman that thinks your hiding something hehehehehhehe

[Technique]

Put it this way ...

 

If you were to be 'let loose' on my PC, i would be looking at storing files at a different physical location. Why? Because you know your way around a computer, you can be suspicious enough and clever enough to work with it.

 

Now in reality you'll never see my computer as we're at different locations, so in reality anyone with access to my PC would not have the knowledge to do anything beyond the standard look in My Docs, My Pics, My Vids etc.

There is a (very small) chance they could think to look in Program Files but nothing further.

Use the search bar for keywords ... perhaps. Unlikely but not impossible i suppose.

 

But then there's something like TrueCrypt i guess. The file could be deleted yes, but put it in Windows>System 32>randomfoldernamehere>file then it wont be found to be deleted.

[Nick H. Supervisor]

5 minutes ago, Technique said:

But then there's something like TrueCrypt i guess. The file could be deleted yes, but put it in Windows>System 32>randomfoldernamehere>file then it wont be found to be deleted.

As I was reading through this I was thinking, "why not just use VeraCrypt?" Sure you need to mount the drive each time you start a session, but it takes all of 20 seconds to do.

[Technique]

3 hours ago, Nick H. said:

As I was reading through this I was thinking, "why not just use VeraCrypt?" Sure you need to mount the drive each time you start a session, but it takes all of 20 seconds to do.

Difference between the two? (VeraCrpt and TrueCrypt)

 

Or is it like for example, Acronis True Image vs Macrium Reflect - they'll both back the computer up, just a case of which one do you want to use?

[Brandon H Supervisor]

truecrypt is abandonware and not supported anymore last I remember and isn't considered secure anymore

[Nick H. Supervisor]

1 hour ago, Technique said:

Difference between the two? (VeraCrpt and TrueCrypt)

 

Or is it like for example, Acronis True Image vs Macrium Reflect - they'll both back the computer up, just a case of which one do you want to use?

 

1 hour ago, Brandon H said:

truecrypt is abandonware and not supported anymore last I remember and isn't considered secure anymore

That's my understanding of the situation. VeraCrypt is being upheld, and is a fork of the now discontinued TrueCrypt.

[Technique]

1 hour ago, Brandon H said:

truecrypt is abandonware and not supported anymore last I remember and isn't considered secure anymore

I'm curious...

 

I've experienced TrueCrypt in that i installed it late last year / early this year, i tested it out to see what it is because i get lost in all this jargon talk of 'mounting' etc etc (So i wanted to see how it worked rather than be told and not understand).

 

Now from the 5-10mins i spent having a play with it, i don't understand how it "isn't secure". Unless someone can work around my password then i'm at a loss ... so why isn't it secure?

[+BudMan MVC]

You don't understand the term "mount" but just because the software has a password on it - its secure??

 

The developers abruptly stopped development on the code.. Back in 2014.. Review of the code showed that there were bugs in it..

https://www.extremetech.com/computing/215285-critical-truecrypt-security-bugs-finally-found

Security researcher James Forshaw found two critical bugs in the program that could compromise an end-user’s machine.

Either of these could’ve been sufficient to allow an attacker to capture the drive’s encryption key, depending on how good the end-users security practices were.

 

Dated software that has not been kept up, more than likely after time will be compromised in some way.. So its almost always safe to say that antiquated code is no longer secure.. New techniques are found, time to look for bugs, etc. etc.

 

Do you own research on the subject is what I would suggest.  For your use case, it would more than likely be fine... But so would just simple windows permissions most likely, all your looking to do is hide your files from your GF right?  If you have windows 10 "pro" you could just use the built in bitlocker encryption.

 

I personally would not suggest you do any encryption, because I can see the posts already... I can not get into my encrypted disk... Didn't you have issues with your encrypted phone backup or something already.  Didn't you have issues with your zip passwords, etc. and didn't trust it.. So yeah I can foresee you loosing everything on the disk a short time after you encrypt it.

 

 

[Jim K Global Moderator]

External hard drive/thumb drive.  

Hide it

 

Problem solved.   

[goretsky Supervisor]

Hello,

 

Have you considered scripting the Microsoft Windows command-line DiskPart (filename: DISKPART.EXE) program to do this, and then running the script as part of the startup routine for the computer?  An example script might look something like this:

 

SELECT VOLUME n

REMOVE LETTER="x"

Were n is the number of the volume, and x is the letter to remove.  The reciprocal script to re-assign the drive letter would look something like:

 

SELECT VOLUME n

ASSIGN LETTER="x"

 

This would then be run by using a "DISKPART /S scriptfilename.txt" command as part of the start up for the appropriate profile.

 

Obviously, you would want to do lots of testing to verify this works as you need it to before implementing it.

 

For more information about scripting DiskPart, see the Diskpart Scripts and Examples article in Microsoft's online Windows Server documentation.

 

Regards,

 

Aryeh Goretsky

[Technique]

I understand the term mount fine. I can mount something to a wall for example. Mounts in cars for example. To mount someone (crude I know) for example. 

 

But in computing? No. Mounting folders and drives, so I’m guessing they’re put on something or whatever but I can’t visualise what it is exactly. 

 

So this mounting a drive/file, I just kind of ignored the term mount as it made no sense to me in computing and substituted the word create as it made better sense. I understand that’ll be laughable to you and I’m fine with that. 

 

At the end of the day i can teach myself so much but when I hit portions that raise questions I’m not so good. I’d be fine in say a classroom environment where you can have a Q&A with someone who can physically show you (I learn 1000 better that way over just reading). Also face-to-face learning and questioning has the huge bonus over asking online in that nobody really has the balls to get smart to your face whereas when people have a keyboard and a screen to distance themselves from someone then for some reason they start getting all big & brave and get the smart mouth - because it’s easier and ‘funnier’ to ridicule than be patient and teach. 

 

 

Regards he safety of TrueCrypt and these bugs - would the average user be unable to workaround these bugs and it’d be more a concern if someone who’s tech savvy was trying to access the file?

 

id argue that the average user (depends on your definition of average but my definition is - can turn the pc on, browse the internet and do not much more, maybe installing programs is the extent of their capability but digging deep is not, knowing about encryption is not) would not be able to work around any bugs. Firstly they’d have to be able to find the file to decrypt and as said, wouldn’t have it in their capability to dig in to a deep folder. 

 

And yes I did wonder whether files could be lost/corrupt etc within encryption. Not because a password may be forgotten but because the file could just end up corrupt maybe. 

[Dick Montage]

On 8/26/2019 at 10:38 PM, Technique said:

Does it not equate to the same thing? 

Not really no. Understand the tech and the model employed a little more and you’ll see why it may appear the same but it’s so far removed from equating.

 

Either way, hope you get your end goal.

[Nick H. Supervisor]

2 hours ago, Technique said:

I understand the term mount fine. I can mount something to a wall for example.

 

But in computing? No. Mounting folders and drives, so I’m guessing they’re put on something or whatever but I can’t visualise what it is exactly. 

Mounting is a similar concept in computing, in that you are putting the item up on display.

 

With regards to your point about TrueCrypt you are pretty correct. Your average joe still won't try to crack the password or use an exploit to enter the container. However, for the sake of standards it's always better to use a program that is still being maintained.

 

Finally, all data can become corrupt and lost. Encryption doesn't really enter in to it. If it's important to you, keep backups.

[Technique]

Just reading my last post ... should be a lesson to not type on my phone with the autocorrect.

At times i struggle getting my point across and autocorrect does me no favours. 🤣

 

 

On the topic of encryption, it's been mentioned of Windows 10's inbuilt encryption. How is this comparable to a third party software? Why would you use a third party software over Windows 10's inbuilt encryption option?

 

I suppose the same question would apply to say backup software. Why use a third party software (Acronis, Macrium etc etc) over Windows/Microsoft's own inbuilt version?

[Nick H. Supervisor]

20 minutes ago, Technique said:

On the topic of encryption, it's been mentioned of Windows 10's inbuilt encryption. How is this comparable to a third party software? Why would you use a third party software over Windows 10's inbuilt encryption option?

 

I suppose the same question would apply to say backup software. Why use a third party software (Acronis, Macrium etc etc) over Windows/Microsoft's own inbuilt version?

I'll preface by saying that I don't pretend to be an expert on the issue.

 

Windows encryption is fine, so long as you're using Windows and using the same TPM (Trusted Platform Module) or you have the recovery key. For myself though I jump between Windows and Linux (and occasionally Mac) and so I need something more universal, hence VeraCrypt.

 

As for backup software, I've never used a dedicated program. For the most part I don't have local information that is essential, and anything that I know I need to keep backups of is either in the cloud or copied and pasted on to separate disks. I have no need to do a 1-to-1 copy of the entire HDD.

[sc302 Veteran]

On 8/26/2019 at 9:09 PM, BudMan said:

There is no way to only mount a local drive letter for a specific user profile in windows AFAIK.. Now if it was share across the network - that is easy.

 

But you could for sure mount it a folder under your profile that only you would be able to see, etc.

 

Again if her profile is admin she could find it.  Never under estimate the skill set of a user as a form of security or the curiosity of a woman that thinks your hiding something hehehehehhehe

You could hide it from certain profiles, this would involve a domain and group policy though.  Admins get one policy that would show all drives, users would get another policy that would only give them access to a certain drive.    Just saying it can be done in windows with active directory...not something that can be done standalone as there is only one local policy for local computers/users.  

 

User Configuration\Administrative Templates\Windows Components\File Explorer\Hide these specified drives in My Computer

 

Understand Group Policy Objects can be applied to OU and/or Computers and/or Users, you do not have to use the default "Authenticated Users" group to apply policies to, remove that and add whatever Security Group you want.  Security groups can contain Computers or Users, default is to Search/Add Users to a security group.  

 

Again, Windows Server with Active Directory enabled would be needed for this feature to function based on logged on User on PC's or other Servers.