← Puter stuff
Open on Instagram ↗
@rootkitlabs · Rootkit Labs
Saved 2026-05-15 · Posted 2026-03-28 · Status: New

I made a 100% open source encrypted USB drive with a stealth mechanism to hide its second partition. To decrypt it you must create a file called password.txt containing your password, this is used to derive a AES-256 key. The drive automatically unmounts itself, remounts the remaining disk and encrypts and decrypts in place.

This is for privacy advocates, journalists, people living in dangerous countries, and open source hardware enthusiasts.

Follow along for more!

#privacy #opensource #electeonics #crypto

Comments (15)

  • @rdrivazar 2026-03-28

    What if I eat it?

  • @mobileplayzzz 2026-03-28

    Which kind of encryption makes the 2nd section undetectable ??

  • @yankee_shots 2026-03-28

    I didn't understand, is it because of any special hardware on the drive or are we hiding a partition that is encrypted?

  • @joelblomster 2026-03-29

    What stops me from physically opening the drive and removing the sd card, and mounting it separately?

  • @domilotl.bilder 2026-03-28

    Can you explain how I can create this or where I can find it?

  • @x.multicoloredglossypaint.x 2026-03-28

    I realized the semantics won't matter to most people, but is it encrypting it with your key or is it encrypting it with a randomly generated sufficiently sized key that is unlocked with your key (similar to luks)

  • @lukesismyname 2026-03-29

    It looks like the drive has a RISC-V microcontroller (CH569W). This checks for data written including the "password:X" newline and then uses for the AES encryption. I'd be intrigued what write speeds you get on the different partitions (if every write to P1 is checking for the string, and every write to P2 is encrypted by the MC). I'd imagine not "great" speeds, but that's not the point. It's an interesting idea. I'd probably prefer a solution that didn't do on on-device encryption and instead just use OS based luks on the hidden partition. Also, this incarnation is definitely weaker (and more suspicious) using SD and not a flash chip. Would be apparent on x-ray etc.

  • @7akulas 2026-03-29

    Veracrypt does this, still cool though

  • @marshallherff 2026-03-28

    This is reinventing wheel. Why i should use this? It isn't better to create LUKS2 partition on normal USB drive?

  • @itsamemmr 2026-03-28

    so the files are always encrypted but can be accessed with psk like presented?

  • @https_edwhard_ 2026-03-28

    Basically veracrypt

  • @stdhex0 2026-03-28

    so it's like Veracrypt's hidden container? can I recreate this whole plausible deniability stealth thing but using LUKS instead?

  • @sergiocastell96 2026-03-28

    Did you have to do something on the host machine (install some software, kernel module, etc) to support this drive? Writing onto /mnt does not make much sense to me as that folder is on the root of the Linux install not the drive. Maybe you meant to say the unlock.txt is meant to be written onto the 8gb partition?

  • @juanpabloma21 2026-03-29

    Is there a non terminal version? For normies like me

  • @eternal_bliss_2024 2026-03-29

    I'm a bit dumb, so this is basically a portable Veracrypt?

Content ideas (0)

No ideas generated yet. Run /instagram-sync ideate from Claude Code to create some.