[TriLUG] OT: Laptop Hard Drive
William Sutton
william at trilug.org
Fri Nov 18 14:31:17 EST 2011
TrueCrypt does allow hidden volumes. Such volumes will appear as
unformatted data. More than once at $WORK, someone has returned a
TrueCrypt'd volume as "unreadable" because they didn't realize it was
encrypted. On a few occaisions, they formatted it as NTFS so they could
read it, then asked where the data was :-P
William Sutton
On Fri, 18 Nov 2011, Igor Partola wrote:
> Plausible deniability gets tricky with encrypted filesystems. The problem
> is that if you are withholding the decryption key from the police when you
> are on trial and they are specifically asking for you to decrypt a volume
> on your drive, it may be considered obstructing justice. There have been
> several widely publicized cases of a defendant refusing to hand over the
> decryption key and being held in custody indefinitely. What makes matters
> worse is that often times the analogy to a physical safe and a key, that
> seems to be popular when discussing such situations, often breaks down. For
> example, you could irreversibly lose your decryption key which means nobody
> will ever be able to decrypt the volume; this is unlike a safe, which in
> most cases can be opened if sufficient force is applied.
>
> On top of that I believe TrueCrypt supports hidden volumes, allowing you to
> hand over a bunch of legitimate looking but fake data instead of your
> actual secret documents. AFAIK, there hasn't been a widely publicized case
> of anybody getting caught doing this, but some discussions of this topic
> that I've seen seem to suggest that if you are caught, the penalty for this
> action alone could be fairly severe (at least under US law).
>
> FYI, I am not a lawyer and these are simply observations.
>
> Some links:
>
> -
> http://news.cnet.com/8301-31921_3-20078312-281/doj-we-can-force-you-to-decrypt-that-laptop/
> - http://news.ycombinator.com/item?id=1760700
> - http://hackerne.ws/item?id=2744688
>
> Igor
>
>
> On Fri, Nov 18, 2011 at 1:59 PM, Joseph Mack NA3T <jmack at wm7d.net> wrote:
>
>> On Fri, 18 Nov 2011, Alan Porter wrote:
>>
>> Instead, I would think it would be just as effective to format the
>>> filesystem and then create a large file using 'dd', letting the
>>> underlying encryption create random-ish blocks on the actual disk.
>>>
>>
>> Encrypting a filesystem is useful if you loose your laptop/flashkey, when
>> you aren't around when the people find your harddisk. However an encrypted
>> filesystem is useless going through TSA/DHS when they can just say "give us
>> the passwd or you're going to Gitmo". In this case you need plausible
>> deniability - "what encrypted filesystem? there's no encrypted filesystem,
>> that's just random deleted files". I notice that you can have plausible
>> deniability, but as you would expect it's proportionately more difficult to
>> setup.
>>
>>
>> Joe
>> --
>> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
>> jmack (at) wm7d (dot) net - azimuthal equidistant map
>> generator at http://www.wm7d.net/azproj.**shtml<http://www.wm7d.net/azproj.shtml>
>> Homepage http://www.austintek.com/ It's GNU/Linux!
>> --
>> This message was sent to: Igor Partola <igor at igorpartola.com>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
>> address.
>> TriLUG mailing list : http://www.trilug.org/mailman/**listinfo/trilug<http://www.trilug.org/mailman/listinfo/trilug>
>> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/**
>> options/trilug/igor%**40igorpartola.com<http://www.trilug.org/mailman/options/trilug/igor%40igorpartola.com>
>> TriLUG FAQ : http://www.trilug.org/wiki/**
>> Frequently_Asked_Questions<http://www.trilug.org/wiki/Frequently_Asked_Questions>
>>
> --
> This message was sent to: William <william at trilug.org>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/options/trilug/william%40trilug.org
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
>
More information about the TriLUG
mailing list