[SageRaven]

In light of recent Anon-related police raids, I would hope that anyone supposedly as savvy as "k" would rely on full-disk crypto as opposed to foolishly going the destruction of evidence route.

I've used FDE for many years simply out of precaution against theft.

[Retric]

In the US fill disk crypto is useless. They will just hold you in jail until you hand them the password.

[oniTony]

This is where TrueCrypt comes in. If you are being extorted to reveal a password, you supply one that loads a "clean" OS/filesystem.

[colanderman]

I've never understood this. Wouldn't a competent security professional know of the existence of TrueCrypt, who would then ask a competent psychologist to determine if you were withholding information (I sure as hell wouldn't be able to keep a straight face), who would then ask a competent interrogator to get the real password from you?

I don't even think plausible deniability would hold in court -- claiming that a large blob of random data on your hard drive is just there for no reason at all is not plausible.

[oniTony]

Sure it's plausible. The suggested _secure_ way of wiping a harddrive is to override it with random data (since a typical delete simply drops an entry from a table, making data retrieval trivial (in the current context)).

What I don't understand is that in a context of a court (and this group of competent professionals), password disclosure _should_ be considered self-incrimination (although there was at least one case in the UK where a judge came up with some loophole reasoning around that). Disclosure of multiple passwords ("we didn't like what we found, do you have any other passwords?") would certainly be obtained under great duress.

[mcpherrinm]

A large part of the design of Truecrypt is that nobody CAN prove there's an alternate partition. Or, you can decrypt your secondary alternate partition under duress to reveal your real hidden one. Maybe put some token warez on it or something.

To make sure that you can't distinguish free space from encrypted noise, you have to write random noise everywhere as part of the filesystem creation process.

The one thing Truecrypt is vulnerable to is that you can note what parts changed -- say they raid your house twice and image it between when you used it. Then they'll know that free space isn't really free.

[ronnoch]

Couldn't they just attempt to fill the "outside" partition up? I mean, let's say you have a 1TB partition with a 100GB hidden volume inside. What happens if somebody tries to write more than 900GB into the outside partition?

[pyre]

It will overwrite the hidden partition. The 'outside' partition doesn't know about the hidden one. When you are mounting the outside partition you do have an option to protect the hidden one by providing the password for the hidden one, but if you don't, you can end up overwriting it by filling up the outer partition.

[socillion]

The OS has absolutely no knowledge of the hidden partition - as far as it knows, that area is just empty space on the disk. TrueCrypt runs from a bootloader (which you can have on a separate CD!), prompting you for a password. It uses that password to attempt to decrypt the (encrypted) volume headers - note the rest of the disk is encrypted too. Unless you install TrueCrypt the software application, there is no indication that was the tool you used.

Take a look at http://www.truecrypt.org/docs/ - it is an interesting read.

[reven]

If they have access to your computer at any time they might as well install a evil maid

http://www.schneier.com/blog/archives/2009/10/evil_maid_atta...

[skore]

http://en.wikipedia.org/wiki/Rubberhose

Assange has your back.