[baobabKoodaa]

Can you describe to me a practical use case where use of Amnesiac is warranted, but encryption of data is not?

If you're uploading whistleblower documents to Wikileaks, sure you could use Amnesiac to do the upload, but where are the documents? Are they on an unencrypted USB stick? You clearly need encryption for this use case.

Are you buying/selling drugs on the Tor network? You probably need some cryptocurrency keys, where are they? On a USB stick in plain text? You clearly need encryption for this use case.

Or maybe you're a security researcher who's trying to anonymously report a vulnerability to a corporation that's known to go after researchers. Where is your poc code? On an unencrypted USB stick? You clearly need encryption for this use case.

[kadoban]

Not that it'd probably make sense very often, but you could do bitcoin or other cryptocurrencies without having a persistent wallet digitally. You could have a paper backup and/or a memorized secure phrase easily. Been a while, but Electrum could do both years ago, I'm sure many others can as well.

Also, more importantly, why are encryption and this amnesiac property mutually exclusive? Can't you do both and use the strongest available guarantees that are applicable to a particular set of data? Seems like it'd at least make the job of an attacker more annoying at the least.

[baobabKoodaa]

> Also, more importantly, why are encryption and this amnesiac property mutually exclusive? Can't you do both and use the strongest available guarantees that are applicable to a particular set of data?

Sure. The amnesiac property just doesn't add a lot of security on top of full disk encryption. If you have an encrypted USB stick that contains an amnesiac OS and $TOP_SECRET_DOCUMENT, the information that your adversary cares about is the document. If the adversary somehow breaks the encryption, they still get access to the document, regardless of the amnesiac property of the OS.

[jchw]

Don’t store locally.

[baobabKoodaa]

So... you can't provide an actual example?

If I was working on important whistleblower documents, I wouldn't trust a cloud storage service as the sole location for the documents. I would need at least some form of backup. Furthermore, if the point was to hide the existence of encrypted data, you would have to also hide your payments to said cloud service provider. So at this point we would need to:

- Set up (locally encrypted) storage to cloud service provider 1, and a similar backup to cloud service provider 2.

- Learn cryptocurrency washing mechanism to hide continuously ongoing payments to cloud service providers.

Note that both of these would have to remain in your memory, since you wouldn't be able to save anything (like "download_encrypted_data_from_cloud_storage.sh") on the amnesiac OS.

[jchw]

Nothing personal. There’s a ton of different possible ways to approach the problem. If you can’t construct reasonable approaches with amnesiac setups, you can still combine it with FDE for data storage. A lot easier to swallow a microSD card than a hard drive. Tails supports this mode of operation built-in. A persistent OS that is not amnesiac will leave a lot more metadata.

But you can totally set up a “download encrypted blob from external data storage” script if you want. You can do a whole lot depending on what resources you have available.

[baobabKoodaa]

> But you can totally set up a “download encrypted blob from external data storage” script if you want.

Remember where this conversation started? You said "Amnesiac is a level above FDE. You can’t be compelled to decrypt that which does not exist." Well, if the USB stick that contains the amnesiac OS also contains a script for downloading an encrypted blob from cloud storage, then obviously we are back at the "being compelled to decrypt" issue that we started from. If we're going to have an encrypted $TOP_SECRET document, we might as well encrypt the whole disk. And at this point the amnesiac property of the OS doesn't really provide a lot of benefit.

[jchw]

You need a bootstrap process. That requires some ingenuity, and you are going to be hard pressed to have people drop their solutions in a public forum. :)