[baobabKoodaa]

So... you can't provide an actual example?

If I was working on important whistleblower documents, I wouldn't trust a cloud storage service as the sole location for the documents. I would need at least some form of backup. Furthermore, if the point was to hide the existence of encrypted data, you would have to also hide your payments to said cloud service provider. So at this point we would need to:

- Set up (locally encrypted) storage to cloud service provider 1, and a similar backup to cloud service provider 2.

- Learn cryptocurrency washing mechanism to hide continuously ongoing payments to cloud service providers.

Note that both of these would have to remain in your memory, since you wouldn't be able to save anything (like "download_encrypted_data_from_cloud_storage.sh") on the amnesiac OS.

[jchw]

Nothing personal. There’s a ton of different possible ways to approach the problem. If you can’t construct reasonable approaches with amnesiac setups, you can still combine it with FDE for data storage. A lot easier to swallow a microSD card than a hard drive. Tails supports this mode of operation built-in. A persistent OS that is not amnesiac will leave a lot more metadata.

But you can totally set up a “download encrypted blob from external data storage” script if you want. You can do a whole lot depending on what resources you have available.

[baobabKoodaa]

> But you can totally set up a “download encrypted blob from external data storage” script if you want.

Remember where this conversation started? You said "Amnesiac is a level above FDE. You can’t be compelled to decrypt that which does not exist." Well, if the USB stick that contains the amnesiac OS also contains a script for downloading an encrypted blob from cloud storage, then obviously we are back at the "being compelled to decrypt" issue that we started from. If we're going to have an encrypted $TOP_SECRET document, we might as well encrypt the whole disk. And at this point the amnesiac property of the OS doesn't really provide a lot of benefit.

[jchw]

You need a bootstrap process. That requires some ingenuity, and you are going to be hard pressed to have people drop their solutions in a public forum. :)