[thereallurch]

Any technologies exist that let you have multiple encrypted OS's on multiple keys? For example, 1 key could boot up one OS and another key could boot up a different OS. Seems like it'd be difficult to prove that you booted one or the other...

[ge0rg]

Yes. The term for that is plausible deniability. It is implemented (probably among others) in truecrypt: http://www.truecrypt.org/docs/?s=plausible-deniability

[sp332]

Plausible deniability is a much larger concept than that. Also if they know you're using Truecrypt, the "deniability" of the existence of a 2nd (or 3rd or 4th) OS goes down significantly.

[gte910h]

No it's doesn't.

Truecrypt ALSO does full disk encryption...which is a very very good security precaution corporations everywhere are implementing.

[baddox]

The deniability doesn't diminish at all. You can even testify in court that the drive is encrypted using TrueCrypt and that TrueCrypt has plausible deniability. The whole point of TrueCrypt's plausible deniability is even when you know about the feature, you simply can't mathematically prove whether or not it's being used.

[dedward]

not directly, but their faq pretty clear about a bunch of secondary ( out of band, internet updates duplicated, etc) correlations that could lead to good evidence that the second system exists. pulling that off is noeasy task.

[drostie]

I'm not so sure. TrueCrypt is first and foremost an encryption program. The fact that you have it might suggest that you encrypted something somewhere, but it doesn't directly suggest that you took the time to use its advanced "hidden volume" capabilities. So even if the police can say "hey, this looks encrypted, and you've got nothing else which looks similar, decrypt it for us," they are still stuck on "hey, we didn't find the evidence we were looking for -- maybe you have a hidden volume?". You say "I don't" and the judge says "GRR ARG DECRYPT IT NOW" and you say "I can't, it doesn't exist, I really am innocent, please get the scary men away from me."

[ge0rg]

It does indeed. However, what are they going to do? Torture you until you give them the "other" password? How can they distinguish whether you just cleaned your hard drive or if you gave them the wrong key?

[bdg]

The solution is of-course a honey-pot OS to boot.

[amalcon]

The technology for this does exist, but it's pretty annoying to use in practice. You need to use the "decoy" OS regularly -- preferably most of the time. After all, it's implausible that you haven't used your web browser in six months, etc, and your adversary would notice this.

The problem there is that the "hidden" OS is (by definition) undetectable from within the "decoy" OS. Therefore, you risk accidentally overwriting it. Some encryption software has workarounds for this, but that typically leaves you exposed while it's in use.

Whole-disk encryption is great for protecting credit card numbers, embarrassing information, and trade secrets from someone who should happen to steal your laptop. If you actually have anything so secret that you're worried about being coerced into decrypting it, I don't know how to help you.

[talmand]

I can see the legal issues that would be forthcoming if you refused to share the key to allow for access or agree to type it in yourself. Obstruction and all that.

I'm wondering what the legal ramifications might be if you set a secondary key that would wipe the drive in the most secure method possible and then provide that key. Or even the alternate boot sequence as suggested.

[mc32]

>I'm wondering what the legal ramifications might be if you set a secondary key that would wipe the drive

Destruction of evidence. http://en.wikipedia.org/wiki/Spoliation_of_evidence

[talmand]

Oh, I get that, I'm not saying it's a way to avoid the ramifications, I'm just wondering what they are.

I have to say that I somewhat agree with the ruling because there are similar situations with physical objects, not true one-to-one but they are there. I'm just wondering how the courts would react to the destruction of digital evidence that was not directly initiated by the defendant, but indirectly by preparing for the possibility.

[Simucal]

These "wipe the drive" decoy password scenarios would never work in real life unless their forensics team was really inept.

There would be copies made and the drive that has the encrypted volume would likely be accessed with a "Write Blocker" forensic device, or in a virtual environment, etc.

This technique would only tip your hand that the volume contents changed after entering the password.

[slowpoke]

A technical solution to this might be a form of encryption the requires a writable disk to actually decrypt anything. I don't know if that is possible, but it would effectively prevent these safeguards to work. And remember, you don't need to wipe the entire drive. Changing a few random bits in the decryption key would already forever turn the drive contents into unreadable garbage.

[fmx]

Even then, there would be nothing stopping an adversary from making a bit-for-bit copy of the data and attempting to decrypt the (writable) copy.

[dhechols]

I foresee Truecrypt-ception. An encrypted OS within an encrypted OS within an encrypted OS. They'll never find my porn/plans to take over the world/illegal software/hacked secret government cables NOW!!!