Michael Garibaldi wrote:
>> Here user insists that /dev/hda2 is the root partition. That way all
hard
>> disk space is accounted for. Attacker can prove existence of one
small gpg
>> encrypted file on USB-stick for which user has forgotten passphrase.
> That just doesn't fly with for e.g. when you computer is sized by the
police when you are away from home.
Obviously the police are not going to find one's USB stick on the
computer, when one is not home. The stick is ONLY used for booting and
then carefully hidden. It does not matter if the "self destruct" works
or not, what matters is that there is absolutely no reason to even
suspect that a different kind of encryption is being used on the system.
It boots from the HDD and uses all the available space, and the police
will get the key that will unlock the fake system, and that's it. As
long as the USB stick is kept safe (which should be trivial to do), they
have absolutely nothing to even suggest there being a parallel system
encrypted with other keys. And as Jari pointed out, even if they
actually get the USB stick too, they really cannot prove anything.
When you don't "boot" the system, but inspect the HDD-Image from another
system
there are a few "obvious" information missing which you had when you
actually booted the system.
So for the police you would have an unencrypted "boot" partition and 3
partitions with random data.
From the unencrypted partition would would get an indication that the 2
second partition contains a root-filesystem, but that's about what you
can get from the sample-setup without breaking the decryption.
So from the police-Standpoint there are 3 "unaccounted" partitions.
If you encrypted the whole HDD (including sector 0) the deniability
would be slightly better as there is no "partition" at all you could say
that you just hadn't hat time to install the computer. :-)
Or use a random reagion on the HDD and filling the rest with random data.
e.g. when you have a 200GB HDD, fill it with 200GB of random data and
then just use the range from e.g. 96GB-145GB.
As it shouldn't be possible distinguish the encrypted data from the
actual random-data you would have enough room for another "container" as
a decoy.
P.S. they may, however, be smart enough to type one's name on Google and
find out that one has been discussing this topic on this public mailing
list.
That's the drawback when you have a (AFAICS) "unique" name.
P.S.
If i'm not mistaken you aren't using your real name.
Bis denn
--
Real Programmers consider "what you see is what you get" to be just as
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated,
cryptic, powerful, unforgiving, dangerous.
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
