> Arno Wagner <arno@xxxxxxxxxxx> wrote: > > On Mon, Sep 14, 2009 at 01:25:48PM +0200, Mario 'BitKoenig' Holbe wrote: > >> and the system gives you the ability to plausibly deny the existence of > >> more keys. Just in the hope they stop cutting your extremities after the > > > > I would say plausible deniability has the potential to make > > them continue even after you have given them everything, after > > Of course. For me (if I'd be in that business) just the presence of a > system offering plausible deniability capabilities would be enough to > simply assume they are used and thus continue pressing out keys of the > suspect :) That is the beauty of a dm-crypt that supported even just the very elegant external luks header feature that Rick mentioned. dm-crypt comes with practically every linux. Therefor, having dm-crypt installed on one's system means nothing. Potentially, even only with the feature that Rick came up with, dm-crypt would be better at plausible deniability than TrueCrypt. This is because having TrueCrypt installed on your system pretty much guarantees that you have an encrypted volume. Having dm-crypt on your system means nothing. Probably less than a percent of people with dm-crypt installed actually use it, since at least my distro (SuSE) installs it by default. > > However, not offering such capabilities is only one strategy in the game > - and not a very cooperative one: it exposes the users of systems that > *do* offer such capabilities. Thus, the other way around is more > cooperative: if all major products would support plausible deniability, > the fact that some suspect uses one specific system loses this > indication. > > > regards > Mario > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
