Responding Arno Wagner <arno@xxxxxxxxxxx> : > > > 3. luks doesnt support hidden volumes. > > > > > It does, in a way. > > True. Not much worse than the TrueCrypt variant actually. > > The problem with hidden volumes is this: Either you have > the risk of destroying them, or you cannot use the > partition they are hiding in (which gives a good hint to an > attacker), or you need to reserve space for them > explicitely (which gives a strong hint to the attacker). > > TrueCrypt does not do any better here. Truecrypt helps here: If you know both password (normal + hidden) container, you have a mode where you can't overwrite your hidden datas, it helps for safety of hidden datas. >Also keep in mind that in many situations (US border > inspection, e.g.) the mere suspicion of a hidden > partition being present will be enough. > But with truecrypt you can only have at most two partitions: a normal one, and a hidden one. So, if you're really in big trouble you can tell the two password, proving that there is not anymore hidden data. With cryptsetup method, you can have unlimited hidden parts, leading to unlimited suspicions, no matter how many password you give. Don't know which is worse. -- Octane Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
