> with cryptsetup,the way to do it would be:And any reasonable disk forensics tool will find that automatically
> 1. start with a block device like a usb stick
> 2. blank it out with random data.
> 3. put a regular file system like vfat at the beginning of the device.
> 4. put an encrypted plain volume somewhere at the back of the device.
and fast. My keyslot-checker could be adapted to find something like
that in maybe one hour.
are you saying that,if i create a 100MB file with data from "/dev/urandom" and then put a vfat file system on it,and then i open a plain mapper at 50MB offset and create a second file system on the file through the mapper,then your keyslot-checker or any other forensic tool will be able to detect the presence of this plain volume?
If true,then i would appreciate any link to any discussion of it because i am unaware of it.
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
