Durress Password/Hot Key

I just stumbled upon this little tool written by Sarah Dean (The author of OTFE). It basically allows you to manage volumes created by other Encryption tools such as TrueCrypt and PGP. The feature I like however is the SelfDestruct feature Which basically allows you to set a hot key or Remotely activated kill switch. Upon hitting this key/logging in remotely the selected files or folders are destroyed using DOD standards from its built in tool or any other tool that excepts Command line arguments. This got me thinking about durress passwords and wiping on X number of bad attempts does anyone know of software (Free) that can do this?

What are your thoughts on this tool? Do you know of anything similar? What I want is something similar to this or along the lines of a Duress Password that wipes files on the 3rd wrong password or when a second dummy password is used. LAlarm does the Password part but also conflicts with other software on my computer so any req's are appreciated.

SecureTrayUtil: http://www.sdean12.org/Download.htm

 

I understand why "self destruct" is a popular idea but it is really a false kind of security. If your data is encrypted by Truecrypt or PGP and you use a REAL password that can't be guessed, then the self destruct function is pointless.

If your password is made of simple words or your birthday etc. you need a self destruct. Just add something like *f#cX("2' to the end of your simple password and forget about it. It will take millions or even trillions of guesses even if they know the first part.

If someone puts a keylogger on your system and captures your password from the keystrokes then they will only need one try to decrypt your data.

The only time a self destruct could benefit you is if someone is watching over your shoulder as you type your password and gets most of it but not all so they have to guess the part they didn't see. The problem is that if they are determined to get your data they will power off your machine, pull the hard drive and make a copy of your encrypted container before trying to decrypt anything. Nothing can stop that.

 

I 100% agree with you and fully admit I want it for the cool factor My HDD is encrypted and Im not to worried about it but I think it would be a cool way to say good bye to data when you don't need it any more.

 

For me, it is really cool that it would take years (possibly decades) to brute force an AES encrypted data volume if I use 20 RANDOM characters as a password.
NO password = NO data

If you just erase the encrypted volume header you are left with having to brute force a 256 bit master key directly. I think the sun will burn out before that happens.

 

LOL thats very true. I pesonal use 64 charactor Randomly generated passwords generated from 3 or 4 scripts and merged into one long one. Couple with AES-256 bit for FDE and a Cascade for everything else; No one is getting in any time soon. However I think it would be cool if a custom bootloader (grub maybe?) would do this: if password is "test" and the fake password is "fake" Upon entering the fake password it would "dd" the header or first 1-5% of the drive thus corrupting it. replace dd with NSA wipe and no one is recovering your data.

 

Sorry I can't help in your quest but glad to give you a laugh.
To continue the thought, what about physical destruction? Enter the "kill" password, wipe the header, then short the battery terminals with a relay. If the batteries have a full charge, they will get really hot thus causing the CO2 cartridge you put inside the battery pack to burst and make a really cool puff of smoke. If you are really lucky the batteries will actually burst and shoot out some flames!