TrueCrypt Deniability in Question?

From Slashdot:

Source

Urls in Text:
http://www.darkreading.com/document.asp?doc_id=159192
http://www.pcworld.com/businesscent..._can_leak_from_partially_encrypted_disks.html
http://www.schneier.com/paper-truecrypt-dfs.pdf

Can we get some of our Crypto-Experts to comment please?

 

I've read the paper and don't get what all the fuss is about. Safe practices would include not using Google Desktop at all, which says in its documentation that the files will be indexed. Using encrypted containers and/or volumes and then using Google Desktop would be really stupid. Same goes for using Microsoft Word with it's auto-save and metadata "features." As for registry entries, what's new? We've always known it will show Truecrypt is on your system and the drive letters mounted. Again, I don't see the problem. As long as you are using TC on your system as "normal" security practice and have a volume to show that, what's the problem? With the use of flash drives, iPods, external hard drives on and on, the drive letter a Truecrypt volume is assigned isn't, in and of itself, a tip-off that Truecrypt has a hidden volume. Using a product like Returnil makes that problem moot anyway.

 

I personally dont use hidden containers, because i think they are useless. If someone shows me a Fat32 container, and they mount it, i dont care what they would tell me, i will swear blind that there is a hidden container. If i were a police forensic scientist, looking for clues or proof, and i had a passphrase which led me to a a FAT32 partition, i would have tons of suspicion.

I personally dont use vista, and i dont have anything super special to protect anyway, i use truecrypt on 2 devices and 1 partition, because i can, because i value my privacy. If there is the odd scrapings here and there which can prove i have things encrypted, then whoope doo, let thieves see the fact that there are things they will never get lol. Maybe truecrypt will read it and redesign something perhaps, but i doubt it. Thats really the fault of the person using their computer, for not having a secure preceedure.

 

Thats why FAT32 is the default file system of Trucrypt.

 

If you are really worried that somebody would think you have a hidden container when you really don't, this discussion at the TC forums is interesting. http://forums.truecrypt.org/viewtopic.php?t=12077

 

If i were going on vacation or something, i would create a container with the password of a simple nature, and have a hidden one, with a simple password, and put that header on my partitions, then keep backups stored somewhere of the originals. Then if someone stole my pc, they would crack a worthless code and have no data.

 

yes TC is not perfect now, but it is very close to it. (sorry if you don't understand my english, i just try my best to put my idear, how should Truecypt developed in the futur. and i hope some one will pass it to the dev. team)

all the needed features are almost there:

A)until version 5.1a, TC hiden volume can be created in a encrypted partition, just say partition D, and than we can do a quick format D:\ as FAT32 in windows, and the hiden volume in D is still mountable. see:
https://www.wilderssecurity.com/showthread.php?t=214356

B)and ab version 6, TC can mount a hiden OS from a hiden Volume in D.

i like to sugest:
1)TC enable the above mentioned feature A again.
2)may be change some code in the bootloader, so that it's able to boot a hiden OS from such a hiden volume. and make the need of creat a decoy OS optional.
3)make a live CD version from TC, (may be a linux version in a live linux CD)which has all the above mentioned features. Add can creat hiden OS, and save the rescue disk in a bootable USB.

than let people download the ISO, and burn it of CD. we can use this CD to create a hiden OS in D, than quick format D as FAT32. and save the bootloader in a bootable USB.

after that, destroy the CD, and put the USB in a save place.

there is no evidence of the PC, that we ever have used TrueCrypt. we can even put some files on D, just be careful it not to much, so that destroy the hiden volume.

if you need the hiden OS, just boot the PC from the USB, with your password.