TrueCrypt, Encryption and Random Data

Of course an anarchist would feel that way, and I would hardly expect otherwise. But don't worry, I'm not about to jump through your computer screen to grab your illegal music files or whatever. I don't much care if you choose take part in harmless illegal activities. I do, however, mind if a pedophile or a terrorist goes free. If a person suspected of either of these crimes refuses to open an encrypted volume which potentially contains incriminating evidence then that person should be jailed for refusing to open the volume. One of my objections to the hidden volume feature is that it can allow them to escape even this lesser punishment.

 

Of course, this is meant to be a legal defense in countries where the prosecutor has to prove guilt beyond a reasonable doubt. There may be other uses but this, I agree, is the primary use. I think what you're implying is that because we live in a legal system where someone is presumed innocent, then there is no reason to have to be deceitful. After all, this is the height of fairness. I couldn't disagree more. The law has always been and always will be stacked against the minority. And I don't mean only racial minorities. I mean people with minority views or minority interests. Let me give an example that I had previously discussed. Standard porn has been protected in this country for decades now. I had previously discussed the case of the guy who was involved with "2 girls 1 cup" getting probation by plea bargaining to an obscenity charge. If this guy had gone to trial, he would have probably gotten a lengthy prison sentence. For what? He helped produce videos that appeal to a minority interest. Are they harmful to society in any way? From my perspective, the answer would be a definitive no. Majority interests will always be protected by the law. Minority interests are likely to get the shaft. People are, by and large, not reasonable or thoughtful in any way. So, your argument that we live in a fair and free society with a reasonable legal system do not ring true with me. Your argument that the legal system deals fairly with people in general and that people who are deceitful in some way are in the wrong is not a generalization that I'm willing to make. There's a huge difference between the people responsible for the Constitution and the Bill of Rights and those responsible for maintaining our day to day legal system. Ultimately, your fate comes down to the average buffoon you might run into at a Wal-mart. I'm sorry if that's offensive, but it's what I think. In my opinion, your best odds are to feed these people what they want to hear, whether it's the truth or not. For some of us, finding a jury of our peers would be an exercise in futility, for a variety of reasons.

I do agree with some of the flaws you perceive. Notably, plausible deniability designed for the unwashed masses will, by necessity, be a fairly weak form of deniability. It may be suspected (possibly strongly) that a hidden volume exists but any type of proof will be lacking. The ideal form of deniability is when an expert examines the system and is completely confused and has no idea what has actually been done.

I've probably studied this issue as much as anyone not actually involved with TrueCrypt. I've studied ways of placing volumes in random places on working, non-encrypted partitions. I've studied the entropy and patterns created by wiping programs, to ensure that if someone chose to study said hard drive carefully with a hex editor, I can replicate the data pattern precisely without the use of TrueCrypt or any other cryptographic program. I've been doing hidden operating systems since before TrueCrypt decided to implement it. In fact, some of the stuff they chose to implement seems eerily similar to a lot of the details I worked out independently. But when I create a hidden operating system, it's actually hidden in the free space of a non-encrypted partition. Of course, I ensure the data pattern could be replicated (including data entropy and statistical randomness) by a wiping program.

I consider TrueCrypt's use of hidden volumes weak (in that people will probably suspect that it exists simply due to the fact that the person is using TrueCrypt) but probably adequate for a legal system in which the person is presumed innocent. It's adequacy stems from the fact that it, in fact, cannot be proven to exist. Also note, that it's trivial to place a hidden volume (or even an unlimited number of hidden volumes) within a TrueCrypt volume with the use of third party software or by manually placing it there. Of course it won't be as slick as with the TrueCrypt interface and you don't have the automatic protection of the outer volume. So, you have to be careful not to overwrite any data in the outer volume, or that will give away the fact that a hidden volume exists. This requires that the user have some experience and some common sense.

As far as innocent people being caught up in this and suspected of wrong doing simply because TrueCrypt allows for the creation of hidden volumes, I consider this to be a very low probability. But, it is possible. I might add that anyone concerned about this can create a small hidden volume and fill it with anything you want. You can open both volumes if the authorities ask. For anyone that wants to be extra tricky, create an outer and hidden volume with TrueCrypt. Then manually place a second hidden volume somewhere in the free space of the outer volume being careful not to overwrite the TrueCrypt created hidden volume or any files in the outer volume. Leave enough space to allow for natural growth of the outer volume. I might add that this is very, very tricky to do manually with NTFS but relatively simple with FAT32.

I much prefer the idea of denying encryption exists in the first place. Unfortunately, it really requires a lot of study to determine ways to implement this properly. I'm not sure it can be automated. And I actually would not mind if TrueCrypt hidden volume creation were handled by a third-party program. It may create greater deniability for those who chose to use it, though I can't say for certain because I haven't looked at it very thoroughly. As it stands, I think the way TC implements hidden volumes is the best protection for the masses. But it's far from perfect, which is why I don't use it.

As far as people wondering about some of the specifics of how to do this stuff, I've been kicked in the balls too many times for even mentioning that this stuff is possible. For some people, saying/believing that things are impossible seems to be their dogma. I'm going to think twice before getting into any more shouting matches over this stuff.

As far as people getting their heads blown off for using TrueCrypt, I don't think we'll be seeing that happen. And I don't think someone will be more likely to get into trouble for using TrueCrypt than PGP, for instance. And, by the way, it is possible to manually place hidden volumes within the free space of volumes created by other crypto programs. I've never done it (because I haven't had the need for it) but I don't see any reason you couldn't, provided the data produced by the host program is cryptographically secure and statistically random. In that case, it should blend perfectly with a TrueCrypt volume.

As you can see, there are a million and one ways to be devious. TrueCrypt's hidden volumes are just a way for the masses to dabble in the same things that experienced individuals can already do. In fact I can place a hidden volume within an encrypted RAR archive and make it seem like the password to the archive was just lost. This wouldn't be all that useful if not for the fact that WinRAR gives you the option of leaving the filenames unencrypted. So, I can make it seem like whatever files I want people to see are within the archive. Because the password is lost, no one can verify that those files are, in fact, not in the archive.

I've also lobbied unsuccessfully, in the past, for TrueCrypt to create their own disk wiping software. This software would naturally wipe a drive in a way that would be indistinguishable from their crypto. This would create the ultimate plausible deniability if for instance you have an entire device that's been encrypted (non-system of course). Was it wiped or was it encrypted? Of course, it's possible to entirely simulate this now with commercial disk wiping software, but most people are not capable of doing the legwork on this. If TrueCrypt were to create this software and market it separately from their crypto (or even integrated with their crypto might be okay), then it would help the plausible deniability cause. I've seen some other topics on this on the TrueCrypt forum recently, and I can't help but wonder if I started people thinking about this.

Why do I do all of this? I like the science of it, and, at heart, I really don't feel like it should be anyone else's business what people do on their computers. And I'm tired of all the whining about CP and terrorists. I'll say it again, TrueCrypt cannot aid a terrorist in any meaningful way. At least, it can't be any more of an aid than any other crypto program. There will always be other evidence. If there is no other evidence around, then this guy is probably already too skillful to rely on TrueCrypt hidden volumes. If the authorities already have reason to believe that someone is involved in terrorism, a TrueCrypt volume is not going to prevent them from torturing him or sending him to Guantanamo Bay (or wherever they keep their secret torture sites now). In fact, they're totally free to keep him locked up indefinitely without a warrant or habeus corpus. So, you can see, they're totally free to do to him all of the things that Dick Cheney gets off on. This may be off-topic, but as I was typing that last sentence, I couldn't help but wonder what Dick Cheney might use TrueCrypt for.

Sorry, I will never buy the argument that the government has any business on its citizens' computers.

I think you give them too much credit. My guess is this is an issue of supply and demand. People demand certain features and they supply them. I think it's the same with their cascades of two and three ciphers. As Justin Troutman has pointed out, this is probably unnecessary and adds an additional layer of complexity. But when I used to frequent their forums, more people than not were in favor of it. I'm not saying that their work is shoddy in any way. Quite the opposite, I've been highly impressed with TrueCrypt over the years. It's worked flawlessly for me, and I don't believe there have been any major security issues. And that's why I use it. I can't fault them for supplying features that people want that may not be entirely necessary, as long as they're implemented properly. Thankfully, they've managed to keep TrueCrypt light even with the expanding list of features.

As far as hardened criminals are concerned, if they have any skill at all, they should be able to do a lot more than what TrueCrypt hidden volumes can offer. I'll say it again, I consider TrueCrypt hidden volumes to be the absolute entry level of what is possible. Not that hidden volumes can be proven to exist, but a career criminal really won't get the benefit of the doubt in a trial. I don't care what the law says, if you have enough baggage you're probably going to jail on minimal evidence. That's the reality of the legal system (in the US anyway). People get shafted all the time. And I'm not going to get into a rant about the legal system, but part of the baggage that some people carry in the US is their race. I'll leave it at that, because it's probably off-topic, but I have a lot more to say.

 

Generally, giving up a right (in this case, the right to privacy) with the excuse of prosecuting terrorists, pedophiles, witches, or whatever else is fashionable at some time in history, is not a good idea.
As already said, a feature like Truecrypt's hidden volumes cannot be used by any real criminal as the only mean of hiding an illegal activity, and the investigators will surely have other ways of investigating the suspect, even in case when such suspect is using a hidden volume.
As somebody smarter than me often writes, every tool can be used for good and bad, including cars, hammers, guns and criptography. Don't make the mistake of limiting yourself (and others) because of some irrational fears.

 

I'm familiar with Mersenne Twister. It actually does pass the diehard tests but not the TestU01 suite. Here's the important fact. AES, Twofish, etc. are all cryptographically secure and statistically random. So, their output cannot be distinguished from each other or from other cryptographically secure algorithms, such as ISAAC. It's true that DBAN uses Mersenne Twister, but it also uses ISAAC.

I've been listening to the arguments for years that DBAN always has a final zeros wipe at the end, so that makes it useless for our purposes. I say that's nonsense. All you have to do is pick one of the multi-pass wipes, then pull the plug on it somewhere between two of the PRNG wipes. The hard drive will look no different than a TrueCrypt encrypted device. I don't know why people believe that once you pick a 35 pass wipe, you have to let all 35 passes finish. Why can't I stop it at 17 or 18?

I never mentioned Mersenne Twister, and in fact, if someone were to ask, I would say to avoid making that your alibi. But here's the important fact. Just because you say you used a certain product on your hard drive doesn't mean you were 100% certain at the time. Just say I think it was DBAN. You're protected by the fact that TrueCrypt has complete statistical randomness. As far as I know, no one can prove that it was encrypted. As long as there is some/any disk wiper out there that is indistinguishable from TrueCrypt, you're very well protected. As long as you're not 100% certain about what you used, you're in good shape.

As far as all the secret government experts out there that can blow the private sector cryptographers out of the water, I'll just shrug until I see some evidence of it. I doubt it. I've had this same conversation about 20 times now. I'm unimpressed every time someone claims we don't know the current state of the art. I think the state of the art is TrueCrypt and that there are no secret tricks to break it. The state of the art is probably to look for operating system leaks or some other user errors.


Feel free to post this on the forum. I would prefer for it to be public, if you don't mind.

 

Let me add something else. The operative term here is "cryptographically secure". As far as I know, one set of cryptographically secure data cannot be distinguished from another set, regardless of what algorithm produced the data. Someone correct me if I'm wrong.

So, when something is termed cryptographically secure, that's a powerful statement. There are many CSPRNGs, of which ISAAC is one. Mersenne Twister is not, and it was never thought to be.

http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator
http://en.wikipedia.org/wiki/ISAAC_(cipher)

So, the two issues here are whether the disk wiping program uses a CSPRNG and whether it fills the device in a way identical to TrueCrypt. Note also that if the disk wiping program were to somehow write to all sectors that TrueCrypt writes to plus additional sectors that TrueCrypt doesn't write to, then it doesn't invalidate it for our purposes. All you would have to do is run the disk wiping program first, then TrueCrypt. It's only when TrueCrypt fills sectors that the disk wiping program doesn't that there might be problems, though not necessarily.

In practice though, I've noted that both disk wiping programs and TrueCrypt fill all sectors of a device, making them indistinguishable.

 

I do agree of what dantz is saying about terrorists going free etc this is my main concern and really the only concern, unfortunately this is the price we have to pay for our own privacy. I'm not worried as much about a pedophiles having encrypted child porn because for most pedophiles their sick fantasy's only exists on their brain cells and on the platter of their hard drives, which doesn't have any affect or harm on anybody else. what I am saying is there are millions of pedophiles around but out of those millions there is only a very small number who actually abuse a child. But catching terrorists and finding out all their future plans and activities poses Big Problem. But then again I'm sure their would be some one at the court house with technical knowledge have an idea that there would be also a hidden volume, tell me what would happen if the accused had forgotten what the pass word is?

 

FYI -- the cyberCide utility supports hard drive sanitization using the ISAAC algorithm.

FYI -- BestCrypt is another option for uses who feel the need to employ a hidden container. I seem to recall Jetico claiming that it “invented” the hidden container concept, but I may be mistaken.

FYI -- Only passes #1-#4 and #32-#35 of the 35-pass Gutmann erasing method use random characters. Passes #17 and #18 use 0x77 and 0x88, respectively.

* * * * * * * * * * * * * * *​

P.S.: Kudos to Dantz and Himynamaborat for an outstanding series of informative posts!

 

I just gave 17 and 18 as an example without bothering to look it up. I think the whole 35 or 7-pass wiping idea is nonsense myself. I think one pass is irrecoverable. However, since there are so many paranoid people out there, I can take advantage of that and use it to my advantage.

But now that you mention it, since it is passes 1 through 4, all you have to do is say you set it for 35 passes, then you just got REALLLLLLLLLLLLY tired of it at pass 3 and pulled the plug.

 

I agree completely. And these issues, like child porn and terrorism, are used to create a kind of hysteria to con the American people into giving up all kinds of basic rights, when these rights are actually being taken away for other reasons. A statement that Steve made makes perfect sense to me. "The only rights that you have are those that you can forcibly exercise".

 

I think that we're going to have to accept the possibility of malevolent uses of a particular technology, and take the optimistic approach that most people are good and will engage in only the benevolent uses of said technology. Of course it's bad when the former happens, but I don't see this as being anything that we haven't dealt with before. Obviously, certain instances take center stage (e.g., gun control), but sheathe every double-edged sword and you'll bring the human condition, and all of its societal phalanges, to a halt. Privacy versus security is not the right argument, but has become a façade for the unfortunate, and backwards, call for the sacrifice of the former, for the sake of the latter.

It's important to note that I'm apprehensive about deniable systems, if ever my head were to depend on them. I'm not convinced that any particular system has seen enough scrutiny for me to feel any other way. The solution, of course, is to scrutinize longer, and harder. Until then, deniable systems, in my opinion, fall into the category of systems that work much better in an idealized, theoretical environment, given all the subtleties of practical, real-world design. I've seen systems corrode rapidly due to information leakage; it's nothing to take lightly -- especially if a trip to the gallows is riding on it.

(There's a paper by A. Czeskis, D. J. St. Hilaire, K. Koscher, S. D. Gribble, T. Kohno, and B. Schneier, titled, "Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications," which touches on the effect that information leakage can have on deniable systems, and where such leakage can occur.)

When it comes to such "better on paper" technologies, I'm reminded of nonrepudiation -- you know, if you sign something, you can't go back and deny it later. Unfortunately, this doesn't translate as well into practice as it sounds in theory. The reason being: atrocious key management. If someone wants to deny signing a document, the virus-stole-my-key card can be pulled with relative ease. Tragically, it's plausible enough that we can't call their bluff. In essence, a digital signature doesn't prove that you signed anything; it just proves that your key did. Details, details, and more details.

Right. For example, we assume the AES to be a good PRP, or pseudo-random permutation; that is, if we have a good block cipher and a random permutation, it should be "hard" (read as "computationally infeasible") to tell them apart. An attack that can do this is often referred to as a "distinguisher" or "distinguishing attack."

By the way, how's Bilo?

 

i second this approach. if you're relying on the deniable aspect of TrueCrypt or any other such system you're asking for unpleasant surprises sooner or later. this doesn't even consider the effect of solid state drives and their wear leveling algorithms on deniability erosion. (or any number of other scenarios where the assumptions of TrueCrypt fail in practice).

the only plausibly deniable system i ever saw that seemed reasonable stored a paltry amount of data in the unused bits of unallocated inodes of a unix file system. this required terabytes of actual data to make the stego part usable. i expect that over time, this too would fall prey to the right analysis.

best regards,

 

Sometime my seesta, she show her vergina to, my ah-brother Belo and say "You will never get this, you will never get this, LALALALALA" He uh behind his cage he crazy crazy everybody laugh, she go "You never get this" but uh one-a-time he break-a-cage and he get this. And then-ah we all-a-laugh

 

High five!

 

Forensic analysts and law enforcement relying on assumptions like yours are the ones in for a rude awakening when/if they discover what's actually possible.

I'm also apprehensive about deniable systems that are marketed as such. When I absolutely, positively need plausible deniability, I'll use my own creativity.

 

Not in a million years is deniable cryptography going to keep a terrorist from going free. Terrorism is not a computer storage crime. Terrorism involves people networking and materials acquisition. Computer files are not really a major factor, if any. And the critical issue is whether or not this person is on the radar of any 3-letter agency. That's the only issue. Once that person is on their radar, it's game over. Cryptography plays no role in whether or not he becomes a "person of interest". It might play a small role after that point but it's unlikely (because, again, terrorism is really not a crime aided much by encrypting files). It may help them to encrypt communications of course, but TrueCrypt doesn't do that.

So, I'm at a loss as to why people think TrueCrypt would play anything but an inconsequential role in these matters. And, certainly, once someone becomes a person of interest, it makes no difference whether the volume is hidden or not (not on this planet anyway). You think they're going to believe he has no hidden volume? In other words, if there were no hidden volumes in TrueCrypt, it would make no substantive difference.

Hidden volumes may only be helpful if the crime you're accused of is ordinary and you don't have a whole 3-letter agency on your ass.

And another question for people who insist on mentioning terrorism and child porn in the same breath (the ten thousand or so people I've heard do it), why do you think they're in any way similar? First of all, in terms of sheer numbers, there's no comparison. If I had to guess, I would say there's probably at least a million people (bare minimum number) in the US who have purposely downloaded child porn. The number of serious terrorists in the US probably could be counted on two hands. And, frankly, terrorism is not even a computer crime. If you want to be honest, there are probably at least 10 computer crimes that should be mentioned ahead of terrorism. Sorry, me no understand the logic of some people.

 

I'm surprised to hear you making such a naive statement. Data is data, whether it's stored in hidden volumes or on sticky notes. You seem to be claiming that as far as terrorism is concerned, data stored in computer files is mostly irrelevant. By your logic I suppose we shouldn't bother to read any of their written notes either, right? What, do you think they just keep all of this stuff in their heads? Names, dates, photos, locations, techniques, plans, targets?

Anyway, the point of my argument is not specifically about terrorism or child porn, it's that hidden, deniable volumes are almost completely unnecessary for the vast majority of society, but they are a very useful tool for criminals. Like silencers on guns, we don't need them but criminals do. So why have them? Well, as it turns out, silencers are illegal in America for just those reasons.

But suppose somebody comes along and starts handing out free silencers on every street corner: "Just stick this thing on the end of your gun and you'll be able to fire it without making a sound! How cool is that? Now you can shoot it all you want without getting caught. Oh, and here are some extra bullets, because you'll be able to shoot much more of them now that you have a silencer."

Is this a good idea? Should we give everybody silencers and extra bullets? Hmmm, let's see, who actually needs them? Who will benefit from this? Well, crooks need to be able to shoot their victims without attracting attention, so having silencers on their guns would help them out quite a bit. Great! That's Civil Libertarian Reason #1. What about the common man? Does he need a silencer in order to defend himself? Not really, in fact, in self-defense situations it's usually better to make a lot of noise in order to attract attention.

So handing out free silencers to everybody will mostly help the crooks and will be mostly detrimental to everybody else (kind of like TrueCrypt's hidden volumes). Do you still think that passing out silencers to everybody is a good idea? Because we don't want to have any bothersome rules in our society that might tend to inhibit our personal freedoms. It's not the silencers fault if crooks are now able to commit more crimes than before. The crooks are making the choices, not the silencers. So let's pass them out! Come and get your free silencers, everybody!

Now let's do the same exercise again, but this time with nuclear bombs. If somedody shows up on a street corner and starts passing out nuclear bombs, is that ok? They're just a tool, after all, and they can be used for good or for ill. It's up to the user, the bomb doesn't have anything to say about it. You can dig trenches with them, you can use them for nuclear deterrence, you can take off their shielding and use them to irradiate your food, and they look absolutely spectacular when you put them on a rocket and blow them up in the upper atmosphere. KABOOOM! Happy 4th of July! I plan on using mine to keep my neighbor's dogs out of my yard. If somebody else uses theirs to blow up the entire downtown district because they're mad about a parking ticket or they don't like the mayor then that was their own personal choice, you can't blame the bomb. Nuclear bombs don't kill people, people kill people, so withholding that person's bomb wouldn't have made any difference. So let's pass them out! Right?

I get the impression that some of us would still be in favor of handing out the nuclear bombs at this point, so I'll do one last example: Let's pass out global self-destruct buttons on every street corner. If anyone pushes their own personal button then the whole world blows up. I don't think we would last more than a fraction of a second if everyone on Earth was handed such a button, but at least our personal freedoms would be intact!

My point is that personal freedoms aren't everything. You have to balance personal freedoms against sensible limitations in order to hold your society together, because not everybody will be working with you, and in fact some people will be actively working against you, for reasons of their own. Giving your enemies the specialized tools they need in order to attack your society or its members may not be a smart move, especially if the tools that you hand out aren't even that useful to the rest of us.

Sure, we all want the unlimited personal freedom to do whatever we want, but it's selfish to not think about the bigger picture as well. We're all in this thing together, you know.

 

Dantz,
Saying that plausible deniability is "completely unnecessary for the vast majority of society" makes me think that you have elements to summarize and analyze the vast majority of society, in the whole world. Well sorry, but I do not believe you are able to do it, so this remains your (uninformed) opinion.

If you believe that the difference between catching or not catching a terrorist is made by something that can be coded in 0 and 1, you probably don't know what you are talking about, and have an extremely narrow vision of what a terrorist attack is about.

And last, comparing TrueCrypt to a silencer or to a nuclear bomb is just pathetic, and brings nothing to your argument.

My advice is to stop watching TV and start walking in the streets to see what the world looks like in real life.

 

I'm specifically referring to legally deniable systems such as hidden volumes, not TrueCrypt in its entirety. It should be obvious to anybody that a feature whose primary purpose is to help people lie in court would be far more useful to criminals than to society in general. I'm sorry you can't see that, but of course you're entitled to your own opinion.

Yes, my examples were a bit over the top. The silencer example may be the closest. The rest were just for fun.

 

Have you tried the most recent version of TCHunt? It finds all of my TC volumes across 2 terabyte drives in less than 5 minutes. No false positives.

 

I don't think it's a case of wanting unbounded freedom; global self-destruct buttons, nuclear bombs, and silencers, haven't been -- at least not where I'm from, in the old South -- a staple of the human condition. On the other hand, the "right to be left alone," if you will, has. In any given political climate, I don't believe in trimming our liberties to cater to that climate; I believe in ensuring that our liberties are preserved and climate-proofed. Privacy is a societal matter. When we close the door to the loo or the bedroom, it's not a matter of hiding wrongdoing; it's just, well, we don't want someone watching. It's necessary for the human condition.

Besides, if you want to outlaw deniable encryption, then you're starting at the wrong place. Let's start with encryption itself; it has already been attempted before. The Bad Guys can use tools to hide data, and tools that hide the existence of hidden data, but I think these Bad Guys are fewer in number than the Good Guys. There are reasonable threat models for which deniable encryption makes sense, so I'm not in favor of restricting it. All in all, if you're trading privacies for securities, then you might wind up with neither; furthermore, you probably deserve neither. But maybe that's me just channeling Benjamin Franklin.

Is that the given purpose? If so, I'd say that's a pretty lousy defense for a feature that can be used in a purposely good manner. I like to think of it, potentially, as protection against rubber-hose cryptanalysis. We may not be used to that kind of thing here, but the same can't be said for locales elsewhere.

Although I don't have any statistics to accompany me, I would bet that the number of instances where the Bad Guys use encryption alone is far greater than the instances where they're using deniable encryption. Neither encryption nor deniable encryption is bad, conceptually speaking. What would your response to this be?

 

Dantz,
the use of just simple encryption is enough for a criminal to hide some evidence in court: the criminal simply needs to NOT disclouse his password. In a "civil" State, this could bring him some years of jail (actually, up to 5 years in UK, I am aware of no other "civil" countries that will jail you for not disclousing your password), which is surely better than lifetime for some terrorism related crime. Plausible deniability makes no big difference in this case.
On the other hand, the (innocent) person who has own business to keep private, can use plausible deniability to preserve privacy in court, if needed, without needing to choose between privacy and freedom.

Plausible deniability in a situation different than a regular court is useless, of course.

 

Exactly what "empty portion of the disk" are you talking about ?
It sounds a bit like you think only the data is encrypted . That is NOT
how it works, the ENTIRE partition/device, including free space (and the HPA if desired), is encrypted .
Why should it be necessary to overwrite anything before encrypting ?
The process of encrypting overwrites everything anyway,
so what's the point?
Keep in mind that there are no known cases of recovery of data that has been overwritten just ONCE !

 

Boy, this is a tough crowd! I feel like a vegetarian at a cannibal convention. Judging from the overwhelming disapproval of the various privacy advocates on this board, I may be one of the only guys in this part of the galaxy who doesn't feel the need to keep a bunch of secret, hidden data on his PC.

I would like to address your comments, Justin, but I honestly don't know where to begin. I feel that our privacy needs are already very well served by strong encryption and I really don't see the need for masking the very presence of the data itself unless that data happens to be something really, really bad, in which case I question the reasons for having it in the first place. To follow up on your example, do you have multiple locks and deadbolts installed on the door of your loo to make sure that nobody can possibly open it while you're in there? Is the door barricaded against police attack as well? Of course not, it's not necessary. Closing the door is usually enough, and if you have kids running around then maybe you latch it as well. Anything more than that is overkill and speaks more to paranoia than to necessity. I feel that the same is true for most users of hidden volumes.

I use encryption to protect my sensitive data, of course. Nobody can crack it, and so far as I know nobody wants to crack it. Thanks to freeware programs like TrueCrypt we all have access to extremely strong encryption, and I applaud that. What surprises me, though, is that so many people feel that strong encryption alone doesn't provide them with enough protection. It's almost like giving somebody a very high-performance car and having them say "Oh no, that's not powerful enough, my driving is really, really important, I need to have a turbocharger as well!"

I see a similar attitude on almost all of the privacy and encryption-related boards that I visit. Large numbers of users appear to be obsessed with hidden volumes, hidden operating systems, and various other seemingly-clever ways of hiding data such that its very presence can be "plausibly denied". New schemes are frequently proposed and discussed, and for some reason they just can't seem to get enough of it.

I have to wonder sometimes - why isn't strong encryption good enough for these users? Nobody's going to crack it. What sort of data are they storing that needs to be hidden as well as encrypted? It takes extra work and extra maintenance to hide data properly, so there has be some pretty strong motivation.

I would love to hear some good explanations for this behavior. Is everybody a human rights activist working under an oppressive regime? No, there couldn't possibly be that many of them. Are they all 6-year old kids who think that life is all about hiding stuff and having secrets? No, their spelling is too good (at least, most of the time). Are they all committing computer crimes and living in the U.K.? Well, maybe some of them. Are all of these hidden volumes merely full of porn, illegal copyrighted material (music, etc.) and maybe some keygens and warez thrown in? I hate to say it, but my guess is that this is probably the majority of it. My guess is that this whole intense focus on privacy and secrecy is probably just based on some minor civil disobedience and the fear of getting caught, or at least embarrassed. And of course, a minority of these hidden volumes probably contain data that is related to serious criminal activities such as terrorism, child porn, etc.

I think that this whole issue can be broken down to a matter of personal values. I personally believe that life is much better when you don't have to worry about storing, hiding and lying about a whole bunch of secret stuff that might get you into trouble. I feel that living an honest life and telling the truth is far preferable to lying in almost every case. And thus, a software product that provides an easily-used feature that encourages people to lie with impunity seems to go directly against those values. And if you hand out this software on the street corners (so to speak) then it end up encouraging more and more people to keep secrets (however trivial they may be) and to lie about them. It's practically becoming a lifestyle for a noticeable segment of our population. Is this really the direction that you want our society to be going?

And meanwhile, the various criminals who can really make use of this feature get it handed to them on a silver platter. They don't even have to think about it or become computer proficient. Sure, a minority of them would probably still figure it out even if it weren't already widely available, but this would at least reduce their ranks.

(PS: The last time I visited Asheville and the surrounding area I made sure to leave all of my silencers, nuclear bombs and global self-destruct buttons behind. That's all big city stuff, you don't need it in the South.)

 

While I disagree with you on most of your points, I also understand your thinking on this and respect it; but I really appreciate your being a good sport under all the criticism. That says a lot about you.

 

I hope it didn't sound like I was jumping all over you on this matter. I agree that there is a certain tone of sensationalism and hype that drives consumers to expect much more than they realistically need. While I believe that the right to privacy should be upheld, and freely exercised, regardless of the objective and subjective importance of someone's data, I certainly can't go along with the paranoia that leads to overkill and complexity; for example, cascades are most likely unnecessary for a vast majority of those who use them. While the overhead may not be a big deal for the user, the complexity can be a killer for the implementation. While the same could be said for hidden volumes, and plausible deniability, in general, I think we're dealing with a special case here.

Sure, most folks probably don't need it. Heck, some of them probably don't need encryption. But, cryptography itself has historically decided the mortal fate of many, and the threat models for which deniable encryption is a potential solution is just a subset of that generality. Okay, so those who need encryption outnumber those who need deniable encryption, but I'm willing to bet that those who misuse encryption outnumber those who misuse deniable encryption. From personal experience, I've been a part of case discussions, at the federal level, regarding child pornography and homicide, where undeniable encryption was enough. Even historically, I don't think there's any evidence that would suggest a viable case against plausible deniability.

The risk is nothing new; it's just wearing shades.

Asheville is certainly an island of liberalism in a sea of conservatism, so none of those things would fly here. I grew up in the sea of conservatism, though, where it was cotton, tobacco, caliber, and textiles, so you might be surprised.

All in all, I understand your sentiment, but disagree with your conclusion. I suppose we'll have to agree to disagree here, but we can do that in a civil manner, right? *eyes the global self-destruct button while reaching for the silencer*