[TriLUG] OT: Laptop Hard Drive

Igor Partola igor at igorpartola.com
Fri Nov 18 14:20:43 EST 2011


Plausible deniability gets tricky with encrypted filesystems. The problem
is that if you are withholding the decryption key from the police when you
are on trial and they are specifically asking for you to decrypt a volume
on your drive, it may be considered obstructing justice. There have been
several widely publicized cases of a defendant refusing to hand over the
decryption key and being held in custody indefinitely. What makes matters
worse is that often times the analogy to a physical safe and a key, that
seems to be popular when discussing such situations, often breaks down. For
example, you could irreversibly lose your decryption key which means nobody
will ever be able to decrypt the volume; this is unlike a safe, which in
most cases can be opened if sufficient force is applied.

On top of that I believe TrueCrypt supports hidden volumes, allowing you to
hand over a bunch of legitimate looking but fake data instead of your
actual secret documents. AFAIK, there hasn't been a widely publicized case
of anybody getting caught doing this, but some discussions of this topic
that I've seen seem to suggest that if you are caught, the penalty for this
action alone could be fairly severe (at least under US law).

FYI, I am not a lawyer and these are simply observations.

Some links:

   -
   http://news.cnet.com/8301-31921_3-20078312-281/doj-we-can-force-you-to-decrypt-that-laptop/
   - http://news.ycombinator.com/item?id=1760700
   - http://hackerne.ws/item?id=2744688

Igor


On Fri, Nov 18, 2011 at 1:59 PM, Joseph Mack NA3T <jmack at wm7d.net> wrote:

> On Fri, 18 Nov 2011, Alan Porter wrote:
>
>  Instead, I would think it would be just as effective to format the
>> filesystem and then create a large file using 'dd', letting the
>> underlying encryption create random-ish blocks on the actual disk.
>>
>
> Encrypting a filesystem is useful if you loose your laptop/flashkey, when
> you aren't around when the people find your harddisk. However an encrypted
> filesystem is useless going through TSA/DHS when they can just say "give us
> the passwd or you're going to Gitmo". In this case you need plausible
> deniability - "what encrypted filesystem? there's no encrypted filesystem,
> that's just random deleted files". I notice that you can have plausible
> deniability, but as you would expect it's proportionately more difficult to
> setup.
>
>
> Joe
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant map
> generator at http://www.wm7d.net/azproj.**shtml<http://www.wm7d.net/azproj.shtml>
> Homepage http://www.austintek.com/ It's GNU/Linux!
> --
> This message was sent to: Igor Partola <igor at igorpartola.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/**listinfo/trilug<http://www.trilug.org/mailman/listinfo/trilug>
> Unsubscribe or edit options on the web  : http://www.trilug.org/mailman/**
> options/trilug/igor%**40igorpartola.com<http://www.trilug.org/mailman/options/trilug/igor%40igorpartola.com>
> TriLUG FAQ          : http://www.trilug.org/wiki/**
> Frequently_Asked_Questions<http://www.trilug.org/wiki/Frequently_Asked_Questions>
>



More information about the TriLUG mailing list