Plausibly deniable encrypted volumes. - Security & Cryptography

Users browsing this thread: 4 Guest(s)
BigE
Members
Because I am a narcissist and always need to have my two cents in on something like this, I would like to present the following points for consideration:

1) Truecrypt has never had any sort of complete or large scale code review, and while the code is open, the development process is not, so the code may or may not be receiving the review and testing it deserves. If you google for Truecrypt code reviews, at least on my end, I turn up with only https://www.privacy-cd.org/downloads/tru...sis-en.pdf this single code review, as well as a lot of conjecture. In fact, even TAILS doesn't recommend using it anymore, although this is not the only reason for that. https://tails.boum.org/doc/encryption_an...ex.es.html

2) Know your risk vectors and use encryption accordingly. Hidden volumes are great for hiding information from an untrained threat, such as kidnappers, extortionists, parents/spouses, and from entities bound by the law, such as the police, FBI, and lawyers. Plausible deniability is not so great against a trained threat though, such as high tech criminals, the CIA/NSA(arguably high tech criminals), or any other government entity or LEO that operates almost completely outside the rule of law, or any entity for that matter that will simply torture you for kicks if they don't "believe" that you have given up all your hidden volumes on the drive.

TLDR: Be paranoid, and remember that no one thing is a one off solution for everything, so plan accordingly.
[Image: a0QZxXO.gif]


Messages In This Thread
Plausibly deniable encrypted volumes. - by D9u - 16-09-2012, 04:59 PM
RE: Plausibly deniable encrypted volumes. - by BigE - 15-08-2013, 03:36 PM