Plausible Deniability

Soldato
Joined
6 Jan 2005
Posts
3,632
Location
Cambridge
So, let's say you were a secret agent that had a hard drive full of top secret documents that you didn't want anyone to access, unless you gave them a password. If the police found them, you would be sentenced to infinite years in prison.

If you were to use Truecrypt and used the hidden OS feature, would that be enough to stop anybody finding your data about pirate ships? Does the 'plausible deniability' work as it should? If you said that no OS existed other than the one they could see, could they prove otherwise? If not, how come?

If the police asked you for a password for an OS they could see, you would have to give it to them, as far as I know. Then you would fail as a secret agent.

Thanks,
yhack
 
Soldato
Joined
6 Oct 2004
Posts
15,693
Location
Birmingham
If you set Truecrypt up correctly, it would be very difficult, but not impossible for them to detect the hidden OS.

That's where it's very important not to give them any reason to suspect that there is a hidden OS, so that they don't feel it's worthwhile to dig to the level required to find it :)
 
Associate
Joined
19 Aug 2010
Posts
1,983
Location
London
I'm sure it would say somewhere on the HDD what the total capacity of it is, and then when they see that X amount of space is missing they would get suspicious?
 

SMN

SMN

Associate
Joined
2 Nov 2008
Posts
2,486
Location
The ether
If you use truecrypt hidden volume properly it would be nigh on impossible to find. You are complying with the law by providing the *safe* password, and as the entire disk is encrypted your not going to see a situation as outlined earler in the thread.

Also, worst "i read the other thread about the guy whos ex found his smut and flipped, and now want to hide my smut" thread :)
 
Soldato
Joined
6 Jan 2005
Posts
3,632
Location
Cambridge
If you set Truecrypt up correctly, it would be very difficult, but not impossible for them to detect the hidden OS.

That's where it's very important not to give them any reason to suspect that there is a hidden OS, so that they don't feel it's worthwhile to dig to the level required to find it :)

I see. So if they went onto the 'decoy' OS and saw it had 60GB of space, on a 120GB hard drive, would that be a good enough reason to look for a hidden OS? Or would it not say 60GB total?
 
Soldato
Joined
6 Oct 2004
Posts
15,693
Location
Birmingham
I see. So if they went onto the 'decoy' OS and saw it had 60GB of space, on a 120GB hard drive, would that be a good enough reason to look for a hidden OS? Or would it not say 60GB total?

You can hide the secret OS mounted in a folder/file of the safe OS so that there aren't discrepancies in drive space.
 

J.B

J.B

Soldato
Joined
16 Aug 2006
Posts
5,922
You'd probably need to use the decoy OS a bit to make it look used and not too suspicious but as far as I know there is no way of finding the hidden partition (I may be wrong though)

You may be in breach of RIPA for not disclosing all your passwords though.

Those saying would it not appear as occupied space, probably not as it will just be ciphered data the OS will probably see it as null space and report it as empty. Not sure how you'd stop the fake OS from overwriting the hidden partition though.

I don't really know as I dont use truecrypt,
 
Soldato
Joined
18 Oct 2002
Posts
8,057
Location
7th Level of Hell...
Truecrypt plausible deniability relies on you having 2 OS on the same drive. The first OS is a decoy "safe" one and the other is the hidden "secret" one. The hidden OS lies within the safe OS in sort of a container.

Both OS have passwords. When the system starts, you enter one of the passwords. Depending on what password you enter results in what OS is started - entering hidden OS pass results in hidden OS loading, entering the safe password means the safe OS loads.

The hidden OS looks just like random data while it is encrypted, almost like unallocated disc space which makes it nigh on impossible to see whilst encrypted.

By giving over your safe OS password, this will give you the denial plausibility that you complied with RIPA. In order for it to be believable, you should use the safe OS as much as possible in order for normal deleted files etc to build up. If you had a "pristine" safe OS like it would be on a fresh install, this would raise suspicions. Only use the hidden OS when you need to.


There is far more info on the Truecrypt website.
 
Top