Author Topic: Tinfoil USB stick of glory  (Read 4545 times)

Charlotte

  • Dissolute libertine
  • Here's to ol' D.H. Lawrence...
    • charlottebarnes.co.uk
Re: Tinfoil USB stick of glory
« Reply #25 on: July 18, 2008, 11:12:52 pm »
So all they have to do is to prove that you could have a DFS set up somewhere and that you're refusing to hand over the password and you're off to Belmarsh inna jumpsuit?
Commercial, Editorial and PR Photographer - www.charlottebarnes.co.uk

tonycollinet

  • No Longer a western province of Númenor
Re: Tinfoil USB stick of glory
« Reply #26 on: July 18, 2008, 11:42:34 pm »
You have an encrypted disk with another encrypted disk hidden inside it with a second password. This is the plausibly deniable hidden volume

Windows (or whatever) hints that there is a file in your encrypted disk. Surely it can't be proven that this file wasn't on the non deniable part, and has since been deleted?

bobajobrob

Re: Tinfoil USB stick of glory
« Reply #27 on: July 19, 2008, 04:32:48 pm »
Tinfoil seems to be running a bit high in this thread :thumbsup:

 - Linux on a stick - yes I can see the appeal there
 - Encrypted data - my data stays on a machine with key-only ssh access. I can access it anywhere in the world with internet access, but I don't think anyone would bother to hack into it (there are much easier targets out there). Why bother carrying it around with you?

Re: Tinfoil USB stick of glory
« Reply #28 on: July 20, 2008, 11:19:31 pm »
As fas as I can tell the 'vulnerability' is that if you have a hidden volume, references to files on that hidden volume on the unhidden volume may stick around, like in the 'recently used files' panel in Windows XP, or files referenced by Google Desktop.

I guess the solution is not to access files across volumes. Can you boot from a hidden partition?

tonycollinet

  • No Longer a western province of Númenor
Re: Tinfoil USB stick of glory
« Reply #29 on: July 20, 2008, 11:54:15 pm »
Well if you are daft enough to have both volumes visible at the same time - but entirely in your control.

Re: Tinfoil USB stick of glory
« Reply #30 on: July 21, 2008, 11:12:18 am »
But that's kind of the point of the article. Although there's no obvious flaw in the DFS code (it's not as if it writes out a list of files accessed in super_secret_files_are_here.txt) the whole idea of a Deniable FS relies on the applications and OS not giving the game away, and that's beyond the control of Truecrypt (or any other deniable filesystem program).


“Modern applications and operating systems are very complicated, and interact with each other in many different ways,” Schneier says. “Hiding the existence of something means controlling all those interactions, which turns out to be a very hard problem.”
"Yes please" said Squirrel "biscuits are our favourite things."

Charlotte

  • Dissolute libertine
  • Here's to ol' D.H. Lawrence...
    • charlottebarnes.co.uk
Re: Tinfoil USB stick of glory
« Reply #31 on: July 21, 2008, 11:15:31 am »
So in other words, if I have my DFS onna Tinfoil USB stick of glory and I access it on a computer wot has been booted from another Tinfoil USB stick of glory and doesn't save any configuration files; I'm laughing?
Commercial, Editorial and PR Photographer - www.charlottebarnes.co.uk

Re: Tinfoil USB stick of glory
« Reply #32 on: July 21, 2008, 11:16:16 am »
I guess the solution is not to access files across volumes. Can you boot from a hidden partition?

No. For a deniable file system you have to hide the encrypted volume in an existing encrypted volume. For you to have that first encrypted volume you need an operating system that can mount/understand it (including the Truecrypt code).

Well if you are daft enough to have both volumes visible at the same time - but entirely in your control.

And because of the above, you've always got to have both volumes mounted.
"Yes please" said Squirrel "biscuits are our favourite things."

Re: Tinfoil USB stick of glory
« Reply #33 on: July 21, 2008, 11:18:03 am »
So in other words, if I have my DFS onna Tinfoil USB stick of glory and I access it on a computer wot has been booted from another Tinfoil USB stick of glory and doesn't save any configuration files; I'm laughing?

Only if none of the applications you use, or Operating System, don't write out any hint to the hidden files to the non-hidden encrypted volume that contains the hidden encrypted volume.
"Yes please" said Squirrel "biscuits are our favourite things."