 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Warp wrote:
> Tim Cook <z99### [at] gmail com> wrote:
>>> Isn't that what encryption is for?
>
>> No, encryption is that big red flag that says you've got something to hide.
>
> Well, there are rather ingenuous encrypting programs out there, such as
> TrueCrypt.
>
> It's completely impossible to see from a TrueCrypt-encrypted file that
> it's an encrypted file. It just looks like random data and it's completely
Well, perhaps if you're just looking at that file. If you're on Linux,
one often just has to look at your history file to see if you use the
truecrypt command.
Or they could look to see if you have truecrypt installed.
Or they could look to see if you have unmounted truecrypt directories.
I tried it and at least on my computer, truecrypt doesn't automatically
delete those directories.
I think under certain circumstances, truecrypt leaves stuff around in
the /tmp folder.
As for hidden partition, I don't know the details. I believe an
analysis was done and they only guaranteed true hiddenness if you used
FAT as the filesystem of the hidden partition. More precisely, it was
shown that if you use ext3, there will likely be data elsewhere on the
HD that will hint that there is a hidden partition somewhere.
There are other analyses. Let's say you make your "outer" TC partition
30 GB. And inside it you make your hidden partition 10 GB. I read
somewhere that TC makes that 10 GB block contiguous. So when you give
the password to your outer TC, if they look they'll see that your data
(if you have enough of it), will be all over that 30 GB except for this
big block of 10 GB which has random data (which, to the FS, appears to
be free space). Now you could say that you just deleted a 10 GB file,
explaining that big unused contiguous block, but...
--
"Maybe the universe IS fuzzy." --- Hubble Telescope Scientist
/\ /\ /\ /
/ \/ \ u e e n / \/ a w a z
>>>>>>mue### [at] nawazorg<<<<<<
anl
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Mueen Nawaz wrote:
> Fifth Amendment only works if you're being investigated. If, however,
> they're searching your computer for evidence about someone else's crime,
> I don't think you can plead the Fifth.
I am not a lawyer, but I believe this is not accurate. I remember
someone's secretary pleading the fifth when asked about her boss' stuff
and getting away with it.
The trick is, they can't really pursue *why* you are pleading the fifth,
if you follow the logic.
> In the US, however, I believe you
> don't have to hand over the password regardless.
Actually, the case is new enough that I didn't find any appeals that
would make it actual precedent, so I suspect it's still up in the air.
> If Tim is in the UK (sorry, I don't follow your lives that closely<G>),
> then the law does have the right to force him to hand over the password.
Yeah. Sucks, that. Kind of the reason we have that part of the
constitution. :-)
--
Darren New / San Diego, CA, USA (PST)
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Mueen Nawaz <m.n### [at] ieeeorg> wrote:
> Well, perhaps if you're just looking at that file. If you're on Linux,
> one often just has to look at your history file to see if you use the
> truecrypt command.
That may give them a hint that you might have encrypted files in your
system, but they have no way of knowing which ones they are. TrueCrypt
itself leaves no history anywhere.
> Or they could look to see if you have truecrypt installed.
Still doesn't prove that you have encrypted files. You could simply say
that you installed it a long time ago just to see how it works, or whatever.
> Or they could look to see if you have unmounted truecrypt directories.
> I tried it and at least on my computer, truecrypt doesn't automatically
> delete those directories.
You can choose whatever directory names you want to mount a TrueCrypt
file system. Just use /tmp/tmp/ or whatever. Nothing suspicious about that.
And as I said, TrueCrypt leaves no history anywhere about what you have
mounted or unmounted.
> I think under certain circumstances, truecrypt leaves stuff around in
> the /tmp folder.
It shouldn't leave anything if it works as advertised.
> As for hidden partition, I don't know the details. I believe an
> analysis was done and they only guaranteed true hiddenness if you used
> FAT as the filesystem of the hidden partition. More precisely, it was
> shown that if you use ext3, there will likely be data elsewhere on the
> HD that will hint that there is a hidden partition somewhere.
Then use FAT? What's the problem?
> There are other analyses. Let's say you make your "outer" TC partition
> 30 GB. And inside it you make your hidden partition 10 GB. I read
> somewhere that TC makes that 10 GB block contiguous. So when you give
> the password to your outer TC, if they look they'll see that your data
> (if you have enough of it), will be all over that 30 GB except for this
> big block of 10 GB which has random data (which, to the FS, appears to
> be free space). Now you could say that you just deleted a 10 GB file,
> explaining that big unused contiguous block, but...
AFAIK TrueCrypt puts random garbage at every free block for the precise
reason that it's impossible to tell whether it's just that, random garbage,
or a hidden partition.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Warp" <war### [at] tagpovrayorg> wrote in message
news:48f37469@news.povray.org...
> Still doesn't prove that you have encrypted files. You could simply say
> that you installed it a long time ago just to see how it works, or
> whatever.
Ah, see, that'd be lying. I'm pretty sure I didn't have anything bad, and,
quite frankly, if I *did*, I deserve to be punished. Simple as that.
--
Tim Cook
http://empyrean.freesitespace.net
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Warp wrote:
>> I think under certain circumstances, truecrypt leaves stuff around in
>> the /tmp folder.
>
> It shouldn't leave anything if it works as advertised.
The programs you use to look at the files, however, might leave stuff in
the swap partition or in tmp files. Always a problem.
--
Darren New / San Diego, CA, USA (PST)
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Darren New <dne### [at] sanrrcom> wrote:
> Warp wrote:
> >> I think under certain circumstances, truecrypt leaves stuff around in
> >> the /tmp folder.
> >
> > It shouldn't leave anything if it works as advertised.
> The programs you use to look at the files, however, might leave stuff in
> the swap partition or in tmp files. Always a problem.
Of course there's little TrueCrypt can do about that. If you don't want
to leave any trace of what kind of files you have there, you have to be
careful about how you use them.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Tim Cook <z99### [at] gmailcom> wrote:
> "Warp" <war### [at] tagpovrayorg> wrote in message
> news:48f37469@news.povray.org...
> > Still doesn't prove that you have encrypted files. You could simply say
> > that you installed it a long time ago just to see how it works, or
> > whatever.
> Ah, see, that'd be lying.
I think that even from a moral point of view honesty does not require
you to divulge everything you do just because you are asked. There is this
thing called privacy, and people are entitled to it. What you want to hide
might not be anything illegal, but it can still be embarrassing, and nobody
should be forced to divulge anything they don't want to, not from a legal
nor from a moral point of view.
Sure, sometimes the right to privacy may be abused to hide illegal material
(eg. child porn or terrorist plans), but I still don't think that privacy
should be lifted from everybody simply because a few individuals abuse it
to hide illegal material. Nobody should be forced to reveal encryption keys
simply because they *might* be hiding something illegal. That's a very
dangerous road which we don't want to follow.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Warp" <war### [at] tagpovrayorg> wrote in message
news:48f37469@news.povray.org...
> AFAIK TrueCrypt puts random garbage at every free block for the precise
> reason that it's impossible to tell whether it's just that, random
garbage,
> or a hidden partition.
TrueCrypt sounds exactly like the type of program FBI would write and
release, without disclosing the backdoor, of course.
Also, if the investigators fill with true random bits the sections that you
have encrypted, before turning it over, can you sue them for lost data?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
somebody <x### [at] ycom> wrote:
> TrueCrypt sounds exactly like the type of program FBI would write and
> release, without disclosing the backdoor, of course.
Except that TrueCrypt is open source. That more or less ensures that it
doesn't do anything behind the scenes.
> Also, if the investigators fill with true random bits the sections that you
> have encrypted, before turning it over, can you sue them for lost data?
But then, how do they know that they are overwriting encrypted data?
They have no way of proving that a certain file is actually encrypted
rather than containing some data used by some program.
They might as well destroy all your files. Do they perform such a
vandalism?
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Sun, 12 Oct 2008 21:53:54 -0700, Darren New wrote:
> I'm pretty sure you're not
> required to give them the password to it.
I seem to recall reading recently that there has been a challenge in the
US about the 5th amendment right to not self-incriminate and how it
applies to not being required to turn over passwords. I don't think
there's a legal precedent for it right now, but it makes sense to me (as
a non-lawyer) that that right to not incriminate oneself would extend to
not providing a password to data that might be used to incriminate you.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
