Silk Road forums

Discussion => Security => Topic started by: summer on August 04, 2013, 04:42 pm

Title: Truly Deniable FDE?
Post by: summer on August 04, 2013, 04:42 pm
Is there a way to set up full-disk encryption in a way where no forensics could reveal that the disk is encrypted?
If LE finds out the drive is encrypted it's more than enough to kick the shit out of me to get the password (I don't live in the USA)

If they only find a drive that looks like it was wiped, without any bootloaders, then there will be no password to look for either.

The bootloader can be kept on a usb key, but if they find the key it will be clear it belongs to the certain drive that looks like it was wiped, isn't it?
Title: Re: Truly Deniable FDE?
Post by: OuterLimits on August 04, 2013, 05:24 pm
Use TrueCrypt's hidden volume or hidden OS feature which allows plausible deniability. It offers a two password entry to encryption.

1. Password to your "normal" OS or partition of stuff you might want encrypted like home-made porn or credit card info etc

2. A second password that goes to a different OS or partition that contains your sensitive data.
Title: Re: Truly Deniable FDE?
Post by: summer on August 04, 2013, 05:54 pm
In a presentation, a teacher who's also a forensic expert in my country wrote that with Truecrypt it can be assumed there's a hidden volume so there might be 2 passwords. And also read about a case where a kid was interrogated and was asked to reveal the other password.
Interrogation can be tough here if LE knows I'm hiding something they have a lots of legal/illegal tools to make me talk.

The best solution for me would be to have a drive that looks like it has no encryption at all.
Title: Re: Truly Deniable FDE?
Post by: Quazee on August 04, 2013, 08:14 pm
Maybe you forgot the password if someone was trying to make you give it up? People forget passwords all the time.
Ideally you should have a seprate encrypted computer for use hear and another for regular legal activies.

I don't think truecrypt is trustworthy personally
Title: Re: Truly Deniable FDE?
Post by: eleanorrobot on August 04, 2013, 08:41 pm
Maybe you forgot the password if someone was trying to make you give it up? People forget passwords all the time.
Ideally you should have a seprate encrypted computer for use hear and another for regular legal activies.

I don't think truecrypt is trustworthy personally

in the UK it's against the law to forget
Title: Re: Truly Deniable FDE?
Post by: summer on August 04, 2013, 09:12 pm
Maybe you forgot the password if someone was trying to make you give it up? People forget passwords all the time.
Ideally you should have a seprate encrypted computer for use hear and another for regular legal activies.

I don't think truecrypt is trustworthy personally

If LE has a reason to think I'm not fully cooperative they will torture and blackmail me until I give up something.
Even if there is no hidden volume so there is no password I could give up, by the time they finished my case my relatives will sit in jail, beaten up like me etc.
Title: Re: Truly Deniable FDE?
Post by: comsec on August 04, 2013, 09:57 pm
If you live in the UK use a live distro like Tails or Liberte Linux. Maxim is still alive https://twitter.com/mkdeesu and will be updating git soon to continue the Liberte Linux project. Enable Truecrypt on boot, or just download it after you start up Tails or Liberte (and verify the signature, every time).

Make a new container using Bruce Schneier and Hashcat forums password advice (and hopefully use a keyfile too) keep your PGP keys, Keepass export or other passwords, and customer orders in there and back it up via Tor to keep copies encrypted in the cloud. Now if your computer is seized there's nothing on your hard drive, or any evidence of encryption.

You could use (over Tor obviously):
- https://www.cyphertite.com/ free service to sync your encrypted container
- http://labs.bittorrent.com/experiments/sync.html for decentralized backup insurance over i2p
- an email attachment to i2p mailbox or other email
- newsgroups
- .onion dropbox if one exists
- regular dropbox
- Shamir's Secret Sharing to spread it all over the world.

You just need a very small truecrypt container to hold PGP keys and contact info/other passwords.

UK police recruit some of the best crypto engineers and analysts on earth I wouldn't gamble they won't be able to recognize a second container is being used, plus often idiots will be held in prison waiting for bail and their cellmate is an informant where they dry rat themselves all about how the cops didn't find the second container. Or maybe they are recording you and you tell your friends this, or tell them over the phone. You may have some browser history somewhere where you researched Truecrypt containers w/plausible deniability too. If they go through your ISP history for last 2 years and see a link to the Truecrypt FAQ pages and documentation how to enable hidden containers you're screwed that's all the evidence they need to claim you're using 2 passwords. Our courts are now a joke, all rights shredded by totalitarians, sort your security out appropriately.