-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2014.01.31 11.31, Amin Sabeti wrote: > In the Iran case, I think using TrueCrypt would be better because > hiding files is more important than destroying it. For instance, it > would be not practical to destroy files when the authorities > confiscate your laptop.
Be aware that even if Truecrypt gets everything right (something the forthcoming audit will hopefully reveal), the list of requirements for using deniable volumes correctly in a manner that does not reveal their existence is quite long, even just look at what's present in their documentation. If you're going to rely on this for opsec, please carefully evaluate whether you are up to dealing with this level of effort. An incompletely hidden volume that shows clear intent may raise more flags than a simple encrypted volume. Likewise, if you're using tools that support data "deniability" features and believe you may be questioned, please evaluate carefully what you'll do if accused of having hidden a non-existent hidden volume. Developers of such tools, consider carefully whether by adding features like this you're actually improving security outcomes for your users; consider talking to them about it, maybe. E. - -- Ideas are my favorite toys. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iF4EAREIAAYFAlLrkN4ACgkQQwkE2RkM0wrRPAD9GvR+jLaFhResDvsW/ZziLw0W vz6BuDgRR3nK3olL81MA/iwfQ4TGPV9HxdJKWFy9AtEE7eFZjTnEgvabkzJzG9mq =easI -----END PGP SIGNATURE----- -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
