On Tue, Apr 28, 2009 at 7:02 PM, Kurt Buff <[email protected]> wrote: >>Of course, the private key is kept on that same >> removable media. I've got a strong passphrase, but XKCD "Security" >> applies (http://xkcd.com/538/). > > XKCD, meet Rubber Hose Deniability:
The problem is, if you deny you have anything, they'll just keep beating you until you break (one way or the other). Deniability is only useful if you can convince someone you have nothing to hide. If people are torturing you to reveal your secrets, they almost certainly have already concluded you have something of value. Like telling a mugger you don't have any money. Even if it's true, he won't believe you, and that generally ends badly for you. One can posit sacrificial assets, of course. Give up something of lesser value (wallet) but keep the higher value item (money belt). But, frankly, in the real world, they'll just bug your equipment/office to capture everything they need as you use it. Crowley's Law also applies. :-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
