ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

TrueCrypt 6.0 released

<< < (4/7) > >>

mwb1100:
Spiffy encryption widgets make you look interesting enough to poke around a bit, if that turns up anything your screwed. The first two guys you talk to, won't be that (IT) bright ... But the third guy that shows up...-Stoic Joker (July 08, 2008, 06:57 PM)
--- End quote ---

While it may be true that using encryption makes you look interesting to customs (or whatever agency you're dealing with), it really shouldn't be.  I use encryption on my portable devices simply because the device could get lost or stolen and I don't want to have whoever might be on the receiving end to get access to that data (some of which isn't even mine - it belongs to my employer).  I'd hope that this would be the more usual case, but given the news stories that pop up about lost/stolen devices with sensitive data it seems that this is not true (yet).

Stoic Joker:
Spiffy encryption widgets make you look interesting enough to poke around a bit, if that turns up anything your screwed. The first two guys you talk to, won't be that (IT) bright ... But the third guy that shows up...-Stoic Joker (July 08, 2008, 06:57 PM)
--- End quote ---

While it may be true that using encryption makes you look interesting to customs (or whatever agency you're dealing with), it really shouldn't be.  I use encryption on my portable devices simply because the device could get lost or stolen and I don't want to have whoever might be on the receiving end to get access to that data (some of which isn't even mine - it belongs to my employer).  I'd hope that this would be the more usual case, but given the news stories that pop up about lost/stolen devices with sensitive data it seems that this is not true (yet).


-mwb1100 (July 08, 2008, 09:04 PM)
--- End quote ---
Sure there are proper uses for it, it just the wild-eyed peek-a-boo crap that irks me...and stashing a complete OS in a sneeky looking Uber hidden partition sounds like a 5 star way of ending up in the body cavity search express lane.

mikiem:
Interesting... And a bit ironic... The best way to secure a door is to not have a doorway. The best way to hide something is to not put it where someone will, or can easily look. The fact that Truecrypt exists, creates the need to look for it. Then again, most of the world still operates on a combination of naivete & the pragmatic acceptance that locks only keep an honest person honest.

IMHO since if you were trying to get something in or out of a country without prying eyes seeing it, common sense would suggest the very last place to put it would be on a laptop. ;D 1st off I'd imagine you'd transfer it online - if you wanted to be a bit more paranoid, grab a kit so-to-speak & infect your system, having it do the work... Supreme deniability.

If you wanted physical transfer, there's flash cards & mail (ordering often from Hong Kong we've never had a package checked). If you wanted to carry it, got to be thousands (if not more) places to hide flash memory cards, or even chips (from a USB device), maybe added to the board(s) on something like a camera or mp3 player -- couple of screws and you've got access... I can't imagine anyone taking your electronics apart, then matching it to an identical item, then proving you were the one who did the alteration. Or just get one of the dozens & dozens of USB memory storage products, from watches to sunglasses, & remove/mod the way the cord connects.

For everyday hard drive storage, I'd guess it would be harder to detect TC partitions on an external drive, but I'd also guess you could add an LT drive to a external case along with the obvious one - like a false bottom in a suitcase.

steeladept:
Maybe I am being a bit naive, but from what I read at their site, to have the plausible deniability you must use TrueCrypt for other things rather than the hidden partition.  Create partition containers on your laptop to prevent mishandling.  If you get tagged as interesting, give them the keys, show the partition you use encrypted so they see there is nothing mischievous there, but make sure they see you have some sort of sensitive information (Account numbers or financials for example) that you wouldn't want someone who stole your laptop to have access to.  From what I read, the hidden partition is not a true partition to the system until AFTER it is decrypted.  This means even to the POST, it is only a useless bunch of 1s & 0s (AKA white space), until you provide the correct key to recognize it as a partition THEN access it correctly.

My only issue with this is it would be far too easy to create a partition in that section and wipe any hidden partition out.  Easy solution.  If you didn't have anything to hide, then it is a non-issue. If you did, it is gone after that.  (Well maybe not, but probably).

TucknDar:
What are all of you hiding? :P

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version