[kwlug-help] OT: Re: How to encrypt home folder after installation?

Chris Irwin chris at chrisirwin.ca
Sun Jun 13 20:55:41 EDT 2010


On Sun, 2010-06-13 at 15:23 -0400, unsolicited wrote:
> Chris Irwin wrote, On 06/13/2010 12:29 PM:
> > You are correct, they are not the same, correct. Truecrypt is capable of
> > offering plausible deniability, while ecryptfs is not. 
> 
> OK ... I have to ask ...
> 
> What caused you to acquire this knowledge of plausible deniability.

I just go with what I read on the truecrypt site back when I was
researching it.

> http://www.truecrypt.org/docs/?s=plausible-deniability


> Or is it, merely, that you _might_ be able to plausibly deny that you 
> are, or were ever, there at all? But only if you stand in the correct 
> corner? How does one test the efficacy of this?

Truecrypt is supposed to be undestinguishable from random bits, unless
you know the proper passphrase to unlock it. If you use dd to
write /dev/random over your disk, set up a "dummy" partition with some
decoy data on it, then use the end of that partition as a truecrypt
container with your sensitive data, it is supposed to be
indistinguishable from random garbage bits.

Simply having truecrypt installed is somewhat informative I would
imagine. The truely paranoid could nest multiple hidden truecrypt
partitions, each with it's own passphrase. At that point, one would
never know when you were at the last one.

-- 
Chris Irwin <chris at chrisirwin.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-help_kwlug.org/attachments/20100613/54882b54/attachment.bin>


More information about the kwlug-help mailing list