Why use this instead of Veracrypt?
I didn’t even know this was a thing!
Veracrypt has something like this too! You can create a hidden volume with a separate password, so you can put some benign files in the main volume and hide your actual stuff in a second one with an alternate password.
I have a photo encrypter on my phone with this feature, LockMyPix. You can establish two vaults with their own passwords, or set up features like putting the password in backwards to go to a fake vault etc.
IMO, deniable
somethingencryption is just not practical in real life. Authorites can make you life real hard, or just throw you straight into jail, just by suspecting you have encrypted materials.That is the point. They cannot find it. Yes they can try to force it out of you but then they would need to know it is there.
When you get searched for drugs and they do not find any, what does lea do?
The point is they don’t have to proof if a piece of random data is indeed an encrypted blob.
Imagine you passing border security and got selected for search. They found a piece of data on your device with high entropy without known headers in the wrong place. You can claim you know nothing about it, yet they can speculate the heck out of you. In more civil nations, you might got on to a watch list. In a more authoritive nations, they can just detain you.
They don’t have to prove you hiding something. The mere fact of you have that piece of high entroy data is a clue to them, and they have the power to make your life hard. Oh you said you deny them for a search? First congrats you still have a choice, and secondly that’s also a clue to them.
For more info, read cryptsetup FAQ section 5.2 paragraph 3, 5.18, and 5.21. It is written by Milan Brož who is way more experienced than me on this matter.
The point is they don’t have to proof if a piece of random data is indeed an encrypted blob.
But they do need to suspect it.
If they find an encrypted blob, ask for the decryption key, they decrypt the data and analyse the decrypted data, then they may not suspect that a different decryption key will reveal a different set of data.
I think you overvalue the skillset of border security. This may seem trivial to you but it’s uncommon to hire people trained to this level of competence and put them at every point of entry. A decent cybersecurity investigator needs a big salary.
That would probably happen if you were already a suspect of something or a high profile person and they moved in resources for you. No way border security is randomly sweeping for headers and entropy, they basically just look at it with the explorer and clone it, possibly using some software to scan for known security vulnerabilities to access encrypted parts. That would be a court ordered search or a high profile crime investigation, or maybe a really really unlucky day where the expert was already there for another reason, but the rest i agree.
If your threat model makes you a high profile person, then smuggling data in hidden containers is definitely not the best solution. A non associated personal cloud server is best.
Is it really though? I would assume there would be automated systems that can do 80% of the job. It can be as simple as a USB key holding a portable executable that can run and connect to a remote system and report back the findings which the officer can just read the report in plain English. Training, of course, is expensive and rarely do so, but automation can get somewhere close relatively inexpensive.
Even if such a thing existed, which given the analysis parameters makes it far too complex for automation (like for instance, how would such a software distinguish between old deleted data still residing in empty space and a vault file hidden in empty space without a follow up analysis of the data itself. It would probably alert the user for something, but the amount of false positives would probably lead an untrained user to ignore the alerts eventually) i would guess it doesn’t, but if it did, it would have to process petabytes every day, from all over the country and the system would have to be maintained, which going by government record of informatics systems, doesn’t seem likely that it would be readily available for everyone that gets stopped at a border stop consistently. It’s like an anti virus search, with all the false positives it comes up with, but 100 times slower, plus the transmission of the entire disk clone file, plus the cloning process itself.
Moreover the cost of maintaining such a system when 95%+ of the population doesn’t have the know how to use complex data obfuscation measures and LEO rarely obtains information out of these cursory searches for arrests. On published news articles LEO always ends up using snitches, google searches or usage of the TOR network in a given area to catch criminals. Data forensics only come into play later on. Presumably, dollar for dollar, they would probably invest in what works best instead of casting such a wide net.
In sum, I’m not cleared to know such information, but i am guessing such a thing, while technologically possible, seems economically unfeasible and liable to be used only in specific cases. If i had a border security budget, i would certainly not invest in a mega server to swift through every bit of empty and occupied space of all the randomly selected people for a search that come in through the ports of entry. However i could be wrong.
The most relevant part is 5.18 and it only talks about partitions not files. A file can be way more easily hidden in a partition then a partition.
It is simply no hope aginst an automated scanner. No one search for files manually today.
You cannot differentiate between random data or encrypted data, when it is done right. That is one of the reasons why you should initialize an encrypted drive with random data beforehand
That scanner is simply looking for high entropy data, and then report to its operator. It wouldn’t care if it is a drive or a volume or a file. If the entropy is high, flag it.
All random data have high entropy, same for encrypted data. The officer can see you have high entropy data then start throwing questions at you.
This community need better understanding of cryptography and how it translates to real world. Deniable encryption exists and does work on paper, but only on paper.
All random data have high entropy, same for encrypted data.
That is exactly what i said.
If random or deleted or fragmented or corrupted files will lead to me being questioned, then every data carrier will lead to a lotof questions.
Sure but knowing nothing much of encryption. If they put you away for non-compliance and suspicion its probably less than what they could put you away for if they actually found the <whatever it is> file.
Like. I can cut the bags of coke and empty it into the ocean. They probably knew I had it, but not how much.
Except they know about deniability
They know it exist as a concept. They can’t prove that the specific decrypted message contains a super-secret encrypted message as well.
The don’t need to. They can just beat it out of you. In the kind of places where they can force you to hand over passwords it doesn’t matter.
Beat what out of you? You already gave them a password that decrypts a specific file/volume/etc. If they want to beat you, they will beat you regardless of your possession of any encrypted materials.
I get what you mean, I think in a realistic scenario this only work to circumvent some laws. if you are tortured by someone who know about this and don’t care about your life, then it’s meaningless.
-
they will know you have such program on your computer
-
it is capable of deniable encryption
-
most people use it for this exact reason
-
the file size of the container will not match the size of the contents of your ‘safe’ volume
I think a reasonable person/court/judge/police/etc. would conclude that you are most likely still hiding something given all that.
I guess having a thick provisioned VM image on your laptop means that you are hiding something. Again if the evil government you are trying to hide something from doesn’t need reasonableness as a reason to detain you, then who cares? No matter what you do you are rolling the dice every time you interact with them.
Which is of course similar to the US today, so if I needed to hide something from them I’d make sure that once i’m legally compelled to give my password they at the very least wouldn’t have what they are looking for, since there is no way I could prove I didn’t have it anyway.
-
That’s why the second partition ( I’m case when you have 2 truly hidden and for the plausibility denial one ) should have some incriminating data as well like porn with lesser fines. It shouldn’t be blank slate windows. I mean it should be believable to be “hidden” partition
You don’t so it to protect you. You do it to protect others. Your encrypted content could be a list of sources for a journalist. Or email correspondents.
I can’t help wondering what is up with all those people fighting in comments about encryption. You make the point time and again that having encrypted media is somehow suspicious. I see where you are coming from.
- There are cases where people have gotten in trouble for using TOR/Signal, because it was presented to the court that “this is what criminals use”.
- There are those Wall Street companies that got in trouble for using encrypted messengers with trading partners.
We know about these, because it makes headlines when it happens.
Yet, there are people here, in any similar discussion, not just this one, that keep telling us that encryption is useless because authorities can more easily break your bones than brute force your private key, and you are going to be in trouble just for having encrypted media.
Is that so? Remember the fuss when federal regulators wanted Apple to install backdoors to encrypted i-Phones? Why so? No no, bear with me, if you people are correct, then every person with an encrypted i-Phone should be in a watchlist? What about all these Linux laptops all with LUKS on the main hard drive, flying around?
How come we don’t hear about those people being prosecuted and brutalized every other day in all of these alternative media we are following?
Regarding encryption, I have a right to my fucking privacy and if you want to know what is in my hard drive, then you are the weird one. Now let’s discuss criminal prosecution. If the authorities have something on you and they need whatever is in your encrypted drive to convict you, then they do not have anything on you unless they break the encryption. The more people practicing encryption the less fruitful their efforts will be. Your argument amounts to little more than the very authorities slogan “if you don’t have something to hide”. More people using encryption should make it sink that not only people with something to hide will use encryption, and indeed, all these everyday, non-criminal people are already using Encryption in i-Phones and Linux without having their bones broken.
Yet you keep repeating this rhetoric, which seems to have no other purpose than deter people from using encryption.
Now let’s discuss brutality. If you live in a police state that can kidnap you and rough you up to forgo your protected right to privacy, then you don’t have a problem with encryption, but a huge political problem. In that case encryption won’t liberate you, but at the same time you have much bigger problems, and an entirely different threat model.
So the only thing you people could, in good faith, add to the discussion is “If you live in a police state, don’t rely solely on encryption, and update your threat model”. The other things you keep going on and on about are essentially a rebranded “if you don’t have something to hide” and they only seem designed to discourage people from adopting encryption altogether, and the fact you don’t let go can only mean one fucking thing.
Please add a screenshot to the README.
I hate when open source projects don’t want to include a screenshot of what the thing actually is.
Like I had to search far and wide to find a single screenshot of GrapheneOS to make sure it wasn’t some out of date POS. (And yes they have zero pictures on their website to this day, nor any clear indication of what AOSP mainline version its built from (its currently 14)
A picture is worth a thousand words. If your README is 3000 words, add three pictures.
Hmmmm… Fractals 🤤