Arnaud Ongenae wrote: > I just discover Truecrypt and there is a very interesting feature, the > hidden volume (http://www.truecrypt.org/hiddenvolume.php) it could be > good to use it for this case.
Depends on where you are and what you're doing. I am not a fan of TrueCrypt's hidden volume feature, and I think most people who are fans haven't thought things through. Let's say that you're visiting a repressive country. For obvious reasons, you want to put your personal data on a TrueCrypt drive. You get arrested at the airport because they think you're smuggling drugs in/working with the rebels/an American spy/whatever. You proceed to get the stuffing beat out of you. You're willing to divulge your secrets at this point, so you offer your TrueCrypt password. However, since you're not really an American spy/an arms dealer/whatever, the data the interrogator is expecting to find isn't there. The interrogator demands you turn over the hidden volume. You explain there isn't one. The interrogator demands you prove it. You explain that, by TrueCrypt's design, you can't. The interrogator decides to keep on beating you until you decide to turn over the (nonexistent) hidden volume. Moral of the story: there are times when you very much want to prove that you _don't_ have certain data. TrueCrypt's design makes these sorts of proofs impossible. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
