-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robert J. Hansen escribió: ... >> An interrogator as described in this thread is a movie plot threat. In >> reality, nobody is going to torture you for your key... > > The point is not about torture. The point is about interrogation. > > Imagine this scenario: you've been sending innocuous encrypted traffic > to a correspondent. Unknown to you, your correspondent is involved in > drug trafficking. You're arrested on suspicion of drug trafficking and > brought to speak with the prosecutor. You happily decrypt your > innocuous emails. The prosecutor now asks to see the contents of your > TrueCrypt container. You comply, since there's nothing illegal in there > -- just your tax records (which the prosecutor already has anyway). > > The prosecutor tells you to produce the contents of the hidden > container. "But I don't have an encrypted container!" Prove it. "I > can't!" Then I guess we have no choice but to keep our investigation on
That scenario is very scary, indeed... At first I thought the "innocent unless proven guilty" should protect us, that is, it is not our "job" to prove we don't have a hidden volume, but it's the prosecutor job to prove we have it. But it's right, in an attempt to prove there is a hidden volume, the prosecutor can make our lives miserable. By the way, do you know if it is possible to have more than one hidden volume inside a single container? I searched the documentation but couldn't find anything about that. _If only one_ hidden volume can be created, then the solution would be to actually create one, and leave it empty. If the prosecutor ask for it, you can show you don't have any hidden information there. Of course, doing that, you no longer have plausibly deniability. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJMSUYtAAoJEMV4f6PvczxAvOsH/jyUUpK6UN/KytOqsAROcyir 8XXTTfRmJS3LQDLqd9X5JyT5F8uYlXlX4LO2JbGKCWhf38bNYjCP3oEEqSJ8XW70 ziL4h9i8Z0H6c1+2lo1zjTV8CneTf3vhtPHmLuql8IRRYgPKaC/vAYz3lM48IRur OelGrqy+K5/h/vahg1H3I0792iR5T7v5uFpzxpo9xW0FqHVGZ/IDaPgb5WWMcsdh MAMgik9iT0+Cba6Mbdkk5IaBZtLydjFQnFfjxMMx//9toVq5/JOQ8g8A+nRXuSUj nrZ3uK2dCcMeJPIDvOofXRon1fmylnic5+WGS3Ni8vHV/K1lNUhp9S4EIiKi5B8= =H/I4 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
