Merely providing a plausibly unused filesystem is not enough. You have to think about information leaking out of the use of the plausibly deniable data, thus making it no longer deniable.
For example, using sudo with a command that takes filenames on the deniable filesystem will result in syslog entries - on the *main* volume. Swap space is another possible leak vector. The key is that you really have to compartmentalize the data, and due to the complexity of a full-blown OS, I think that means you need separate OS instances. For example, consider an outer shell that's not much more than a virtualization layer, with no swap space or (persistent) logging. Within that, you'd have one "main" guest OS instance and any number of deniable ones. This can be done truecrypt-style or in the ubiquitous 1%-free LUKS style outlined by the original poster. Seems overkill for a quasi-default install though. I'm not too familiar with grub, is it possible to synthesize a boot entry in its command line and have it boot off "free space" or an "empty" partition? -- General "rubberhose" vulnerability https://bugs.launchpad.net/bugs/148440 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
