From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <j2tracey@gmail.com>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id lvu2r_sMowbu for <dm-crypt@saout.de>;
 Tue,  2 Jul 2013 11:45:41 +0200 (CEST)
Received: from mail-pd0-x234.google.com (mail-pd0-x234.google.com
 [IPv6:2607:f8b0:400e:c02::234])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Tue,  2 Jul 2013 11:45:40 +0200 (CEST)
Received: by mail-pd0-f180.google.com with SMTP id 10so3406405pdi.25
 for <dm-crypt@saout.de>; Tue, 02 Jul 2013 02:45:38 -0700 (PDT)
Received: from [192.168.2.11] (c-50-156-44-154.hsd1.ca.comcast.net.
 [50.156.44.154])
 by mx.google.com with ESMTPSA id xz1sm28547563pab.5.2013.07.02.02.45.36
 for <dm-crypt@saout.de>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Tue, 02 Jul 2013 02:45:37 -0700 (PDT)
Message-ID: <51D2A140.9050100@gmail.com>
Date: Tue, 02 Jul 2013 02:45:36 -0700
From: Justin Tracey <j2tracey@gmail.com>
MIME-Version: 1.0
References: <51D15B0F.6080201@web.de> <51D1D5AF.9060502@gmail.com>
 <20130702010538.GA18826@tansi.org> <20130702012556.GB18826@tansi.org>
In-Reply-To: <20130702012556.GB18826@tansi.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Tcrypt hidden volume
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On 07/01/2013 06:25 PM, Arno Wagner wrote:
> I just saw that there is a way in TrueCrypt to protect
> the hiden volume:
> http://www.truecrypt.org/docs/hidden-volume-protection
>
> Not that this is really better, as it will leave filesystem
> annomalies and possible error messages that indicate the
> presence of a hidden volume. The TrueCrypt documentation
> claims as they make both volumes read-only immediately
> after a write that would have damaged the hidden volume,
> they preserve plausible deniability. I seriously doubt
> the validity of that. Looks more like their will
> be truncated files and metadata that indicates a
> setting to read-only. If, for example, the disk this is
> on has no CRC or other errors in its SMART log, then
> a device suddenly set read-only is not plausible.
>
> Added a warning about this as well in the man-page.
>
> Arno
Maybe this is a bit nit-picky, but as is I think the man entry goes too 
into too much detail as to why and doesn't make clear enough as to what 
is going to happen. IMO, it should just clearly state something to the 
effect of "There is no protection of hidden volumes. If you mount a 
TrueCrypt outer volume and write to it, expect data in the hidden volume 
to be lost." and maybe a brief blurb about how the secrecy of hidden 
volumes is questionable. The rest of the information can go into the FAQ 
or somewhere.

  - Justin