From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from karen.lavabit.com (karen.lavabit.com [72.249.41.33]) by mail.saout.de (Postfix) with ESMTP for ; Mon, 23 May 2011 05:28:21 +0200 (CEST) From: dhvvcb@lavabit.com In-Reply-To: <20110523001308.GB1338@tansi.org> References: <1306079582.2173.6.camel@localhost> <20110523001308.GB1338@tansi.org> Content-Type: text/plain; charset="utf-8" Date: Mon, 23 May 2011 09:35:52 +0600 Message-Id: <1306121752.2138.43.camel@localhost> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [dm-crypt] Boot from fully encrypted disk which looks like unused List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Arno Wagner Cc: dm-crypt@saout.de On Mon, 23/05/2011 в 02:13 +0200, Arno Wagner wrote: > In practice it is basically never necessary to hide encryption. > Either it is perfectly legal for you to refuse handing over the > keys That is only true if you live in a civilized country. However even in GB there is a law that requires you to hand over the key, otherwise you are considered as a criminal. > or the presence of a large, random-looking partition or file > is already enough that they can lock you up and demand the key. That is not necessarily the case. Assume you live in a lawful country. They should prove that a random-looking partition contains sensible information. There is presumption of innocence. And you always may declare that you clean the disk from private photo, for example. However if a partition contains an indication that it is encrypted, such as luks header, and even prompts to enter a password, they can justly demand this password (if there is an appropriate law). So I still think that a bit of overhead to hide encryption may considerably increase security.