From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8RtcH9mF3m8u for ; Wed, 15 Jan 2014 13:59:34 +0100 (CET) Received: from awesome.dsw2k3.info (unknown [IPv6:2a01:198:661:1f::3]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Wed, 15 Jan 2014 13:59:34 +0100 (CET) Received: from localhost (localhost.localdomain [127.0.0.1]) by awesome.dsw2k3.info (Postfix) with ESMTP id 73415C4925 for ; Wed, 15 Jan 2014 13:53:33 +0100 (CET) Received: from awesome.dsw2k3.info ([127.0.0.1]) by localhost (awesome.dsw2k3.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ay3Sko9mLH5c for ; Wed, 15 Jan 2014 13:53:32 +0100 (CET) Received: from citd.de (p579BC76B.dip0.t-ipconnect.de [87.155.199.107]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by awesome.dsw2k3.info (Postfix) with ESMTPSA for ; Wed, 15 Jan 2014 13:53:32 +0100 (CET) Date: Wed, 15 Jan 2014 13:59:29 +0100 From: Matthias Schniedermeyer Message-ID: <20140115125929.GA12852@citd.de> References: <638F1A81-8F17-4E18-8993-7F848EA84F08@offensive-security.com> <20140114043042.GA15870@tansi.org> <092388B7-8015-479A-89CA-C1D5E3C8F9A6@offensive-security.com> <20140114073956.GA19051@tansi.org> <52D5BD64.7040103@freesources.org> <20140115060140.GA30364@tansi.org> <5c4164f8d1df3395a7a5a3136e19f684@imap.steindlberger.de> <20140115113944.GA7903@citd.de> <20140115124024.GA1918@tansi.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140115124024.GA1918@tansi.org> Subject: Re: [dm-crypt] Re2: nuke password to delete luks header List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 15.01.2014 13:40, Arno Wagner wrote: > On Wed, Jan 15, 2014 at 12:39:44 CET, Matthias Schniedermeyer wrote: > > Or for the Truecypt example: > > Try to prove that you don't have a hidden volume. It's a documented > > feature of Truecypt, so a LEO just assumes that you use it, regardless > > of you actually using one or not. > > My advice here is to have a hidden volume and to immediately admit > it and open it for them. You can even explain that having one with > harmless data is the only way to prove you do not have one with > illicit data in it. I don't think that proves anything. At least in theory it should be possible to have several hidden volumes. Or have stacked hidden volumes. (Due to lack of knowledge i don't actually know if Truecrypt (by itself) actually supports such a thing.) -- Matthias