[dm-crypt] Boot from fully encrypted disk which looks like unused

dhvvcb at lavabit.com dhvvcb at lavabit.com
Mon May 23 05:35:52 CEST 2011


On Mon, 23/05/2011 в 02:13 +0200, Arno Wagner wrote:
> In practice it is basically never necessary to hide encryption.
> Either it is perfectly legal for you to refuse handing over the
> keys

That is only true if you live in a civilized country. However even in GB
there is a law that requires you to hand over the key, otherwise you are
considered as a criminal. 

> or the presence of a large, random-looking partition or file
> is already enough that they can lock you up and demand the key.

That is not necessarily the case. Assume you live in a lawful country.
They should prove that a random-looking partition contains sensible
information. There is presumption of innocence. And you always may
declare that you clean the disk from private photo, for example. However
if a partition contains an indication that it is encrypted, such as luks
header, and even prompts to enter a password, they can justly demand
this password (if there is an appropriate law).

So I still think that a bit of overhead to hide encryption may
considerably increase security.




More information about the dm-crypt mailing list