Silk Road forums
Discussion => Security => Topic started by: Railgun on May 14, 2013, 01:25 pm
-
What say you security experts on hidden volumes in which the real TOR bundles are located /mainly aimed at linux users.
-
They're great.
I use windows personally.
I have encrypted my hard drive with a 3 pass AES algorythm. This type of hard drive encryption does not offer a hidden volume.
I also disabled password prompt on computer power-on. So it looks like this:
You turn on my computer, and the normal BIOS and settings bullshit screen appears as usual, but it freezes there without showing absolutely anything. It appears as if the computer is broken/frozen.
I must type the correct password and press enter, only then the hard disk will boot up. The password isn't shown as I type it, not even asterisks'. So I have no idea if I'm typing anything or not. This is great. If LE seize your PC, you can just say you had a virus and your hard drive is fucked up or something and you don't know anything you're stupid haha :)
Also, that's just for my hard drive, and I don't keep much stuff on there. I have an encrypted flashdrive with SERPENT-TWOFISH-AES working in cascade mode. This one has a normal volume which shows the full size of the flashdrive (8gb). So if LE somehow extorts you into giving them the flashdrive password you can just give them your "fake" password and it will open the flashdrive and they will see it's full size 8GB and some random stupid files you put in there: I suggest you put some porn movies just so it's a bit justified. "Yeah mister police officer, I encrypted my flashdrive because I didn't want my girlfriend/mother/dog/cat/pet raccoon/neighbour/church pastor/teacher/boyfriend/satan to see that I have BDSM/kinky/fetish/hardcore porn movies." - sounds legit no?
Then, you have the option of creating a hidden encrypted volume which resides within the normal volume. This encrypted volume will be accessed by another password (the real password so we'll call it). This encrypted volume will have a smaller size than the original 8GB drive and you can place all your illegal stuff there: stolen credit cards, SR info, bank accounts, drug journals, places you robbed, people you want to murder, names of serial killers, places where you've hidden your guns etc.
Basically, the idea is. Even if LE finds out that you have an encrypted flashdrive and extort you into giving them your password, they can not prove that you also have a hidden volume on that flashdrive. DENY EVERYTHING.
So that's kind of about it. A must-have tool for people doing illegal activities of any kind. Helps you sleep better at night.
Stay safe!
-
They're great.
I use windows personally.
I have encrypted my hard drive with a 3 pass AES algorythm. This type of hard drive encryption does not offer a hidden volume.
I also disabled password prompt on computer power-on. So it looks like this:
You turn on my computer, and the normal BIOS and settings bullshit screen appears as usual, but it freezes there without showing absolutely anything. It appears as if the computer is broken/frozen.
I must type the correct password and press enter, only then the hard disk will boot up. The password isn't shown as I type it, not even asterisks'. So I have no idea if I'm typing anything or not. This is great. If LE seize your PC, you can just say you had a virus and your hard drive is fucked up or something and you don't know anything you're stupid haha :)
Also, that's just for my hard drive, and I don't keep much stuff on there. I have an encrypted flashdrive with SERPENT-TWOFISH-AES working in cascade mode. This one has a normal volume which shows the full size of the flashdrive (8gb). So if LE somehow extorts you into giving them the flashdrive password you can just give them your "fake" password and it will open the flashdrive and they will see it's full size 8GB and some random stupid files you put in there: I suggest you put some porn movies just so it's a bit justified. "Yeah mister police officer, I encrypted my flashdrive because I didn't want my girlfriend/mother/dog/cat/pet raccoon/neighbour/church pastor/teacher/boyfriend/satan to see that I have BDSM/kinky/fetish/hardcore porn movies." - sounds legit no?
Then, you have the option of creating a hidden encrypted volume which resides within the normal volume. This encrypted volume will be accessed by another password (the real password so we'll call it). This encrypted volume will have a smaller size than the original 8GB drive and you can place all your illegal stuff there: stolen credit cards, SR info, bank accounts, drug journals, places you robbed, people you want to murder, names of serial killers, places where you've hidden your guns etc.
Basically, the idea is. Even if LE finds out that you have an encrypted flashdrive and extort you into giving them your password, they can not prove that you also have a hidden volume on that flashdrive. DENY EVERYTHING.
So that's kind of about it. A must-have tool for people doing illegal activities of any kind. Helps you sleep better at night.
Stay safe!
That sounds epic; I think the Windows truecrypt is the only one that offers the OS encryption thingy >:(. I wish they'd get that for the linux distros. Computer off = it's dead, sorry, I fucked up my HD. Even if they see you were just online, there's nothing saying you didn't fuck up your comp. They might wonder why they can't find any of your files, but there's nothing against using encryption. As long as something isn't there marking the drive, it's pretty much a no go.
I agree; I think everyone should use the software.
-
thanks for the useful info
-
That sounds epic; I think the Windows truecrypt is the only one that offers the OS encryption thingy >:(. I wish they'd get that for the linux distros.
Here's the technical reason why hidden volumes don't exist for LUKS/dm-crypt:
https://code.google.com/p/cryptsetup/issues/detail?id=7
But here are the philosophical reasons why many people don't think it's a good idea, straight from a Tails developer.
https://tails.boum.org/forum/Plausible_deniability_of_encrypted_storage/
===============
Regardless of TrueCrypt's "less than open nature" and other issues there might be very real security reasons to not include it exactly because it supports plausible deniable encryption. Below I will detail some thought I've been entertaining for the last couple of years that I feel are ripe for venting now:
While a very cool idea, simply possessing tools supporting plausible deniable encryption could be dangerous in itself if you live in an area where the "law" either practices rubber-hose "cryptanalysis" (i.e. torture), or has a key disclosure law (which includes countries like UK, France, Canada). As you know, it's precisely these practices and laws that plausible deniable encryption is intended to protect against. So, imagine that you live in such an area, get suspected or arrested for some crime, that the authorities seize you computer as a result, and that they find your TrueCrypt installation on it.
Problem 1: If a TC volume indeed is indistinguishable from random junk, then any file that looks like random junk may be considered as TC volumes by your adversaries, even those that in fact are not TC volumes or encrypted data.
Hence, even if you hand out keys and passphrases to the real TC volumes, your adversaries may demand keys and passphrases for the other random looking (but non-TC volume) files. You can truthfully deny that they are TC volumes all you want, but they will torture you, or throw you in jail. You're screwed.
As have been pointed out, it may still be possible to determine whether a file is a TC volume or not by using analyzers such as TCHunt. However, after learning TCHunt's technique I must say it looks pretty weak and simplistic, and that it very easily can produce false positives. In fact, I did a simple test:
TMPDIR=$(mktemp -d)
for X in $(seq 1 100); do
dd if=/dev/urandom of=${TMPDIR}/test.${X} bs=1b count=20000 2> /dev/null
done
echo $TMPDIR
# run TCHunt on ${TMPDIR}, i.e. the directory printed above
So, I generated 100 files of ~10 MB (but divisible by 512 bytes) of pseudo-random data generated from Linux' PRNG and then ran TCHunt on these. Every single one of them was incorrectly identified as a TC volume, so we have a 100% false positive rate. There may be better commercial alternatives to TCHunt, though. If not, the problem with false positives just strengthens problem 1. Personally I generate such files from time to time for various reasons, so I would be screwed.
Problem 2: Since TC supports hidden volumes, even if you disclose all your keys and passphrases to your adversaries they may insist that you have hidden volumes when you in fact don't.
This could for instance happen if your adversaries didn't find what they were looking for in the "normal" TC container that you supplied them keys and passphrases for. Or perhaps they found what they wanted, but the prosecutor (naturally) just wants to fuck you even more by adding a few additional years on your prison sentence for refusal of (non-existing) key disclosure. You're screwed.
The essence, or generalization, of these two problems is that plausible deniable encryption gives your adversaries "plausible suspicion" (in lack of a better term). Since there are so few encryption tools that allow plausible deniable encryption, choosing a tool that supports it (like TC) instead of a tool which doesn't (like dm-crypt/LUKS) may give them strong reasons to believe that you are indeed using that specific feature, and thus that you're not cooperating with them even when you really are cooperating as much as you can.
For the above reasons it seems like plausible deniable encryption will only work as intended if either one of the following statements are true:
1. You live in a sane country with no practice of rubber-hose cryptanalysis/torture, and no key disclosure laws. (Note that if you do, you really don't need plausible deniable encryption -- "undeniable" encryption is enough.)
2. The implementation of plausible deniable encryption you use is completely secret; it isn't public, widely used or documented anywhere. You and everyone else using it must be able to keep that secret even under torture and serious legal threats/implications.
3. You live in a future where more or less all encryption software supports plausible deniable encryption, so it's nothing out of the ordinary. (OTOH, in such a future key disclosure laws may just be upgraded to a complete ban on encryption. Who knows?)
Let's see how these statements pan out with Tails:
We distribute Tails globally, and since there are countries for which 1 isn't true, 1 wouldn't be true for all Tails users. Hence inclusion of TC (or similar tool) would make Tails potentially dangerous for those users. 2 is trivially untrue for TrueCrypt in particular, and tautologically untrue (per definition) in general for any other such encryption tool we ever would ship with Tails. And 3 is not the case (yet?) as you probably know.
That said, I'd love to have the above proven wrong as I see plausibly definable ecnryption as a very desirable feature.
-
Truecrypt provides plausible deniability. There is no way to tell that a volume contains a truecrypt header as it is indistinguishable from random data.
They don't even know if it's encrypted or not. It will just appear as unreadable random scattered bullshit data on the hardrive.
And nobody, EVER, not even the FBI, CIA etc. managed to decrypt an AES encrypted device. Not to mention devices which are encrypted with Aes+Twofish+serpent. It would take years and years to bruteforce and that is if you're lucky. This is awesome for hackers and for people using SR. Usually when LE break into your house they put a seal on the computer(s) you own and take them straight to cyber forensics where they will try and check every little file you ever installed and had on your hard drive, even the files you have deleted can still be accessed. And upon what they find on your computer, you could go to jail or stay out of it.
They will never have enough evidence to arrest you if they can't find anything on your PC (because it's encrypted) and a letter with drugs seized in the post office is obviously not enough to do anything to you. The only people that do get caught receiving drugs, are the people who sign for their drugs, the people who sell the drugs they get or the people who are stupid enough, after a few hours of extreme interogation and fear-manipulation, to come clean and admit what they did.
If you follow a bunch of simple rules, you will not get arrested. The war on drugs will not make you a victim.
So you can simply just say FUCK YOU LE.
Worst thing that can happen is you can't really use your address anymore. But hey, everyone has friends :)
http://www.ghacks.net/2011/04/11/tchunt-search-for-truecrypt-volumes/
Aww, it seems like there is a program which can see truecrypt volumes. Doesn't matter, you have no idea how that got there and ya don't know the password/forgot it oops!
-
They will never have enough evidence to arrest you if they can't find anything on your PC
That depends on where you live. The 5th Amendment (or its equivalent) doesn't exist everywhere and in many countries you can be forced to incriminate yourself. We're not talking about backwards third world countries either. As the Tails dev said above, key disclosure laws exist in the UK and France. In the UK, you can get up to 2 years for not providing a password. I'm belaboring this point, because we have a lot of Brits on this forum, so its relevant to them.
Now, if hidden volumes become popular, LE could assume everyone is using them. So if they find no incriminating evidence after you truthfully provide the password to the only encrypted volume on your computer, they could assume you're still hiding something. Plausible deniability becomes plausible suspicion, and grounds to keep you locked up (in the best case).
So you can simply just say FUCK YOU LE.
If you are protected from self incrimination and key disclosure, then you don't need a hidden volume. You can just say Fuck You LE when they ask for your password.
So hidden volumes are either dangerous or useless.
Well, that's their argument anyway. I don't really care one way or the other.
-
They will never have enough evidence to arrest you if they can't find anything on your PC
That depends on where you live. The 5th Amendment (or its equivalent) doesn't exist everywhere and in many countries you can be forced to incriminate yourself. We're not talking about backwards third world countries either. As the Tails dev said above, key disclosure laws exist in the UK and France. In the UK, you can get up to 2 years for not providing a password. I'm belaboring this point, because we have a lot of Brits on this forum, so its relevant to them.
Now, if hidden volumes become popular, LE could assume everyone is using them. So if they find no incriminating evidence after you truthfully provide the password to the only encrypted volume on your computer, they could assume you're still hiding something. Plausible deniability becomes plausible suspicion, and grounds to keep you locked up (in the best case).
So you can simply just say FUCK YOU LE.
If you are protected from self incrimination and key disclosure, then you don't need a hidden volume. You can just say Fuck You LE when they ask for your password.
So hidden volumes are either dangerous or useless.
Well, that's their argument anyway. I don't really care one way or the other.
How can I find out if these laws apply to my country? I mean, I know the logical answer is "look on the cyber laws from your country". But, I am wondering if there's a place where it enumerates countries based on their password laws :)
-
What about not showing any text in the authentication screen? Will that also give "reasonable suspicion" to LE in countries with a key disclosure law?
-
This might help:
CLEARNET
https://en.wikipedia.org/wiki/Key_disclosure_law#Legislation_by_nation
This is an interesting and pertinent issue for those that live under such oppressive laws. From what I can find while the refusal to give up encryption keys has resulted in jail time in the uk (I believe there was a ruling which stated that keys were neutral, not part of the will and entirely separate to the contents of an encrypted file so were not covered by the right to avoid self-incrimination) this was in regard to obviously encrypted files. If any one knows whether the courts have tested the idea of deniable encryption I would be very interested to know the outcome.
I will be keeping my hidden folder for the time being because (apart from anything else) I am trying my hardest to stop my files being found at all. If however things go pear-shaped and they get them I would rather have a case to argue (especially if tchunt is the pinnacle of their ability to discover TC volumes) that the police are talking out their ass and do not know an encrypted file from the /dev/urandom from a hole in the ground.
With a LUKS or other obviously encrypted file I would have no choice other than turning over the keys under the threat of prison. I can even appear to be helpful by giving them the password to the outer volume if they find the file.
Of course all the options available at this point are less than ideal so we have to make the best of it.