That's not exactly how it works. Truecrypt functions by hiding AES encrypted data in the "unwritten" areas of a hard drive. i.e. the free space. There can be multiple volumes and each password simply unlocks a different volume. But it's not the same blocks being used to store different data. It's different blocks, different data. Truecrypt just doesn't specify to anyone that there are multiple hidden volumes or not. This gives you plausible deniability.
For instance imagine you had managed to pull a snowden. You cross customs, they inspect your laptop and notice you have truecrypt installed. They can make you cough up your password. So you give them the password for the volume that contains data that might feasibly need to be secure (such as tax records), and just don't say anything about your other hidden volume full of secret sauce recipes. If you were smart you would have 3 or 4 volumes containing various levels of sensitive info (since they will assume if you have secured tax records, you probably do have other secret volumes). So you keep the super secret stuff to yourself, and divulge a couple of passwords for data that has a reasonable need to be secure. Eventually they're going to push you hard and claim you have something else hidden and if you don't cough it up then they will keep you and your laptop until the sun burns out. Thats when you break down, admit you have a fetish and give them to password to the volume containing goatse or someother shocking (but legal) porn. Whatever you do, never, ever admit that you have actual secret sauce recipes, let alone a password to them. On Wed, Jan 22, 2014 at 2:49 AM, Dan Egli <ddavide...@gmail.com> wrote: > On January 20, 2013, Michael Torrie wrote: > > > Trucrypt is open source, and it's available on Linux. Not sure what it > > > has to to with Acronis. But anyway, currently Trucrypt is available on > > > Linux, OS X, and Windows from their website, trucrypt.org. > > > > I'll have to compare that to the article. I _THINK_, off my head, the > article used a program called Trucrpyt (notice the lack of an E in Tru[e]), > which was written by Acronis, but I could easily be getting things mixed up > in my head. I'll go back and dig through my magazines and see if I can't > find that article, then compare the program name. If you know, does > TrueCrypt (open source version) support the advanced volumes that represent > two different sets of encrypted data, based on which password was entered? > That was the feature that really struck me. I had read about that in > fictional books, but figured it was author imagination. I know that some of > the other things I've read about are, but I didn't realize you could have > two volumes each with their own password in one file/partition/whatever. > Unless (and this wasn't clear) by doing this you setup a volume that has a > tiny fraction of the total size for the first password and the second > password gives the remaining space. > > > > Now, maybe I'm wrong, but I don't think there's a way to have two separate > sets of encrypted data using the same space on the disk, decoded > differently based on password. What little I know about how encryption > works says to me that doing that would not be possible. Anyone know enough > to say I'm wrong? > > > > --- Dan > > > On Mon, Jan 20, 2014 at 9:19 PM, Michael Torrie <torr...@gmail.com> wrote: > > > On 01/20/2014 01:17 AM, Dan Egli wrote: > > > I was re-reading an issue of Maximum PC from a couple months ago and I > > got > > > to an article they gave on how to setup a protected volume using > Acronis > > > TrueCrypt. That started me thinking of similar utilities on Linux. I > know > > > there's eCryptFS. What other packages are you aware of that would allow > > one > > > to create an encrypted file system? And do any of them have that > advanced > > > feature that TrueCrypt has where you can create a volume with two > > > passwords, and one password opens one set of files, while the other > opens > > > another set of files? The thing I really liked and thought it was cool > > was > > > that if you did use one of the advanced volumes, there was no way to > see > > > (short of digging heavily into the program logic as it examines the > > volume) > > > that it was actually one of those advanced volumes and therefore would > > have > > > a separate password. This seemed like such a cool feature, that I just > > > can't see it or something similar not being available in some > Linux/Open > > > Source package. > > > > > > Does anyone know? I'm dying of curiosity! :) > > > > Truecrypt is open source, and it's available on Linux. Not sure what it > > has to do with Acronis. But anyway, currently Truecrypt is available on > > Linux, OS X, and Windows from their website, truecrypt.org. > > > > eCryptFS was originally authored by one of our own plug alumni, Michael > > Halcrow. Just FYI. > > > > In Linux there's a system called dm-crypt which can do whole-disk > > encryption using a variety of means, most often (on Android in > > particular) using LUKS for the disk format and any number of actual > > crytographic algorithms. > > > > /* > > PLUG: http://plug.org, #utah on irc.freenode.net > > Unsubscribe: http://plug.org/mailman/options/plug > > Don't fear the penguin. > > */ > > > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
