TrueCrypt is on-the-fly encryption for Windows/Mac hard drives and files. One of its cute features is the ability to create a false volume that will pop up if you use a different password than that of your real encrypted data. The documentation says:
It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, when the adversary uses violence). Using a so-called hidden volume allows you to solve such situations in a diplomatic manner without revealing the password to your volume.
Very cloak and dagger, spy vs. spy, isn't it? Brings to mind images of James Bond being tortured to reveal the password to his laptop. How far can we take this? Does the hidden volume reveal the passwords to yet other machines hidden volumes? Do those hidden volumes in turn contain secret plans for devices that will backfire on the usurpers? Ahh, the intrigue of espionage, thrust, counter-thrust, a web of deception.. coming soon to a theatre near you!
To disguise your secrets even more, you can create a "traveler disk" (a CD or USB stick) that contains the TrueCrypt application so that it isn't even installed on the actual machine where encrypted data is kept. The docs say that "TrueCrypt volumes cannot be distinguished from random data", so I presume you'd also want to scatter some random data about.. not that most of us don't have enough of that already. TrueCrypt fills unused volume space with random bytes also.
What's the encryption method? Just about anything, apparently; AES, Blowfish, Triple DES and various combinations where blocks are encrypted cascade style with two or three different encryption methods.
Many of us have no need for such secrecy and protection, though some folks just seem to want to encrypt on general principle: it's my private business, and therefore I encrypt it. While I don't do that myself, I do understand the philosophy behind it.
If you found something useful today, please consider a small donation.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2011-03-08 Tony Lawrence
I just had to take the hypertext idea and connect it to the TCP and DNS ideas and — ta-da!— the World Wide Web. ((Tim Berners-Lee)