What do we mean when we say rubber hose? We mean torture or indefinite imprisonment (same thing in my book). Here’s a link to read more.
The latest Trump era mandate… requiring passwords to devices and accounts as part of the extreme vetting procedures is wrong. Human beings should have basic rights to privacy, digital and otherwise. The current argument as it stands, is that well implemented encryption makes our society as a whole more dangerous. Thankfully we can resist this ridiculous notion with some relatively easy to use tools.
“Modern deniable encryption techniques exploit the fact that without the key, it is infeasible to distinguish between cipher-text from block ciphers and data generated by a cryptographically secure pseudorandom number generator (the cipher’s pseudorandom permutation properties)”
This quote describes technically how plausible deniability works in cryptography. The idea is to encrypt your data or your entire computer in such a way that its data is indistinguishable from random bits. In other words it would be mathematically impossible to prove there “was” anything encrypted there in the first place. Now this alone might not stop the government or whatever entity your worried about from torturing or holding you until you decrypt the data. Thats why its good to implement two passwords; one for the real data, and one for the decoy data… If your curious whether this kind of thing has any precedent in the United States… read this. No one should have any love for this cop. It sounds like he’s probably guilty. This however sets an incredibly dangerous example, because he hasn’t been charged with a crime. If the law is insufficient we need to rewrite it, not subvert basic human rights in the process. This is what the EFF had to say:
“Compelled decryption is inherently testimonial because it compels a suspect to use the contents of their mind to translate unintelligible evidence into a form that can be used against them. The Fifth Amendment provides an absolute privilege against such self-incriminating compelled decryption.”
Ok so with that in mind… I think we need tools to protect ourselves from a government that picks and chooses when they want to protect our right to a fair trial. One of the easiest tools i’ve used to create a plausibly deniable encrypted drive is VeraCrypt.
This software is the successor to the famous but curiously discontinued TrueCrypt. Recently VeraCrypt went through a public audit which is always good for any security related software allowing them to address some vulnerabilities. VeraCrypt also has a warrant canary. This is on my must have list for any crypto or privacy oriented organization. Check the latest post here.
For more information about how VeraCrypt works check out the documentation, which can give you detailed instructions and explain how everything works.