Encryptage cd dvd et autres, pour nuire aux autoritées.

L'article référé par digg au sujet de l'encryptage de disques et médias tel que cd et dvd est intéressant mais pas autant que les commentaires.

En bref, les commentaires résument à quel point cette solution peut-être simple à mettre en place et que même si vous donnez la clef de décryptage aux autoritées, ça ne fera que les poussés à tout bousiller... Autrement dit, je vais l'essayer bientôt pour protéger l'accès à ces trop compromettantes copies d'articles au sujet de pirates et de ninjas.


Premier commentaire:

If you use trucrypt, it will be easily accessible in both Windows and Linux.

But the best part is that when they do show up, you resist giving your password, you claim that your right to privacy is being invaded, and when they really threaten... you give them the password. And it opens the volume completely. Showing them your collection of GI JOE pictures and FanFiction, with very misleading file access dates (shows that you haven't accessed/changed those volumes in a long time, regardless of when you last did).

Several layers of plausible deniability: priceless.

Second commentaire:

You've never used TrueCrypt?

"Couldn't they simply ask you to give them your passwords ? "

You give them THEE password that opens the WHOLE volume.

There is no way to detect that the rest of the volume is empty or contains any other data. It is all garbage... unless you access the volume with a different key (the real key) in which case it opens the inner volume. Double 486-bit blowfish encryption, with several layers of plausible deniablility.

1. You gave the only password to the whole volume (it opens the full size, and is fully readable, and writable... and if the write anything into it, it writes over your secure data as if it were empty space... destroying the secure data. TrueCrypt will make no attempt to distinguish or protect your inner data when access with the outer key. In fact, there is *no* way for TrueCrypt to even know there is an inner volume, other than supplying it with both keys. Sound complicated? Sound hard? It isn't. It is the easiest and friendliest encryption program available.

2. Timestamps (modified, accessed, etc) preserved. So if you write data into your secure file - it never changes the secure files modified or accessed date. "I haven't even opened that thing for months. It was just an experiment. I think I threw some GI Joe stuff in there."

3. You fully cooperate. Tell them it is TrueCrypt, tell them the password, tell them what is in it. They get no surprises, no resistances, full cooperation and you get full deniability. "Is there a second password?" - "No.". That's it. No holding out, no lying (well... except about the second password... but there is no way for them to know that you aren't telling the truth at that point. After all, you have told the truth so far, and you have just handed over your password).

TrueCrypt: http://www.truecrypt.org/docs/

Digg, c'est fort. Mais les contributeurs de digg, ils n'ont pas de prix. (Quoique...)