compul wrote:OT: I love you two. Everyday I come back from class and enjoy your little flamewars.
Merlin wrote:No civilised country is going to change the law to compel a password for something they have no evidence is there
Merlin wrote:If you'd bothered to properly read my answers, you'd know I'd conceded the value of one level of hidden volume
Merlin wrote:With one level used properly, there is no grounds to demand a password for a hidden volume they have no proof exists
Merlin wrote:As I see it you're trying to change the subject because you find yourself faced with an argument you simply can't refute, namely that two layers are less secure than one with the combined passwords the two would be assigned (which they are).
Merlin wrote: "when do I stop brute forcing if I break a level?", and I just proved that if you'd strung the password from the proposed second level onto the password from the first, it wouldn't have got cracked to begin with.
Merlin wrote:Tell me in what circumstance is one properly hidden layer with a sufficiently strong password not enough?
Mac wrote:I've been following this debate with some interest.
Mac wrote:I appreciate that the concept of multiple hidden volumes (MHV) is intriguing, but I wonder if it's really presently worthy of so much attention.
Merlin wrote:It's called "Devil's Advocate", it makes no odds whatsoever in my own personal use case, but unless someone argues the counter case, it can't be called considered.
Sabbath wrote:Another benefit is it prevents an expansion of RIPA. How long would it be before RIPA is changed to force the user to reveal 2 passwords per container ? You have effectively offered them this option by restricting the number of hidden volumes. Laws have to be worded carefully and multiple hidden volumes make this impossible to define. The only legal wording that could possibly be used to counter multiple volumes is, a victim must continue to provide correct passwords until sufficient evidence is found to convict. Obviously this would be laughable.
Multiple volumes have another very neat and devastating feature. I communicate daily with experienced hackers and crackers on my forums and the single most feared subject is that of uncertainty.
Hidden volumes introduce doubt, an attacker may brute force a volume and it opens up. If the number of volumes is fixed to 1 the attacker knows his job is done. If the total number of possible volumes is 2 then the attacker will continue, if the contents of the first volume doesn't look plausible enough.
With this "doubt" increasing with multiple hidden volumes the attacker will never know when it is reasonable to stop. This is a considerable drag on resources and extremely expensive to apply to many hard drives. The feasibility of the cost to reward escalates so dramatically the powers that be will be choked with work. Not only are you protecting your own volumes, but should your volumes be seized and worked on, you are contributing to the greater good of others who follow you.
The more I think of multiple hidden volumes the better protection I realise they provide. It is a devastating feature if you look on it from the side of an attacker.
Mac wrote:How many users actually want MHV?
Mac wrote:How many even use ONE hidden volume?
Mac wrote:but may be far too complicated for most users to operate in practice.
Mac wrote:What users really want plausible deniability
Merlin wrote:I'd conceded the value of one level of hidden volume
Sabbath wrote:I did notice and saw no need to convince you further.
Mac wrote:A corollary to take away from this thread is that every TC user should consider always defining a hidden-volume -- even if nominal -- just to prove innocence under dire pressure.
Sabbath wrote:You will effectively be forcing them to create a hidden volume when they don't need one. If they fail to do so, or forget the second password, they will be suspected of concealing one and a lengthy prison sentence awaits them.
Mac wrote:We should be more concerned with important features with KNOWN demand -- such as UEFI support
Sabbath wrote:I am disappointed you have read through almost 3 pages and still write some of the comments / questions you have. I guess we have not been explaining ourselves well enough, I apologise and it is useful to know for further discussions.
Sabbath wrote:Your personal bias towards a particular new feature request has no impact on the validity of MHV. Can you honestly say there is no KNOWN demand for protection from RIPA ? Really ??
Merlin wrote:I've yet to see any argument presented where one hidden volume isn't enough, ... Either the first level is completely deniable, or it's not...
Mac wrote:I think the marginal benefits of MHV -- versus a single hidden volume -- are esoteric and probably not useful in practice
Mac wrote: benefits of MHV -- versus a single hidden volume -- are esoteric and probably not useful in practice
sophisticated features -- which appeal to crypto developers (including myself) -- are almost never used in reality
Mac wrote:Clearly Sabbath cares passionately about MHV as a protection from RIPA, so demand provably exists.
Merlin wrote:I've yet to see any argument presented where one hidden volume isn't enough, ... Either the first level is completely deniable, or it's not...
Return to Long-Term Goals / Wish List
Users browsing this forum: No registered users and 1 guest