Rubberhose protection

[lawmanuk]

Although this project aims to create deniability, by removing the header from the encrypted OS partition/disk, this won't really help in a torture/legal threats scenario.

The presence of a noise filled partition/disk creates an immediate suspicion that it will contain data. Even if it can't be proved, the suspicion is enough for judges that are inclined to believe agency 'suspicions'.

https://falkvinge.net/2012/07/12/in-the-uk-you-will-go-to-jail-not-just-for-encryption-but-for-astronomical-noise-too/

What would be really helpful is an encrypted fake os, with a real os in the free space of that same partition. Its much more palatable this way, and you've already given away the key to the fake os - so no evidence of a real os in the freespace.

Veracrypt seems to do this. Linux could do something similar using a mix of Luks for the fake os and plain dm-crypt for the real os in the freespace. Similar to how this article explains it:

https://blog.linuxbrujo.net/posts/plausible-deniability-with-luks/

If this could be incorporated in the future, this project would be almost perfect - once its incorporated into the main grub releases.

thanks