Not really. The reason it requires the outer volume to be FAT, AFAIK, is because FAT is the only Windows filesystem that won't access the full extent of the disk when it's mostly empty - NTFS puts structures at the middle or end of the disk, where they're likely to be clobbered by the hidden volume.
Any judge would view that dodge as the moral equivalent to going around in public all the time with a Zoro mask over your face in order than no-one can conclude that the Zoro mask implies you are up to something. Well, you could say the same thing about filling the free space with random bytes when the volume is created, or even about using TrueCrypt in the first place (instead of some other software that doesn't provide hidden volumes). If your attackers will punish you merely for using a crypto system intended to provide plausible deniability, there's not much you can do about that.
No.. in fact, that would just make it more obvious that you've got a hidden partition. Here's how the covert monitoring might work:
Monday morning, the attacker sneaks in and records a snapshot of your 100 MB partition.
Friday evening, he comes back with guns blazing and forces you to reveal a key. He uses it to mount both copies of your main volume, the current one and the snapshot, and then compares them byte-for-byte. Some of the changes are in files present on the main volume, but other changes are in free space.
He then examines the changes made inside the free space, and finds that there aren't any directory entries or recognizable data - it was random before and it's still random now, only different. He concludes that either (1) you wrote new random data into your drive's free space for some reason, or (2) the free space contains an encrypted volume.
Actually, that suggests a way to defend against such an attack: every so often, write new random data to randomly selected parts of each mounted volume's free space. This is close to what you mentioned, but you'd only do it when there isn't a hidden volume. That way, an attacker will always see these suspicious changes, whether there's a hidden volume or not, and #1 above becomes a believable excuse as long as everyone knows about this feature.
(Of course, TrueCrypt would have to be aware of the filesystem you're using in order to know which parts are free space. And you'd have to be able to turn this feature off temporarily if you ever needed to mount the main volume without possibly overwriting a hidden volume.)
If your encrypted data doesn't look random, you need to replace your encryption program ASAP. Any patterns in the output are failures in the algorithm.
Yes, you can fill up the main volume, which will overwrite the data on the hidden volume. TrueCrypt can't prevent that, because it doesn't even know the hidden volume exists until you enter the correct key. An attacker who gets your main key can destroy your hidden data, but he can't read it, and he can't even be sure that there was really anything there to destroy in the first place.
(There is a mode where TrueCrypt will protect the hidden volume from being overwritten while the main volume is mounted, but you have to enter both keys for it to work. Without the hidden volume's key, TC can't figure out which part of the partition belongs to the hidden volume.)
When you create the (main) volume, it's filled with random data. Formatting overwrites some of that, but the empty space is still full of random bytes. So, let's say you create a main volume on a 100 MB partition, and copy over some "cover" files, leaving 75 MB of free space at the end.
Then you create a 50 MB hidden volume, which is stored at the end of the partition. You put your top secret files in there, dismount it, and remount the main volume. The main volume still says "100 MB total, 75 MB free", and the free space still appears to be full of random bytes (since the hidden volume is encrypted), but they're different random bytes than they were at first.
So no, you can't tell just by looking at the mounted main volume that there's a hidden volume. All you can do is suspect that there might be something hidden in that free space, but you can't prove it - there are no plaintext headers, so both volumes are completely encrypted and appear random without the correct key. TrueCrypt will even let you reformat the main volume, destroying the hidden volume in the process, unless you specifically tell it to protect the hidden volume (using the correct key) when you mount the main one.
OTOH, you might be able to make a snapshot of the entire encrypted partition (without alerting the owner), then come back later and look for changes once you've gotten him to give up the key to the main volume. If the changes are in the main volume's free space, and they can't be explained by creating and deleting files, then you know there's a hidden volume. However, this requires covert monitoring over a period of time while the system is in active use; you can't detect the hidden volume simply by seizing a drive and examining it all at once.
Maybe because the tinfoil hat crowd usually doesn't buy Apple computers. This stuff isn't just for the tinfoil hat crowd.
If you're using encryption at all, it's because you want to keep something private, right? Now imagine someone discovers an encrypted partition on your computer. In some circumstances (e.g. if you live in the UK), you may be forced to reveal the password, or punished for refusing to reveal it. So you can either accept the punishment, or reveal the files that you thought were private enough to justify using encryption in the first place.
That's not a good outcome. Systems like OS X's are good for keeping your private information out of the hands of hackers or laptop thieves, but not for hiding it from anyone who has any leverage over you: family, employers, governments, etc. In other words, they're good for data you don't want strangers to find, but you need something like TrueCrypt for data you don't want anyone to find.
With hidden volumes, you have another option. When someone demands your password, you can put on a show of resisting, but eventually hand over the password to the main volume, revealing some mildly embarrassing "cover" files - all the while keeping your real private data safely hidden.
Re:Mac OS X Has Encrypted Disk Images
on
TrueCrypt 4.3 Released
·
· Score: 2, Informative
Exactly as described? Does Disk Utility let you create hidden volumes (indistinguishable from the main encrypted volume unless you know the key), or encrypt an entire partition, or use a file instead of a password as the key?
TrueCrypt provides device-level encryption, so it doesn't need to be aware of HFS+ or any other filesystem you use with an encrypted volume. It also provides a few important features that are not built into OS X.
Hidden volumes, for one. A single image can have two volumes in it, with different passwords, encryption methods, etc., and you can't even tell the hidden one is there unless you know the key.
You can also use any file as the key, instead of (or in combination with) a password.
And you can encrypt an entire partition, instead of putting the image inside another filesystem and letting it get copied around by the defragmenter (which may have security implications for the ultra-paranoid).
Heh. That TV you linked is only 19". For $100 less, you could get a 27" SDTV, with over 200% more screen area for 4:3 content and over 66% more screen area for 16:9 content - that is, you could get a new TV for the living room, and move the living room set into the bedroom. HDTV is still a luxury for people with too much money on their hands.
How are they "profiting" from Linux? Added Linux doesn't earn them any money. In fact, every person who buys a PS3 just to run Linux is a net loss to them, and it's pretty delusional to think that "Linux support" is a key feature for those who are buying it to run games. But remember, the loss is incurred when the consoles are manufactured, not when they're sold. A console sitting on the shelf represents a loss of $800 (or whatever it costs to make them). If someone buys it for $600 to play homebrew games, now it's only a loss of $200. Sony is better off selling the consoles than letting them sit on the shelves, even if the buyers never use them to play games.
Of course, Sony would prefer to sell games too, but consider the group of buyers we're talking about. If they can't play homebrew games, are they going to shrug and buy PS3 games instead--games they wouldn't have bought otherwise? Or are they going to use their PS3s for exactly what they would've used it for otherwise, surfing the web or watching videos or whatever? Or are they going to decide not to buy a PS3 at all? I think the latter two are more likely than the idea that blocking homebrew will result in selling more PS3 titles.
There was indeed plenty of evidence in that episode. They shot scuba tanks with rifles and succeeded in putting holes in them, making the tanks fly around a garage, but it took a load of C4 to actually make the thing explode.
Spoken like a true asshole. I have used three different cameras with two different Macs, a G3 and an Intel Mini, and they all open Image Capture automatically. But don't let the truth stand in your way. Keep trolling. How lucky for you! Unfortunately, I have to use my camera (a Kodak CX7430), not yours. When I plug it into my Powerbook G4, nothing happens, and I have to track down the photo-importing applet by myself - just like I said. Don't let the truth hit you in the ass on the way out, mmkay?
"New hardware detected! You've attached a camera! I found a driver! Do you want me to open the pictures or copy them or sing a song? The camera is now connected and working!" I must say I prefer that to the OS X approach: when a camera is plugged in, do nothing at all, and let the user track down the photo-importing applet by himself.
There are balloon tips popping up in the taskbar and notification area periodically, letting you know that whatever you're doing is not important, because Windows just found a new wireless network! Oh, you mean like the visual notification that OS X shows when it joins a wireless network? Or is that one OK because it's smaller?
Seriously, if the balloon popup distracts you from whatever important task you're working on, then (1) you need to relax and (2) you can turn it off.
On the Mac, it is assumed things will succeed. If you plug in a new piece of hardware, it just shows up ready to use. Well, no, it doesn't. Not always. Which makes it especially annoying when the assumption is success.
It sounds like you don't understand the Scotsman fallacy. The reason that it is a fallacy is that being a Scotsman is all about nationality and therefore the predicate, having nothing to do with nationality, is a fallacy. On the other hand, the teachings of Christ clearly dictate that the type of judgemental attitude that Jack Thompson displays is in direct contradiction with the teachings of Christ. The problem with this argument is "Christian" doesn't just mean someone who follows [your interpretation of] the teachings of Christ. Members of churches like the Southern Baptists are still Christians, even if outsiders think some of their beliefs contradict [the outsiders' own interpretation] of Christ's teachings.
The argument would work if there were One True Interpretation of the Bible, but there isn't. That book is full of self-contradictions, and the reader has to ignore some parts for it to make sense, or at least emphasize some parts over others. That's subjective; there's no logical, objective way to decide which parts to follow and which to overlook.
Well. we could pass a law against it based solely on the fact that you don't "like" Wal-Mart.. I totally see your logic, lets make Wal-Mart illegal. Settle down, buddy. You seem to have me confused with someone else, because I never said anything about outlawing Wal-Mart.
They don't actually need to do something wrong, or break any laws, they just need to be a successful corporation, with lots of large ugly stores, full of cheep products, and staffed by low income workers. Wal-Mart's treatment of their employees, among other things, has been well documented as unethical and occasionally illegal. I hope you don't seriously think they've never done anything wrong.
Perhaps your tune would change some if you'd spent a full year of your life, working 8-12 hour days pulling a full novel "out of your ass". If I had spent a full year of my life working 8-12 hour days to write a book, without anyone having promised to pay me for my time, merely hoping to sell a bunch of copies later, then I'd be an idiot and I'd deserve whatever I got.
See, there are really two fundamental types of work: service and manufacturing.
In a service job, first you come to an agreement with someone about what you'll be doing and how much you'll be paid for it, then you do it, then they pay you for it. If they don't want to pay you an amount you think is fair, then you don't have to do the work at all: you can spend your time doing something else. If you do the work and they don't pay, then since you have a signed contract and you know exactly who's at fault, you can easily take them to court and prove your case. Finally, if everything has gone smoothly and you'd like to get paid some more, you find someone else who wants your service and perform it again for them.
In a manufacturing job, first you make a physical product, then you find a customer who wants it, then you negotiate a price, then you transfer ownership of your product to them in exchange for money. You can get away with doing the work before finding a customer because a physical product can be physically controlled: if the car you just made is stored in a garage, you simply have to keep people from taking it out of the garage before they pay, which is practical thanks to the laws of physics. (Not just practical, but sensible: the product can only be in one place at a time, so someone has to own it. Information, OTOH, doesn't work that way.) And finally, just like before, if you sell your first car and you want to make some more money, you make another car and sell it to someone else.
Some people, however, want to have their cake and eat it too.
They want to pretend they're selling a product, so they do a bunch of work for free and hope to get paid for it later, but they skip the whole bit about controlling their "product" until it's sold: if you broadcast a song over the radio, you're essentially giving free copies away to everyone who owns a radio.
Even worse, they think they're exempt from the basic principle that if you want to get paid again, you work again. They want to write that One Big Hit and milk it for the rest of their lives, eternally selling copies of something they wrote decades earlier. Sorry, but that isn't working, it's gambling.
What makes you think Google/YouTube is actively policing their site for porn clips, rather than responding to the clips being flagged by users who stumble across them?
When you steal a physical object, you are denying someone else the chance to legally purchase that same object, and it is clear that you are denying profit to the creator of the object. Furthermore, this is the one and only reason that stealing is wrong. If theft only involved making a copy of an object--walk up to a car, point your magic wand at it, and drive off in a copy while leaving the original exactly as it was--then there'd be nothing wrong with theft either. A world where that was possible would be a utopia, with enough food, medicine, fuel, and other goods for everyone who needed them. The fundamental "wrongness" of theft is the fact that it deprives the rightful owner of the stolen item, not that the thief gets something for nothing.
It is an improvement, as it gets more stuff to people faster and cheeper than ever before. Uh huh. If we can get ramen noodles, romance novels, and censored CDs for 10 cents less than the competition, it must be an improvement, regardless of what goes on behind the scenes? That's almost touching in its naivete.
It's very simple: we like the content, we want everything for free, therefore copyright is evil. The justifications come after the fact. Maybe that's how you think, or more likely how your imagined version of a file sharer thinks, but don't pretend you can speak for everyone who's opposed to copyright.
There are plenty of reasons to oppose restricting free speech in order to make information a scarce good that have nothing to do with "wanting everything for free", and in fact many of us would be happy to pay content producers directly for their work, if they'd just mind their own business instead of telling us how we can or can't use our own hardware and internet connections.
If end result is always monopoly why is something as massive as K-Mart almost history now? Something came along that was better and the monopoly disappeared overnight. Yes, an even larger chain came along whose name also ends in "Mart". It's more of a monopoly than K-Mart ever was, exerting more control over suppliers, squeezing more out of its employees, and forcing more competitors out of business. Don't pretend it's an improvement.
Slashdot Mirror
Not really. The reason it requires the outer volume to be FAT, AFAIK, is because FAT is the only Windows filesystem that won't access the full extent of the disk when it's mostly empty - NTFS puts structures at the middle or end of the disk, where they're likely to be clobbered by the hidden volume.
No.. in fact, that would just make it more obvious that you've got a hidden partition. Here's how the covert monitoring might work:
Monday morning, the attacker sneaks in and records a snapshot of your 100 MB partition.
Friday evening, he comes back with guns blazing and forces you to reveal a key. He uses it to mount both copies of your main volume, the current one and the snapshot, and then compares them byte-for-byte. Some of the changes are in files present on the main volume, but other changes are in free space.
He then examines the changes made inside the free space, and finds that there aren't any directory entries or recognizable data - it was random before and it's still random now, only different. He concludes that either (1) you wrote new random data into your drive's free space for some reason, or (2) the free space contains an encrypted volume.
Actually, that suggests a way to defend against such an attack: every so often, write new random data to randomly selected parts of each mounted volume's free space. This is close to what you mentioned, but you'd only do it when there isn't a hidden volume. That way, an attacker will always see these suspicious changes, whether there's a hidden volume or not, and #1 above becomes a believable excuse as long as everyone knows about this feature.
(Of course, TrueCrypt would have to be aware of the filesystem you're using in order to know which parts are free space. And you'd have to be able to turn this feature off temporarily if you ever needed to mount the main volume without possibly overwriting a hidden volume.)
If your encrypted data doesn't look random, you need to replace your encryption program ASAP. Any patterns in the output are failures in the algorithm.
Yes, you can fill up the main volume, which will overwrite the data on the hidden volume. TrueCrypt can't prevent that, because it doesn't even know the hidden volume exists until you enter the correct key. An attacker who gets your main key can destroy your hidden data, but he can't read it, and he can't even be sure that there was really anything there to destroy in the first place.
(There is a mode where TrueCrypt will protect the hidden volume from being overwritten while the main volume is mounted, but you have to enter both keys for it to work. Without the hidden volume's key, TC can't figure out which part of the partition belongs to the hidden volume.)
I did list them earlier, and they're listed on TrueCrypt's site as well as all over the rest of this thread. The main feature is hidden volumes.
Nope.
When you create the (main) volume, it's filled with random data. Formatting overwrites some of that, but the empty space is still full of random bytes. So, let's say you create a main volume on a 100 MB partition, and copy over some "cover" files, leaving 75 MB of free space at the end.
Then you create a 50 MB hidden volume, which is stored at the end of the partition. You put your top secret files in there, dismount it, and remount the main volume. The main volume still says "100 MB total, 75 MB free", and the free space still appears to be full of random bytes (since the hidden volume is encrypted), but they're different random bytes than they were at first.
So no, you can't tell just by looking at the mounted main volume that there's a hidden volume. All you can do is suspect that there might be something hidden in that free space, but you can't prove it - there are no plaintext headers, so both volumes are completely encrypted and appear random without the correct key. TrueCrypt will even let you reformat the main volume, destroying the hidden volume in the process, unless you specifically tell it to protect the hidden volume (using the correct key) when you mount the main one.
OTOH, you might be able to make a snapshot of the entire encrypted partition (without alerting the owner), then come back later and look for changes once you've gotten him to give up the key to the main volume. If the changes are in the main volume's free space, and they can't be explained by creating and deleting files, then you know there's a hidden volume. However, this requires covert monitoring over a period of time while the system is in active use; you can't detect the hidden volume simply by seizing a drive and examining it all at once.
If you're using encryption at all, it's because you want to keep something private, right? Now imagine someone discovers an encrypted partition on your computer. In some circumstances (e.g. if you live in the UK), you may be forced to reveal the password, or punished for refusing to reveal it. So you can either accept the punishment, or reveal the files that you thought were private enough to justify using encryption in the first place.
That's not a good outcome. Systems like OS X's are good for keeping your private information out of the hands of hackers or laptop thieves, but not for hiding it from anyone who has any leverage over you: family, employers, governments, etc. In other words, they're good for data you don't want strangers to find, but you need something like TrueCrypt for data you don't want anyone to find.
With hidden volumes, you have another option. When someone demands your password, you can put on a show of resisting, but eventually hand over the password to the main volume, revealing some mildly embarrassing "cover" files - all the while keeping your real private data safely hidden.
Exactly as described? Does Disk Utility let you create hidden volumes (indistinguishable from the main encrypted volume unless you know the key), or encrypt an entire partition, or use a file instead of a password as the key?
TrueCrypt provides device-level encryption, so it doesn't need to be aware of HFS+ or any other filesystem you use with an encrypted volume. It also provides a few important features that are not built into OS X.
Hidden volumes, for one. A single image can have two volumes in it, with different passwords, encryption methods, etc., and you can't even tell the hidden one is there unless you know the key.
You can also use any file as the key, instead of (or in combination with) a password.
And you can encrypt an entire partition, instead of putting the image inside another filesystem and letting it get copied around by the defragmenter (which may have security implications for the ultra-paranoid).
Heh. That TV you linked is only 19". For $100 less, you could get a 27" SDTV, with over 200% more screen area for 4:3 content and over 66% more screen area for 16:9 content - that is, you could get a new TV for the living room, and move the living room set into the bedroom. HDTV is still a luxury for people with too much money on their hands.
Of course, Sony would prefer to sell games too, but consider the group of buyers we're talking about. If they can't play homebrew games, are they going to shrug and buy PS3 games instead--games they wouldn't have bought otherwise? Or are they going to use their PS3s for exactly what they would've used it for otherwise, surfing the web or watching videos or whatever? Or are they going to decide not to buy a PS3 at all? I think the latter two are more likely than the idea that blocking homebrew will result in selling more PS3 titles.
There was indeed plenty of evidence in that episode. They shot scuba tanks with rifles and succeeded in putting holes in them, making the tanks fly around a garage, but it took a load of C4 to actually make the thing explode.
OK.. er.. which preferences panel is that on? There's nothing related to cameras there. I'm running 10.4.8.
Seriously, if the balloon popup distracts you from whatever important task you're working on, then (1) you need to relax and (2) you can turn it off. On the Mac, it is assumed things will succeed. If you plug in a new piece of hardware, it just shows up ready to use. Well, no, it doesn't. Not always. Which makes it especially annoying when the assumption is success.
The argument would work if there were One True Interpretation of the Bible, but there isn't. That book is full of self-contradictions, and the reader has to ignore some parts for it to make sense, or at least emphasize some parts over others. That's subjective; there's no logical, objective way to decide which parts to follow and which to overlook.
See, there are really two fundamental types of work: service and manufacturing.
In a service job, first you come to an agreement with someone about what you'll be doing and how much you'll be paid for it, then you do it, then they pay you for it. If they don't want to pay you an amount you think is fair, then you don't have to do the work at all: you can spend your time doing something else. If you do the work and they don't pay, then since you have a signed contract and you know exactly who's at fault, you can easily take them to court and prove your case. Finally, if everything has gone smoothly and you'd like to get paid some more, you find someone else who wants your service and perform it again for them.
In a manufacturing job, first you make a physical product, then you find a customer who wants it, then you negotiate a price, then you transfer ownership of your product to them in exchange for money. You can get away with doing the work before finding a customer because a physical product can be physically controlled: if the car you just made is stored in a garage, you simply have to keep people from taking it out of the garage before they pay, which is practical thanks to the laws of physics. (Not just practical, but sensible: the product can only be in one place at a time, so someone has to own it. Information, OTOH, doesn't work that way.) And finally, just like before, if you sell your first car and you want to make some more money, you make another car and sell it to someone else.
Some people, however, want to have their cake and eat it too.
They want to pretend they're selling a product, so they do a bunch of work for free and hope to get paid for it later, but they skip the whole bit about controlling their "product" until it's sold: if you broadcast a song over the radio, you're essentially giving free copies away to everyone who owns a radio.
Even worse, they think they're exempt from the basic principle that if you want to get paid again, you work again. They want to write that One Big Hit and milk it for the rest of their lives, eternally selling copies of something they wrote decades earlier. Sorry, but that isn't working, it's gambling.
What makes you think Google/YouTube is actively policing their site for porn clips, rather than responding to the clips being flagged by users who stumble across them?
There are plenty of reasons to oppose restricting free speech in order to make information a scarce good that have nothing to do with "wanting everything for free", and in fact many of us would be happy to pay content producers directly for their work, if they'd just mind their own business instead of telling us how we can or can't use our own hardware and internet connections.