- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Utah Supreme Court says suspects can refuse to hand over phone passwords to the police | Other state Supreme Courts disagree and the case would wind up before the US Supreme Court::undefined
I forgot what it was called, but someone create an encrypted file system where you could never be certain all files were decrypted. You could enter one password and files A B and C would be revealed and accessible, then you could enter another password and files D E and F would be revealed, and again, another password would reveal file G, etc.
The file system was just a big blob of seemingly random bytes, but when processed with the right password, certain patterns would be revealed, those patterns being the files. This brought with it the possibility that files would be lost, because when writing files with password 1, files encrypted with password 2 might be overwritten. Several copies of each file were stored to protect against this, but you could still lose files.
There are some philosophical / legal issues with such a file system, because you can never prove that you’ve decrypted all the files. If prosecutors wanted to claim that you had more files on the filesystem, there’s no way you could disprove it, because you can never prove that you’ve decrypted everything. Hopefully people would be considered innocent until proven guilty, but believing the law always works that way is naive.
EDIT: It’s called deniable encryption: https://en.wikipedia.org/wiki/Deniable_encryption
Multi-account encryption has been around since at least the aughts and is readily available for those who are privacy conscious enough to find it out.
Much of the effort is to educate the average Joe that they need to be exactly that privacy conscious.
Veracrypt is a popular implementation of deniable encryption.