oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

updated deniability tutorial

Browse source
This commit is contained in:
nihilist 2024-11-25 19:00:31 +01:00
parent 42f5a5dd8c
commit 3e4ac30f1f
7 changed files with 195 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

29
opsec/deniability/index.html
View file

@ -121,6 +121,33 @@ The door is closed, the conversation remains between Alice and Bob, their conver
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>What if i destroy the evidence ?</b></h2> </br> </br>
<p>One common arguement that is being brought up is <b>"what if i destroy the data before the adversary can see it?"</b> lets see the following scenario:</p>
<pre><code class="nim">
-You started doing sensitive actions on your <a href="../graphene/index.html">graphene OS phone</a>
-Somewhere you slipped up, and now the adversary is busting down your door and holding you at gunpoint, handcuffing you and taking you to the nearest station.
-Now the adversary is telling you "by order of the judge, you are now going to unlock that phone."
-But, you've got your ace up your sleeve, you configured <b><a href="https://grapheneos.org/features#duress">a duress password</a> on your graphene OS phone</b>, meaning that once you type that special password, the contents of your phone are irreversibly deleted, with no possible recovery.
-You type the password, and the phone contents are getting deleted, right in front of the adversary. What now ?
</pre></code>
<p>Now you are in a situation where the adversary knows that you intentionally destroyed the contents of your phone, <b>he knows that you do not intend to cooperate, and that on top of it you destroyed potential evidence</b>. Where do you think that get you in court ?</p>
<p>If you were just pretending to have forgotten your password, you'd be found to be in Contempt of Court (approx 6 months jailtime), But here from the point of view of the adversary, he's perceiving it as you knowingly and intentionally <b><a href="https://www.criminaldefenselawyer.com/crime-penalties/federal/Tampering-with-evidence.htm">tampering with evidence</a> which is way worse, as the sentences for that can go up to 20 years in prison.</b></p>
<p>So in short, <b>you need it to look like you are cooperating with the adversary</b>, you must be able to give him a password, and when he unlocks the encrypted volume, he must find nothing incriminating about you, which is why we need deniable encryption.</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Why is Deniable Encryption Vital?</b></h2> </br> </br>
<p>From a legal standpoint, the only way to be protected against that scenario where you're forced to decrypt your harddrive <b>is to be able to deny the existence of said encrypted volume (Plausible Deniability)</b> . If the encrypted volume does not exist, there is no password to be given for it.</p>
<p>So here we need a technology that can provide us Plausible Deniability. <b>That is what Veracrypt can do for us</b>.</p>
@ -135,7 +162,7 @@ The door is closed, the conversation remains between Alice and Bob, their conver
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<div id="anon2">
<div id="anon1">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">