Question about what is being stored on your computer

[Cyanotical]

If you're not educated or careful then I could just look for files that are "wrong". Encrypted data looks unstructured and random so doing something like naming a file "libxml.dll" when it's actually an aes encrypted file isn't going to work because they'll just pipe ls -aR through file -f.

Truecrypt's value over bitlocker or filevault isn't the encryption it offers but the plausible deniability: it stores your data in a way that you can convincingly claim "it's not there".

While breaking the encryption might be a concern for run of the mill criminals it's not going to help if you're dealing with a government that can compel you to turn over the keys (through the courts or cutting off your fingers until you tell them what they want to know). A big encrypted file/drive is a giveaway that you've got something to hide: they'll know to torture you to be able to look inside. Truecrypt is valuable because it lets you say "there's no such file on the drive". Even if they detect the truecrypt volume (which they can) you can have nested volumes that are impossible to distinguish from random noise. When 'the man' starts breaking your toes with a hammer you can give him the keys to your top-level volume that he knows exists and then deny to the death that a second or third one is on that drive and he'll have no way to know for certain that you're hiding something.

where do you live that you worry about torture?

[StayTuned]

We are not the mafia, lol. No government is going to break our legs for those .txt files. At least that's what I hope.

Also, what do you mean by 'nested volume'? Do you mean the option to create a hidden truecrypt volume?

[a21fa7c67f26f6d49a20c2c51]

where do you live that you worry about torture?

Where I live isn't a concern. I travel through America frequently which isn't perfect but has a better record than most. Occasionally I might end up in China which raises the bar higher still but I have nothing the Chinese government would find interesting.

Just because a particular concern doesn't apply to me there aren't high-level al'qaeda operatives sitting in a Turkish prison, or child pornographers in a london jail that are facing extradition to Belarus, or Iranian student newspapers that oppose the Ayatollah.

Just because a concern doesn't apply to me doesn't mean it doesn't apply to anybody. A little empathy and you can appreciate why something like truecrypt is a clever solution to a problems faced by people who don't have the luxuries and security that I take for granted.

If we're going to talk about encryption and security software then it's important we choose a tool that is well suited for our problem. Understanding the sorts of situations where truecrypt is a compelling product means the OP can make better decisions about his IT policy.

No government is going to break our legs for those .txt files.

You might not need to worry about about having your body smashed but western governments can hold you in contempt of court 'forever' if they have good reason to believe you're witholding evidence (like the password for your encrypted data). I'm sure we agree that's a situation that's worth taking steps to avoid if we had data we didn't want authorities to see.

Also, what do you mean by 'nested volume'? Do you mean the option to create a hidden truecrypt volume?

That's correct.

[Cyanotical]

empathy

like most people working in IT, i have none

[Cows For Life]

the FBI can crack anything they want, it's usually an issue of legality when they can't, not capability, it's not like their super computers are using P4s

If they had the ability to crack passwords this easily, the FBI isn't likely to waste resources on anything short of a threat to the government. This goes doubly so for hypothetical backdoors.