Feature #11076

Create a Tails OS Hidden Persistence Volume

Added by b.smith1974 2016-02-07 20:10:18 . Updated 2016-02-08 22:36:50 .

Status:
Duplicate
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2016-02-07
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Create a Tails OS Hidden Persistence Volume

The current Tails OS persistence feature does not protect a security-concious user from the Rubber-hose technique, ie, being forced to reveal the decryption password by an adversary.

So if someone realises that you use a persistence-enabled USB stick with Tails OS (very easy if they find the USB stick), they can force you to reveal the decryption password.

A solution to this would be to implement the Hidden Volume feature found in TrueCrypt/VeraCrypt into the Tails OS Persistence

login screen. A “fake” password would reveal “fake” persistence data in Tails OS. However, the correct password would reveal the actual sensitive data. This creates plausible deniability.

The Tails OS persistent volume on the USB stick would have to be obfuscated in such a way that it appears to be one single volume, rather than a volume which contains a hidden volume. TrueCrypt/veraCrypt have managed this by making the volume appear as one, and have managed to obfuscate the existence of the hidden volume.


Subtasks


Related issues

Is duplicate of Tails - Feature #5929: Consider creating a persistence by default for plausible deniability Confirmed 2016-08-20

History

#1 Updated by b.smith1974 2016-02-07 20:12:57

I forgot to add, the current Tails OS persistence feature becomes a moot point in certain jurisdictions because if you fail to reveal the decryption password upon demand, you can be jailed or even killed.

So I see the Hidden Volume feature as something which can be a life-saving feature.

#2 Updated by sajolida 2016-02-08 13:33:31

  • Status changed from New to Duplicate

This is the same as Feature #5929 I think.

#3 Updated by sajolida 2016-02-08 13:33:43

  • is duplicate of Feature #5929: Consider creating a persistence by default for plausible deniability added

#4 Updated by b.smith1974 2016-02-08 17:09:11

It’s almost the same as Feature #5929 but issue Feature #5929 says that an encrypted persistent volume should be automatically created even when the user doesn’t want one, so that he can plausibly deny he created it, and therefore can plausibly deny he is hiding anything.

My suggestion differs slightly in that the user can create a normal persistent volume, and then a hidden volume within that. The hidden volume only being accessible with a different password to the normal persistent volume password.

#5 Updated by intrigeri 2016-02-08 22:36:50

> My suggestion differs slightly in that the user can create a normal persistent volume, and then a hidden volume within that. The hidden volume only being accessible with a different password to the normal persistent volume password.

Right. Please re-open once there is a more detailed design and implementation leads, then :)