I’m stuck on finding an OS solution for a pretty specific situation and wondering if anyone has run into this before or knows something I’m missing.
Basically I need to be able to use my laptop normally for work that… let’s say requires some privacy. But I also need to be prepared for situations where I might have to unlock my device for authorities and have it look completely innocent. The catch is it needs to be actually impossible to prove there’s anything hidden there, not just “well encrypted.”
Current solutions all have issues:
QubesOS - Great for security but terrible for this. Use it and immediately anyone looking sees all the VM compartments. Might as well wear a shirt saying “I have secrets.”
Tails USB - Same problem, plus carrying around a Tails stick is basically evidence by itself if they find it and you might get a proper beat down. Also it’s meant for specific sessions, not daily computing. I know persistent storage exists but that’s not the best for daily usage.
Regular encrypted drives - Everyone knows it’s encrypted. If someone’s forcing you to unlock it, you either look guilty by refusing or you unlock it and they see everything.
What I’m looking for is something where I can hand over my laptop, unlock it with a normal password, and they see a totally normal computer with boring files and browsing history. But I also need to be able to access a hidden environment for actual work that includes VPN/Tor stuff.
This comes up in situations like border crossings, getting arrested at protests or just living somewhere with heavy surveillance. Places where “I invoke my right to not unlock my encrypted drive” isn’t really an option.
Everything I find is either obviously security-focused (bad) or doesn’t give you real system control in the hidden part
Anyone dealt with something similar? Starting to think this just doesn’t exist…
Pragmatically speaking, this would be considered obstruction of justice and you’d get into trouble either way, if this is a real concern or a potential of a possibility. The laws vary in different jurisdictions but just know this. And I say this because you already know or seem to know this is very difficult if not impossible to ensure because as far as I understand, every tech will show the drive that is “well encrypted” as you said.
Places like this always have other ways you get into trouble because almost always rule of law is not the standard. You likely won’t be mitigating anything.
Pragmatically speaking, this would be considered obstruction of justice and you’d get into trouble either way, if this is a real concern or a potential of a possibility.
Yes, I know that it might be considered obstruction of justice depending on the country but in some countries “justice” isn’t really just by european standards.
Places like this always have other ways you get into trouble because almost always rule of law is not the standard. You likely won’t be mitigating anything.
Yes it’s hard to be completely sure to mitigate it completely but I want to maximize that possibility and looking like the average user would decrease that risk by quite a bit.
Are you saying that someone could be looking over your shoulder while using your PC and notice you’re using either QubesOS or Tails? If they’re able to do that, you’re taking a massive risk no matter what you do. Or if I misunderstood you, then using Tails doesn’t have the same problem as QubesOS since it shouldn’t leave a trace once it is shut down. You can trigger an emergency shut down by ripping out the USB at the risk of corrupting persistent data.
As for the Tails USB itself, it should be fairly easy to smuggle given the size of USB flash drives. You might also be able to find a laptop which has an SD card reader and use Tails on an SD card instead, which should be even easier to smuggle by hiding it in a fake coin or something. Nothing is risk-free but it sounds like the environment you’re describing is risky no matter what route you take.
As for the Tails USB itself, it should be fairly easy to smuggle given the size of USB flash drives. You might also be able to find a laptop which has an SD card reader and use Tails on an SD card instead, which should be even easier to smuggle by hiding it in a fake coin or something.
Thanks, so far the route with using Tails and using an SD card that is very well hidden sounds like the best option!
Are you saying that someone could be looking over your shoulder while using your PC and notice you’re using either QubesOS or Tails?
It’s less looking over my shoulder or targeted malware and more rigid but somewhat expected security checks.
I’m still curious if maybe someone else know about any options I might’ve missed.
Oh that’s not too bad! Just be sure you have a good hiding place and put your USB/SD card there before any security checks take place. If they control the hardware you’re using understand you’re taking some extra risks.
Whonix Live has some similarities to Tails but it can’t provide you with the same counter-forensic capabilities since it requires you to configure and trust a compatible host OS such as Debian or Kicksecure, so it’s probably a bad option for your situation. It really seems like using Tails vigilantly is the best option. Good luck!
Can you hide an encrypted partition in a media file such that it looks like it got corrupted? Say a long movie and 5 minutes in you replace the data by an encrypted loop-back mount file. IIRC you can make a LUKS partition look completely random. To access that partition you’d memorize the offset from the start of the file and the decryption password/key.
I think this has been written about somewhere years ago, maybe not on this forum. The tech is so much more advanced now that I am not sure it’s still possible. Theoretically, it’s a hidden partition or other ‘element’ which contains the data on a device. The rest of the device contains non private data and is actively used. It does not appear like a burner device. It must contain email, social network, etc accounts that are actively used. I am not sure it’s still possible to hide anything due to advanced tools used today. The only way it’d work if you are somehow looked at as not a threat so that not enough effort is made to discover the data.
