Open ioerror opened 8 years ago
intrigeri
commented
8 years ago FWIW: Tails' persistence feature is implemented in live-boot, that presumably SGOS Live uses. Only our live-persist script to activate it late in the boot process is Tails-specific.
twgaf657
commented
8 years ago Can a way to be found to make the persistence option have a dummy persistence, activated with a dummy password, and a hidden persistence, activated with the secret password?
This is essentially replicating the Hidden volumes feature of VeraCrypt/TrueCrypt. The rationale being that in many jurisdictions such as the UK, a user can be forced to give up his password upon threat of imprisonment. So encrypted persistence in itself does not become much of a protection if the persistent USB stick is discovered as the authorities can force you to hand it over........unless a hidden persistent volume exists which contains the actual sensitive data (plausible deniability).
Would such a thing be manageable?
There are a few Tails users who want to be able to live boot subgraph os and use their persistence from Tails without any effort. This would mean mounting the file system so that ssh, gpg, pidgin and other data would be automatically available to a user. This would require either live booting and mounting as Tails does it - or - it would require installing and running a program to important to a running system - or - it would require allowing an installed system to use a Tails data partition on the fly.
This will assist with forensics (#41) as well. Detecting tampered software is difficult when many things on the system change. Keeping user data and everything else separate may be useful. If we had a data dir on the user, then the only thing we'd need is to detect if hardware is changed (assume usb disk with data on a necklace) when booting from a verified ro or easy to dump medium.