@architect Not so. The Regulation of Investigatory Powers Act requires you to decrypt ANYTHING they ask WITHOUT a court order.

@matt
You can delete the LUKS headers, without which you're (at least by design) unable to decrypt the data any more. Of course that requires you had the time to anticipate such demands are coming your way.

@architect NOW you would be guilty of destruction of evidence, even in the US

@matt
No one can prove that it's not just part of your usual process. IANAL, but afaik it's not destruction of evidence if you're not currently involved in a legal dispute where that data's relevant either. So it can also be integrated into your regular routine to varying degrees

@architect I wouldn't test that theory myself...

@Faveing In the UK? Most definitely.

In the US? Most likely, but since IANAL I can only say I don't believe it is not settled by case law. Yet.

@omnipotens

@matt

As I understand it any enforcement of the IP Act does require a court order, however it is issued by political committee and not reviewed by the judiciary, which is i Think contrary to established methodology as it Is a criminal not civilian matter

This will only get worse post-brexit

@jason @omnipotens in the US, if it's not issued by a judge, it's not a court order (Imo, but IANAL).

On the other hand, NSLs...

@matt

Yeah, as i understand it tradionally a judge would sign off on a court order, however since the enactment of the [sarcasm]balanced and fair[/sarcasm] laws the IP Act brings to the tables the politicians decided to help out and not increase the judiciary workload and oversee such things themselves

@omnipotens

@Bit_Faced don't jest, I think emoji can be used as passwords now ;)

@drobban the jury is out on that one (ie it hasn't been settled with case law yet)

@h3artbl33d @matt exactly, I remember a feature of true crypt was a hidden encrypted partition, you get two password, one show a dummy partition, the other the real.

@benoitj @matt

Exactly! It should be noted that the non-hidden part shouldn't be a brand new, default OS installation as that would raise suspicion.

Another method would be using a live environment that encrypts all temporary data, whether in RAM or on disk. Having a password vault hidden and inaccessable 'somewhere' might make this more viable.

But in the end - this is mitigating a situation that shouldn't be there in the first place. Madness!

@h3artbl33d @benoitj I would be careful with that approach. At least in regards to TrueCrypt, the authorities are well versed in hidden partitions.

@matt @benoitj

True that. I think hidden partitions aren't the best means to achieve opsec. Also, one shouldn't trust a sole method. Like TOR - even if properly used, if there is a vulnerability in the browser, the user and location info could be at serious risk.

The best bet - as far as I am concerned - is to design the opsec model to the particular situation, with the assumption that everything is comprimised from the start.

@h3artbl33d @benoitj my assumption is that encryption will only thwart a casual burglar or thief. A state sponsored attacker will have means to break in (either via brute force, or drugs and a $5 wrench).

@matt @benoitj

Well spoken. Though regular users aren't in the crosshairs of a state actor, eg, the NSA TAO division - they will obtain access.

No system is 100% safe/secure.

@nergal Ask a Briton about Brexit (I'm an Arizonan, not a Briton), but as far as I know England is still a part of the UK.

@nergal you might be thinking of the U.K. (United Kingdom of Great Britain and Northern Ireland) leaving the E.U. (European Union). THAT is known as Brexit.

The U.K. consists of England, Scotland, Wales, and Northern Ireland.

@matt oh, thanks! That was the confusion.