There are some very good reasons why you'd want to use full hard drive encryption for your own security especially with something as easy to walk away with as a laptop.

Quote: "without probable cause or a warrant" and "There are at least three cases in which the Feds have, with a court order, installed spyware on a suspect's computer."

The US never ceases to amaze me with the lack/invasion of privacy rights. Remind me not to take my laptop next time I'm heading to Vegas. Yikes!

Call me paranoid, but if anyone ever had unrestricted access to a computer of mine that I used for sensitive work (e.g. banking) I would scrub clean and reinstall before doing anything that I wanted to keep private.

Interesting that Truecrypt got an mention. I had a play with hidden volumes before Christmas but, although it's a clever idea, it's been implemented all wrong. Maybe I'll contact the author with a few suggestions.

Kaled.

Truecrypt ... Maybe I'll contact the author with a few suggestions.

It's open source. They'd probably welcome the help. ;)

Aside from PGP, Truecrypt is probably the most highly recommended disk encryption package out there. I haven't see anything else that comes close.

Seems like "The Matrix" has come to pass.

Note that encryption will not help you at all. If that linked article does not mention it, there are other articles which mention that not only do they want to examine the computer, they want the passwords.

What justification they have for that, I do not know. Last I checked bits and bytes are not explosive. Unless they are of the watergate leak variety. If they can't copy paper documents without a warrant, I fail to see how hard drive *contents* are any different..

Since people will start travelling with only the passwords to remote systems in their memory, it is just as much a brain implant as in the movie. It is just a question of the scale of memory capacity.

At this point you need to create a bootable cd in the os of choice that has nothing on it other than a vpn client on it. One that does not use any private keys of value.

Maybe you'll want to Fedex the the cd to your hotel. Or, keep a copy at every destination. A verifiable copy. Or, store the iso image online.

plum you should read the article... they do mention that encryption isn't good enough they even mention software that takes a fake password and acts as if it is unlocked but there is a second "real" password that does, they also mention flaws in that as well. There are some great ideas like storing important data on camera memory cards and other good tips.

plum you should read the article...

Demaestro,

I *did* read the article.

After writing the second paragraph in my post. And no, the article does not mention explicitly any demand for passwords.

There are some great ideas like storing important data on camera memory cards ...

Is not such a good idea. You still have the data in your possession, and thus, it is subject to search. Steganography is security through obscurity.

To be clear, I did read the article, other articles about the same set of original circumstances. I have read with interest many more articles on the topic of encryption in general over the years.

My conclusion, if all of that reading is combined, is that there are no viable workarounds to physical possession. Once a someone is subject to search, it becomes irrelevant which particular storage device has been used and how many decoys are employed. It is all subject to search and seizure.

In the end, even if a subject does not have physical possession, there is always the fine tradition of rendering the subject to an interrogation friendly jurisdiction.

I did not savage the article, I am presenting the limitations of its suggestions. It's all about informed choice.

If someone chooses to hide their money under the mattress, they shouldn't cry in the event of a fire. If someone chooses to use a bank, they shouldn't cry in the event of a run on the bank.

I wonder if storing your data on your PC at home and then connecting via an SSH tunnel from wherever you are would be safer.

TrueCrypt allows you a degree of plausible deniability [truecrypt.org] though. If you give your encrypted drive a common file extension like .iso, .dat, etc. it's going to be tough to find.