Allow using VeraCrypt hidden volumes without having a dedicated option in the UI
Originally created by @op_mb on #17033 (Redmine)
The current unlock dialogs have a dedicated “hidden” option, which could raise attention to the hidden volume feature to someone coercing a user to unlock their VeraCrypt volume.
Original description by @ob_mb:
hey all,
i read through some vera docs, about plausible deniability,
seems to me that giving an option for a hidden volume tick in tails goes
against plausible deniability principle -
if condition exists where you have to revieal the password for the outer volume, you get a pop up asking you to tick the hidden volume. this goes agains the veracrypt specification:
“… VeraCrypt first attempts to decrypt the standard volume header using the entered password. If it fails, it loads the area of the volume where a hidden volume header can be stored (i.e. bytes 65536–131071 …”
so ticking the hidden volume dialog, when providing the password, is not only redundunt (as per specification), but can also be dangerous in that case.
i mean, the code is in tails os already, right? so logic would be something like:
//
if (veracrypt_outer_password() false)
{
if(veracrypt_inner_password() false)
return tails :: error;
else
return tails :: success;
} else return tails :: success;
//
what do you think?
s. i added the pic, couldnt take the pic of the veracrypt utility, so i took the pic from diskutil