Create a Tails OS Hidden Persistence Volume

Create a Tails OS Hidden Persistence Volume

The current Tails OS persistence feature does not protect a security-concious user from the Rubber-hose technique, ie, being forced to reveal the decryption password by an adversary.

So if someone realises that you use a persistence-enabled USB stick with Tails OS (very easy if they find the USB stick), they can force you to reveal the decryption password.

A solution to this would be to implement the Hidden Volume feature found in TrueCrypt/VeraCrypt into the Tails OS Persistence

login screen. A “fake” password would reveal “fake” persistence data in Tails OS. However, the correct password would reveal the actual sensitive data. This creates plausible deniability.

The Tails OS persistent volume on the USB stick would have to be obfuscated in such a way that it appears to be one single volume, rather than a volume which contains a hidden volume. TrueCrypt/veraCrypt have managed this by making the volume appear as one, and have managed to obfuscate the existence of the hidden volume.

Related issues

Is duplicate of #5929

Original created by @b.smith1974 on 11076 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information