Consider creating a persistence by default for plausible deniability

Rationale

The "Warnings about persistence" page states "The persistent volume is not hidden. An attacker in possession of the USB stick can know that there is a persistent volume on it."

If every Tails USB stick had a persistent volume automatically created (with a random passphrase not known to the user), there would be no way to tell that the user had set up a persistent volume rather than just leaving the automatically created one in place. This would mean that a user who had created a persistent volume could plausibly claim that he/she hadn’t.

Of course, this wouldn’t protect against being tricked, and will be of at best variable efficiency against ‘rubber-hose cryptanalysis’, but it would be useful in a country like the UK where a court can compel you, on penalty of imprisonment, to reveal cryptographic keys and passphrases if it can prove that you know them.

Implementation

Implies modifying liveusb-creator and tails-persistence-setup.

Subtasks

#11681 (closed)

Related issues

Related to #6621
Related to #7269 (closed)
Related to #7544 (closed)
Related to #8861 (closed)
Related to #11679 (closed)
Related to #15292 (closed)
Related to #15653 (closed)
Related to #16485 (closed)
Has duplicate #7541 (closed)
Has duplicate #7630 (closed)
Has duplicate #11076 (closed)
Has duplicate #16750 (closed)

Original created by @tails on 5929 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information