An interesting research paper on the vulnerabilities of using Deniable File Systems (DFS). The popular open-source package TrueCrypt is used as the primary example, although it would apply to other DFS applications.

The authors (A.Czeskis, D. J. St. Hilaire, K. Koscher, S.D. Gribble, T.Kohno, B. Schneier) note that given the current political environment in many countries today, users of DFS may think that utilizing a DFS application permits the data stored in the DFS to not be discoverable. The authors highlight how this is a false belief.

Two of the key points I found interesting were:

  1. Most applications and operating systems are not designed to preserved plausible deniability and often ‘leak’ information that reveals the existence of a DFS.

  2. Many common applications such as Microsoft Word make a copy of a file that is located in a DFS, typically in a non DFS and non encrypted location while the user is working on a file. If the application is properly closed, the file is deleted, but not securely allowing a recovery agent to extract the contents of the secret file without need to access the hidden file system.