Kristian Gjøsteen <kristiag+news@math.ntnu.no> wrote in news:ub3m85-
u1a2.ln1@fimf-h28.math.ntnu.no:

....
> In practice, hiding everything may be easier than determining exactly
> what information must be protected.


That may be true if, in fact, it is easier - it may well not be!

For instance, without resorting to devices external to the computer to
store the unencrypted initial boot code (or hidey-holes like BIOS
extensions), it is not only not easy, it is impossible.

Moreover, for instance, carrying a bootable USB (thereby enabling all HDs
on the machine to, in principle, have their track 0s
randomized/encrypted) may have its own considerable risks and
inconveniences.

IOW, that it is easier and less risky to encrypt track 0 is by no means a
slam dunk - it requires careful analysis of the tradeoffs.

Regards,

PS The few and weak benefits that might accrue from not exposing the
partition table are almost exclusively in the realm of plausible
deniability and steganography, NOT decryption resistance. Modern OTFE
encryption is sufficiently strong to withstand the availablity of
mountains of known plaintext, let alone the minuscule amount of indirect
data provided by a 16-byte partition table entry.

Moreover, an encrypted partition table (or track 0 generally), especially
in conjunction with ostensibly "random" data filling a HD, *completely
undermines* plausible deniability or steganography - it is obvious to all
but the completely untutored that encryption is being used.

In short, there is no point in encrypting/randomizing a partition table
from either a decryption or steganography/plausible deniability point of
view.