But, on the other hand, it wouldn't be to hard to have the user set both keys (yeah, so that didn't actually say anything, so what...), and then do an every-other-byte type thing (although that would be slow... every other block would be more efficient), and have 2 EFS's in one file, and make it so that on the "duress" one the extra space appears to be "free". One could make it a real file system, and add a fake disk error to prevent over-writing of the "non-duress" filesystem.

This sounds a lot like security through obscurity... What happens when someone reverse-engineers the software and sees that it's carefully skipping over blocks? If you don't want people to know about your encrypted data, use stego. Even if They find the stego software, you can always produce the keys to unlock the duress data from two or three .gif files, and say "that's all there is." Use stego to hide data. Use encrypted filesystems for convenience. If you try to put the two together, you'll probably end up with feature-bloat. The idea of an encrypted filesystems being accessable over the internet sounds interesting, though. Sort of a cross between NFS and CFS. Would be great for backup purposes. ===================================================================== | Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/) | | Email: steve@edmweb.com Home Page: http://www.edmweb.com/steve/ | | PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 | | -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. -- | ===================================================================:)