It might, but to be perfectly honest most people don't keep partitions of random-looking data, or large files containing what looks like it. Your plausible deniability would be of the form, "I was getting ready to make a hidden volume there, filled it with random bits etc., but I never got around to actually making it."
I'm not actually sure that TrueCrypt lets you separate these two aspects of creating a hidden drive, but Linux's tools do. With LVM (to create volumes in volumes) you could create a partition which exists within an encrypted partition, so that it's full with random data to begin with -- but then you could plausibly have forgotten to do anything with it after your computer was up and running.
Large random-looking files are a bit different; if someone were to ask "what's this 10 gig file of random data doing on your hard drive?" it would seem hard to answer them. The only thing that I know people use that much random data for is testing an RNG for its statistical properties.
A normal (i.e non hidden) TrueCrypt volume is also by default filled with random data. With a hidden volume you first create the normal volume, which as part of that fills the file with random data, then create the hidden volume inside the normal volume.
One password decrypts the normal volume and another decrypts the hidden volume. However, with just the normal volume password you can't determine the existence of the hidden volume (as long as you take some precautions to prevent leaking of information about the hidden volume)
Ah, yes! Sorry, I'd forgotten that those existed as well.
I never really saw a deep potential for those -- the problem being that you cannot open the outer drive for writing without providing the password which enables the inner drive's reading, which means that you're constantly leaking that information whenever you're using the outer drive (which ideally would be relatively frequent, so as to justify that it's not masking a hidden drive. So I'd just totally forgotten that TrueCrypt could do that. My mistake.
Huh? Why do you think that? The normal encrypted partition can be used independently of the hidden partition. You just need to be careful to ensure that the free space of the outer partition is enough to contain the hidden, inner partition.
>Your plausible deniability would be of the form, "I was getting ready to make a hidden volume there, filled it with random bits etc., but I never got around to actually making it."
Your denial would be "When I last reformatted the drive, I used random overwriting."
I'm not actually sure that TrueCrypt lets you separate these two aspects of creating a hidden drive, but Linux's tools do. With LVM (to create volumes in volumes) you could create a partition which exists within an encrypted partition, so that it's full with random data to begin with -- but then you could plausibly have forgotten to do anything with it after your computer was up and running.
Large random-looking files are a bit different; if someone were to ask "what's this 10 gig file of random data doing on your hard drive?" it would seem hard to answer them. The only thing that I know people use that much random data for is testing an RNG for its statistical properties.