XKCD gets it (unsurprisingly)

Today's XKCD:



As one crypto-wonk I spoke to...um...10 years ago said, this is called, "rubber hose cryptanalysis". Or put another way, the easiest way to crack crypto is to attack the ends points. Don't waste your time brute-forcing the cypher text, kidnap the person who owns the password and beat them until they tell you what it is. Or grab the cleartext using a screen-scraper when the recipient decrypts it. Or sniff the crypto-password with a key-logger when it is enciphered. Or live-clone the box once the encrypted partition is mounted. Except for the beatings, US law enforcement has used all of these methods to circumvent encryption.

It is for this reason why the UK has passed a law making it an illegal activity to withhold crypto-passwords when demanded by law enforcement. Failure to reveal the passphrase will result in jail time, even if the crime they're investigating has a lower mandatory sentence. The cryptonerds that xkcd was lampooning have thought of this, which is where the concept of the duress key comes from; a key you give when you are under duress that when used will either destroy your data instead of revealing it or reveal an equivalent amount of innocent data.

The problem with a duress key like this is that law enforcement NEVER works on the live data if they can at all get away with it. Working on live data taints evidence-chains, which makes convictions harder. So you set up a duress key for your TruCrypt partition, UK police nab it, demand the password, you give the duress password, it'll only scrub the copy of the data they were working on. Now they know you lied to them, and you are now guaranteed to be asked firmly for the real password, if not thrown into jail for hampering a police investigation.