> Forensics agent pulls and mounts hard drive
> Agent sees /home/hiddenuser
> Government seeks search warrant for content
> DA demonstrates recent knowledge/use of /home/hiddenuser
> Judge holds you in contempt until you provide encryption keys
Forgetting the keys is established as protected speech under 1A. Don’t have the case handy atm. Fairly new. Knowing the keys and intentionally withholding them has yet to be established either way. But there will be a case soon enough. Funny thing about law is that both sides (prosec. & defense) often don’t want many things clarified further because they usually have far-reaching impacts to parallel legal issues. Roe v Wade is a perfect example.
No basis for such a warrant for some US citizen entering the country. No such case has ever occurred, at least at the time when I received legal advice on the subject.
Consider the alternative: You're not worse off than you would be if you didn't hide it.
Hiding your login is a good security practice against all kinds of potential coercion.
Is this what the typical airport threat scenario looks like? How do they do this with soldered in drives?
> Agent sees /home/hiddenuser
Or they see nothing, because your drive is encrypted. They come to ask you for the key, you comply they see $blandaccount with some seemingly important company data and a scary corporate message as the desktop background (as justification why there is even encryption). Bonus points if you complain about it yourself ("If you ask me all of this is a bit paranoid"). Afterwards you use the real key and see $realaccount, because you thought about plausible deniability and how to use it propperly – if you still trust the integrity of your device, that is.
Then you could setup a dummy account that doesn't have too much of interest in it.
Combined with pam crypto to encrypt your home on login, the result is something that is reasonably private against casual inspection.
I used to use this back when I couldn't afford to travel with a disposable use laptop...