Re: Truecrypt is a threat
> I am not familiar with truecrypt, but I assume that it does not let an observer see "a blob of random data" precisely because it would be pretty convincing evidence of "hidden volume".
The outer container is a blob of random data, at least in appearance. Once you've decrypted the outer container, there isn't a second random blob, no.
However, unlike with your Picture example, the very existence of the outer container demonstrates that you _are_ using crypto. It's not proof of a hidden container, but the fact you've used technology capable of it will likely be used against you.
Part of it would likely come down to what you had stored within the outer container, if the fuzz suspect you of something henious (let's say terrorism) and you provide the key on request to reveal a bunch of fairly uninteresting emails, they'll likely try to claim it's a decoy.
They can't prove it is, you can't prove it isn't, but the burden here isn't reasonable doubt, it's balance of probabilities. So if they can use your use of crypto and the technical capabilities of Truecrypt in front of a technically inept judge, it's not improbable that you could be on the losing end.
On the other hand, I disagree with the OP almost entirely anyway. He's right to warn about using Truecrypt, but wrong in his reasoning. It has nothing to do with the existence of hidden containers, and everything to do with the fact the developers have _very_ publicly walked away, and whilst doing so have declared it insecure.
The software is no longer supported, and the reasons for the developers stopping are not known. Unless it is bikini pictures you're planning on encrypting, using Truecrypt now is a bad idea, because it brings far too many unknowns with it