Saw this earlier this morning on lifehacker and thought I'd pass it along

http://arstechnica.com/news.ars/post/20080826-riaa-wins-p2p-case-after-defendant-reformats-hard-drive.html

What about..

Oops I slipped and molten slag fell on my hard drive?

Someone stole my HDD cage and beat the disk platters with a sledgehammer?

Oh well..

If I'm not mistaken, since no unencrypted data remains on your drive and only remains in memory... the file/partition used by truecrypt would just possibly be corrupted but still encrypted. HOWEVER, your RAM and/or swap partition/file may still have data showing you were downloading a torrent. If they literally freeze your ram soon after shutdown, they could later find out what data was in the ram prior to shutdown. On Linux you can encrypt your swap and home partitions which would help protect you along those lines. On windblows... not sure how to protect the swap except to not have one.

Idea... self destructing ram/encrypted home/encrypted swap/no logging period. The self destructing ram would be best used with a button that could be pressed and the ram literally explode. With that setup, if you hit the reset and hit the button, it would be a royal pain in the ass to prove there was any said data on the drives or in the ram. No proof, no case.

Well, considering that law enforcement aren't the most brightest of the bunch, I think that freezing RAM is taking the situation to the extreme. I can't remember the person's name that was involved with the mob, but the FBI seized his encrypted HD and they couldn't figure out the password to the drive. Needless to say,  the person was able to keep his mouth shut about his password...as he would be a witness against himself.

I'd just keep it encrypted and keep my mouth shut. But, if law enforcement were going to bust me on something like that, I'd assume that they would head to the ISP or VPN vendor and extract information as needed.

Keep your power cord wrapped around a chairleg? Then if they burst in (without warning, which I doubt even the RIAA can do quite yet.), just move back suddenly in your chair, panicked, and have it pull out the cord "accidentally" for you. (will not work in the UK, due to plug design)

Of course, bursting in unannounced is more SWAT team tactics, and for that they're gonna be suspecting you of doing a lot more than pirating a few copies of Monkeybone.

And RE: Installed torrent progs/logs; surely there are portable software torrent clients? uTorrent is pretty small. Not sure what marks it leaves in a system registry. Seems very self-contained, and easy enough to fit in the encrypted partition itself.

My technique is to have a hidden encrypted partition. Just claim ignorance. It would probably take them nearly my whole life to decrypt it even if they did find it using today's tech.

I recently took a data analysis class for school, which was an introduction on data recovery and forensic analysis.  The only way to ensure your data is not readable by someone else is physical destruction of the hard drive platters.  Current forensic software is very good, and is more than adequate for investigation of most computer users.  I have been told, I have not verified this, that even a hard disk that has been wiped, like bootnuked, can still be recovered.  While local Police Departments may not have the skills, they send it off to the state, and they do have the people and budget.  After taking that class, I have also gone with encryption as a means to better secure my data.  Although, there is a field of study known as counter-forensics that figures out bugs in the forensic software and exploits it.  Two very popular forensic software utils for law enforcement are DriveSpy and Forensic Tool Kit.  Knoppix STD may also be used because of price (free.)  One example of counter-forensics is using the old 42.zip virus / logic bomb.  While 42.zip is only 42 bytes, it expands to something like 42 terrabytes when extracted.  DriveSpy forensic software will attempt to open this file by default, and the expanded size of the file is usually to much for the forensic computers hard drive, and it will crash.  There are also tricks where you manually mark sectors as bad, then store info there.  When the software sees the sector is bad, it just skips it.  That does not work on all forensic software.  If your worried about the police seizing your computer and examining it, do some research on the software they use and the bugs that can exploit weaknesses.  But I also really like the thermite backup, you know, just in case

On the encryption, also do your homework.  I have employed TrueCrypt and have been pretty happy with it.  But this is not foolproof.  I primarily do not encrypt whole partitions, relying on file volumes.  While the data inside is protected, it can become unprotected rather easily.  I noticed that when deleting files out of the encrypted volumes, Windows will move the files to the recycle bin.  Now I still don't want that file read, but my data protection just got compromised right there.  Also, for Windows users, TrueCrypt will not protect your files from other programs that make backup copies.  For example, if you have a Word Document in a TrueCrypt volume, Word will automatically generate a backup file (unencrypted) once the file is opened in Word.  Again, security compromised.  I'm not saying TrueCrypt is bad software, I REALLY like it, but please do your homework before implementing additional security and not being aware of the software limitations.  On my next install, I hope to test an encrypted partition and see if that better meets my security needs.

these guys gave a talk at "the last hope" this year... it was over my head but i got the jist of it.

Essentially if you drop the mobo/ram in liquid nitro as it is shut down, it is possible to read the last state of the ram before it starts to deteriorate (the dataz not the ram).