Is it possible to have a third volume as well, opened with a different key? Or a fourth?
Maybe the solution is to have a first "primary" partition, then an "under duress" partition which you'll fight tooth and nail to protect, filing every appeal possible... and if you finally do give up the key, it's filled with entirely legal but extremely embarrassing pornography, plus a few self-written Harry Potter fanfictions.
Meanwhile, whatever you're ACTUALLY trying to hide is on a third.
Sure, it's a big damn hassle, but if you're conscious enough about the stuff you're trying to hide to go with a TrueCrypt hidden volume, it'll be worth your effort.
(I'm not actually sure this is possible, but if it is, I'm sure someone else has come up with it already.)
I've been wondering about this every time someone brings this up. So you use Truecrypt to secure your disk, and have say a "naughty" partition and two "clean" ones, for plausible deniability.
Won't the police in the event they have compelled you to unlock your HDD check how big the partition is? If you have a 500GB disk divided by three say with the 20GB "naughty" partition, a 20GB "double-decoy" and a 460GB "decoy" partition won't the police pull the disk out, look at the label on it which says "Seagate 500GB" and say "You have 20GB left on this disk we haven't seen yet. Unlock it."?
Or is there a way in which trucrypt can hide your hidden partitions in a way that a) they don't look like randomized/encrypted data and b) it isn't obvious there is space "missing" from your disk.
That's the beauty of full-disk encryption. Even the empty space is encrypted. So the hidden volume is truly hidden. Even TrueCrypt has no idea the hidden volume exists if you unlock the outer volume with a different key.
Truly empty-space is indistinguishable from a secret inner volume.
Why can't I write a program that tries to expand itself to use any available space, then runs in to a wall if the "empty space" is actually encrypted data? If the space used by data + my program adds up to less than the total capacity of the disk, it indicates something is hiding right?
You seem to be misunderstanding. Read your parent's last line again. "Empty space" is indistinguishable from encrypted data. On the hard disk, everything will just look like randomized bits, empty space and data alike. There is no way to write the program you propose without the encryption key(s). So there's no way to tell, unless you have all the keys.
The program will just overwrite the data of the hidden volume. That's why it's important to have a lot of empty ("empty") space on the primary volume when you have a hidden volume there.
AIUI, Truecrypt is actually very clever about this. Until decrypted, every TrueCrypt partition consists of nothing more than random data. This, combined with the fact that hidden volumes are actually stored within your first / outer partition it should make it impossible to analyze whether other volumes / partitions exist.
Maybe the solution is to have a first "primary" partition, then an "under duress" partition which you'll fight tooth and nail to protect, filing every appeal possible... and if you finally do give up the key, it's filled with entirely legal but extremely embarrassing pornography, plus a few self-written Harry Potter fanfictions.
Meanwhile, whatever you're ACTUALLY trying to hide is on a third.
Sure, it's a big damn hassle, but if you're conscious enough about the stuff you're trying to hide to go with a TrueCrypt hidden volume, it'll be worth your effort.
(I'm not actually sure this is possible, but if it is, I'm sure someone else has come up with it already.)