You think an attacker would only need access to your computer for a few seconds to copy an entire unencrypted hard drive?
No, they only need to dump the RAM. They can then turn the laptop off. Later on in a lab they can use tool such as aesfind and FTK (used in Ross' case) to search the RAM dump for the encryption key and decrypt the drive, which must be stored in RAM in order for it to be able to read from the drive (though there are now new projects that are storing keys in the CPU debug registries, which is an awesome idea but it's very experimental right now).
That is interesting because I believe in Ross's case, the FBI was able to get everything except for the RAM - I remember reading that, due to a power issue they were not able to determine what exactly Ross was running/looking at when his laptop was pulled from him - but maybe
all they got before his security measures kicked in was the encryption key.
If the encryption software were programmed to automatically encrypt the entire hard drive after n minutes with the absence of a password, then someone in the process of copying the hard drive would not be able to continue doing so after n minutes.
I think you are confused. How it works is that data written to the drive is encrypted, but in order to read the drive the password needs to be stored in RAM, and shutting it down clears the ram. Once they have the password, thats all they need they can turn the thing off.
This could potentially be countered by using some kind of time based key (similar to how authy works) Scratch that, I think this would be defeated by having the encryption key stored in RAM. It sounds like the key here (no pun intended) is to keep your RAM secure).
The software prompting a password would be based on time, not computer activity.
If the thing is prompting me every 15 minutes for a password it's going to bug me out and after about a week I'll either turn it off or go mentally insane. And if I keep using it eventually I'll give in and use a weak pasword. And if I'm being watched by the FBI there is no way I'm going to be able to enter a secret password every 15 minutes without them knowing.
You could potentially enter some kind of code based on the response it gives you. It could be very simply as long as it is not static, and as long as you only have a very short amount of time to enter it and only have one chance, or else the computer shuts down
Other solutions would be to have some kind of USB stick/drive that would serve as a kill switch in the event that it is unplugged, such USB drive would be tethered to either his wrist or neck so if the laptop is pulled away from him then it would be unplugged and the computer would shut down.
G-sensor is probably better IMO.
I have been a speculator watching Silk Road for a while, longer then I have been into bitcoin; I actually got the idea from a post on either SR1 or SR2 forums shortly after SR1 was shut down.