I didn't envision a usecase, I just found the question of whether this is possible interesting. If I had to guess, this will break more things than it will help with - the filesystems are independent, not "synchronized".
Add encryption support for the ext2 part and it's a decent upper "security through obscurity" layer. If the wrong person finds your USB stick, they will likely only ever notice the FAT filesystem. Like for a spy dead drop use case.
This seems about as likely to work as hiding emails in the draft folder and not sending them. Computer forensics have looked at all the bytes on the disk, not just the active files reachable from the root directory, for decades.
> “First of all, I just wanted to say that none of us know [how it happened],” Stone said at the Q&A, when asked about how they came up with it. “[Snowden]’s the only one who knows, and one day he may reveal it. And number two, it was his idea — it was a suggestion that we responded to and ran with.”
I'd imagine they would have done forensics if he was caught with an sd card at a checkpoint, but I'm not sure one would set off a metal detector in the first place. It's more likely a security org would epoxy the sd and usb slots on computers with confidential data, or have audits for any usb devices the hosts encounter.
"He [Snowden] said that the Rubik’s cube was put in for the film and he wouldn’t be divulging how he smuggled out information. However, he added, everyone in the office did have a Rubik’s cube. “So they were floating around and coming in and out all the time,” he said."
Or more pratical: a partition on the SD card of your phone that can boot to a live linux, then store the live data locally in the ext2 part
I did try to do that with my android phone, but apparently it requires some specific kernel modules. I've to figure out which, and how to cross compile them for the phone kernel.
JFYI, in order to try and solve a specific problem some 13 years go we envisioned (and also started as POC) a "OFS" or "Overlapped File System", where a filesystem contained also a (partial) image of itself (mappable as image):
Basically a same file (same extents) was accessible both from the "outer" and from the "inner" filesystems.
Then the idea was abandoned as another valid (and also simple/existing) solution to the actual problem was found through the use of "included in the standard" CDFS graft points:
