Re: [gentoo-catalyst] Encrypted livecd's - need testers - gentoo-catalyst

From:	Erick M <balkira@×××××.com>
To:	gentoo-catalyst@l.g.o
Subject:	Re: [gentoo-catalyst] Encrypted livecd's - need testers
Date:	Sun, 01 Jul 2007 12:32:35
Message-Id:	`e47df0b0707010532v24bed593we2924f46c6fbbd1d@mail.gmail.com`
In Reply to:	Re: [gentoo-catalyst] Encrypted livecd's - need testers by Erick M

1

I forgot a valuable argument!

2

3

Because you mainly intend to read from the hidden container (you want your

4

TOR demon binary and libraries to be readable and not writable after you

5

mounted your container) the steganographic technology provided is very

6

suitable for your purpose achieving in a more efficient way the "hiding"

7

property of the task.

8

Just so that you know there other different ways to achieve your goal.

9

10

Thanks for reading

11

12

On 7/1/07, Erick M <balkira@×××××.com> wrote:

13

>

14

> Nelson,

15

>

16

> Ok, I understand, thanks for clarifying.

17

> So we can narrow down all those scenarios to one type of attack: theft by

18

> third part (or yourself).

19

>

20

> It does not protect more the user while he uses it nor from potential

21

> "after-use" trails. Either you lose the livecd along with your identity (or

22

> data that leads to your identity) and you get caught or while using the

23

> software you get caught (like your TOR connections have been detected).

24

> The only purpose and advantage encryption would have is to obfuscate some

25

> passwords like in the firefox example you gave.

26

>

27

> Now, from a legal point of view, being caught with an encrypted material

28

> whether livecd or not in major countries (UK,GER,FR,US,china) requires from

29

> you the decryption key (us patriot act, uk RIP act, etc) or else you can

30

> straight take up to few years in some cases without much chance of having of

31

> good defense (china=torture?). So in 95% of cases you end up giving away

32

> your key to prove that you are not a spy from whatever organisation and that

33

> at least you hadn't that bad intention with your encrypted software. And you

34

> do handle the key in the objective of lowering the sentence you get for

35

> being caught in the first place.

36

>

37

> I think that encryption has nothing to do with hiding. In the contrary, it

38

> is like a big flag standing saying "hey look at me I got something to hide,

39

> come and get me!". It is just obfuscating technology.

40

>

41

> The real solution to your problem would be to use a steganographic layer (

42

> http://en.wikipedia.org/wiki/Steganography ) . Not for the whole squashfs

43

> but only for a single file (whatever the size) inside a clear livecd. Note

44

> that 20% of the size of that file is really containing data, you do not want

45

> to push too much (50%) or we get data loss (blocks from different containers

46

> overwriting them) in an exponentially manner.

47

>

48

> You want to be able to *deny* that you are in possession of such material.

49

> Go from the basis that if you get caught you will *have to* handle your key

50

> away. That is real practice because you can get 5 times more being secretive

51

> than actual real sentence against the data you want to hide.

52

> A steganographic FS will allow you when being caught with your livecd of

53

> saying first: "it is a clear livecd!" Sounds idiotic but believe me, it is

54

> the best start for the official police questioning. Then in the worst case

55

> scenario, they find your single encrypted file and ask you for the key which

56

> you will provide one of the many different you have set up (properties of a

57

> steganographic FS), which will decrypt a part of that encrypted file,

58

> discovering data that will not incriminate you so far for just having a

59

> picture of your dog.

60

> Charges are dropped, you justify your secretive attitude as being

61

> respectful of your privacy rights and next morning you wake up in your bed!

62

>

63

> Because I want to be fair, I think having an encryption layer is great for

64

> catalyst, but when related to the specific purpose you described you would

65

> better at least give a try to a steganographic FS if you really fear the

66

> sentence you can get for the data you are hiding.

67

>

68

> You will not find much (I mean actual real software) besides some

69

> linux-2.2 tweak over ext2 "proof-of-concept" (10years old not stable

70

> unreliable) and an update by some chinese with 2.4 but the whole is mainly

71

> broken and I guess somehow a little taboo, the projects seems dead, no main

72

> other projects have been replaced.

73

>

74

> You can try an implementation I have worked on few years ago. It does

75

> everything that I have described (in a non friendly C hardcore way) so far

76

> and is called denyfs.

77

>

78

> It is not a driver, and can be started in userland if the correct losetup

79

> and cryptsetup have been done.

80

>

81

> http://www.openchill.org/2005/06/denyfs_a_steganographic_file_s.php#more

82

>

83

> have a look there, it is not fully stable, requires manual compilation and

84

> configuration though it does the job (I made a quick GUI in gtk if you

85

> provide the gtk USE flag). Follow the howto to get a grip on it. And

86

> remember if you want to retrieve with a 90% probability your data as you

87

> have put them in the box, do not exceed 15-20% of the total size of the

88

> file! And even do not be surprised when it happens.

89

>

90

> Steganography is a concept that aims at small and *static* file system. Do

91

> not even think about putting an OS(where files are dynamically arranged

92

> again and again) inside a steganographic FS, it is as of the concepts and

93

> mathematics we have simply impossible.

94

>

95

> I didn't realized I wrote so much, I'm just passioned by this topic

96

> because of past experiences moving from one country to another.  I am

97

> currently developing a Portage based GNU/Linux natively encrypted OS and I'm

98

> about to re open DenyFS inside that distribution by stabilizing it, hence my

99

> reason for being so communicative.

100

>

101

> Thanks for reading

102

>

103

> erick

104

>

105

> On 7/1/07, Nelson Batalha <nelson_batalha@××××.pt> wrote:

106

> >

107

> > Hi Erick,

108

> >

109

> > There are many uses for this!

110

> >

111

> > They mainly come from the fact that now you can have sensitive

112

> > information everywhere on your cd root, and not be afraid of losing your cd,

113

> > either physically (happens to me all the time), or in the net if you don't

114

> > want an open distribution.

115

> >

116

> > -Read on for examples:

117

> >

118

> > 1) If you're in a country like China and you can't have applications

119

> > like Tor on your desktop (suspicious), you can just make a livecd and try to

120

> > disguise it as something else by filling the filesystem. Also it's portable

121

> > and replicable. You could also encrypt your hard drive, but this way you

122

> > don't have to worry if they take it for testing. Specially if using luks on

123

> > the desktop (no plausible deniability). It's also much easier to hide a

124

> > mini-cd/dvd physically.

125

> >

126

> > 2) Also for instance, I'm going away next semester and I won't be taking

127

> > a laptop. However I would like to use gentoo, my favourite programs and have

128

> > my passwords stored in them (like Firefox), and transport some personal

129

> > and/or sensitive files. (only option is put those files in an encrypted

130

> > container and extract them on *every* boot).

131

> >

132

> > 3) If you're creating some official livecd and would like to test it

133

> > with some group, but for security reasons you prefered if nobody else tested

134

> > it.

135

> >

136

> > 4) In general companies/organizations can create a easily updatable

137

> > portable working environment and mail it or publish it online.

138

> >

139

> > Etc.

140

> >

141

> > Take care,

142

> > Nelson

143

> >

144

>

145

>

1	I forgot a valuable argument!
2
3	Because you mainly intend to read from the hidden container (you want your
4	TOR demon binary and libraries to be readable and not writable after you
5	mounted your container) the steganographic technology provided is very
6	suitable for your purpose achieving in a more efficient way the "hiding"
7	property of the task.
8	Just so that you know there other different ways to achieve your goal.
9
10	Thanks for reading
11
12	On 7/1/07, Erick M <balkira@×××××.com> wrote:
13	>
14	> Nelson,
15	>
16	> Ok, I understand, thanks for clarifying.
17	> So we can narrow down all those scenarios to one type of attack: theft by
18	> third part (or yourself).
19	>
20	> It does not protect more the user while he uses it nor from potential
21	> "after-use" trails. Either you lose the livecd along with your identity (or
22	> data that leads to your identity) and you get caught or while using the
23	> software you get caught (like your TOR connections have been detected).
24	> The only purpose and advantage encryption would have is to obfuscate some
25	> passwords like in the firefox example you gave.
26	>
27	> Now, from a legal point of view, being caught with an encrypted material
28	> whether livecd or not in major countries (UK,GER,FR,US,china) requires from
29	> you the decryption key (us patriot act, uk RIP act, etc) or else you can
30	> straight take up to few years in some cases without much chance of having of
31	> good defense (china=torture?). So in 95% of cases you end up giving away
32	> your key to prove that you are not a spy from whatever organisation and that
33	> at least you hadn't that bad intention with your encrypted software. And you
34	> do handle the key in the objective of lowering the sentence you get for
35	> being caught in the first place.
36	>
37	> I think that encryption has nothing to do with hiding. In the contrary, it
38	> is like a big flag standing saying "hey look at me I got something to hide,
39	> come and get me!". It is just obfuscating technology.
40	>
41	> The real solution to your problem would be to use a steganographic layer (
42	> http://en.wikipedia.org/wiki/Steganography ) . Not for the whole squashfs
43	> but only for a single file (whatever the size) inside a clear livecd. Note
44	> that 20% of the size of that file is really containing data, you do not want
45	> to push too much (50%) or we get data loss (blocks from different containers
46	> overwriting them) in an exponentially manner.
47	>
48	> You want to be able to deny that you are in possession of such material.
49	> Go from the basis that if you get caught you will have to handle your key
50	> away. That is real practice because you can get 5 times more being secretive
51	> than actual real sentence against the data you want to hide.
52	> A steganographic FS will allow you when being caught with your livecd of
53	> saying first: "it is a clear livecd!" Sounds idiotic but believe me, it is
54	> the best start for the official police questioning. Then in the worst case
55	> scenario, they find your single encrypted file and ask you for the key which
56	> you will provide one of the many different you have set up (properties of a
57	> steganographic FS), which will decrypt a part of that encrypted file,
58	> discovering data that will not incriminate you so far for just having a
59	> picture of your dog.
60	> Charges are dropped, you justify your secretive attitude as being
61	> respectful of your privacy rights and next morning you wake up in your bed!
62	>
63	> Because I want to be fair, I think having an encryption layer is great for
64	> catalyst, but when related to the specific purpose you described you would
65	> better at least give a try to a steganographic FS if you really fear the
66	> sentence you can get for the data you are hiding.
67	>
68	> You will not find much (I mean actual real software) besides some
69	> linux-2.2 tweak over ext2 "proof-of-concept" (10years old not stable
70	> unreliable) and an update by some chinese with 2.4 but the whole is mainly
71	> broken and I guess somehow a little taboo, the projects seems dead, no main
72	> other projects have been replaced.
73	>
74	> You can try an implementation I have worked on few years ago. It does
75	> everything that I have described (in a non friendly C hardcore way) so far
76	> and is called denyfs.
77	>
78	> It is not a driver, and can be started in userland if the correct losetup
79	> and cryptsetup have been done.
80	>
81	> http://www.openchill.org/2005/06/denyfs_a_steganographic_file_s.php#more
82	>
83	> have a look there, it is not fully stable, requires manual compilation and
84	> configuration though it does the job (I made a quick GUI in gtk if you
85	> provide the gtk USE flag). Follow the howto to get a grip on it. And
86	> remember if you want to retrieve with a 90% probability your data as you
87	> have put them in the box, do not exceed 15-20% of the total size of the
88	> file! And even do not be surprised when it happens.
89	>
90	> Steganography is a concept that aims at small and static file system. Do
91	> not even think about putting an OS(where files are dynamically arranged
92	> again and again) inside a steganographic FS, it is as of the concepts and
93	> mathematics we have simply impossible.
94	>
95	> I didn't realized I wrote so much, I'm just passioned by this topic
96	> because of past experiences moving from one country to another. I am
97	> currently developing a Portage based GNU/Linux natively encrypted OS and I'm
98	> about to re open DenyFS inside that distribution by stabilizing it, hence my
99	> reason for being so communicative.
100	>
101	> Thanks for reading
102	>
103	> erick
104	>
105	> On 7/1/07, Nelson Batalha <nelson_batalha@××××.pt> wrote:
106	> >
107	> > Hi Erick,
108	> >
109	> > There are many uses for this!
110	> >
111	> > They mainly come from the fact that now you can have sensitive
112	> > information everywhere on your cd root, and not be afraid of losing your cd,
113	> > either physically (happens to me all the time), or in the net if you don't
114	> > want an open distribution.
115	> >
116	> > -Read on for examples:
117	> >
118	> > 1) If you're in a country like China and you can't have applications
119	> > like Tor on your desktop (suspicious), you can just make a livecd and try to
120	> > disguise it as something else by filling the filesystem. Also it's portable
121	> > and replicable. You could also encrypt your hard drive, but this way you
122	> > don't have to worry if they take it for testing. Specially if using luks on
123	> > the desktop (no plausible deniability). It's also much easier to hide a
124	> > mini-cd/dvd physically.
125	> >
126	> > 2) Also for instance, I'm going away next semester and I won't be taking
127	> > a laptop. However I would like to use gentoo, my favourite programs and have
128	> > my passwords stored in them (like Firefox), and transport some personal
129	> > and/or sensitive files. (only option is put those files in an encrypted
130	> > container and extract them on every boot).
131	> >
132	> > 3) If you're creating some official livecd and would like to test it
133	> > with some group, but for security reasons you prefered if nobody else tested
134	> > it.
135	> >
136	> > 4) In general companies/organizations can create a easily updatable
137	> > portable working environment and mail it or publish it online.
138	> >
139	> > Etc.
140	> >
141	> > Take care,
142	> > Nelson
143	> >
144	>
145	>

Gentoo Archives: gentoo-catalyst