1 |
I forgot a valuable argument! |
2 |
|
3 |
Because you mainly intend to read from the hidden container (you want your |
4 |
TOR demon binary and libraries to be readable and not writable after you |
5 |
mounted your container) the steganographic technology provided is very |
6 |
suitable for your purpose achieving in a more efficient way the "hiding" |
7 |
property of the task. |
8 |
Just so that you know there other different ways to achieve your goal. |
9 |
|
10 |
Thanks for reading |
11 |
|
12 |
On 7/1/07, Erick M <balkira@×××××.com> wrote: |
13 |
> |
14 |
> Nelson, |
15 |
> |
16 |
> Ok, I understand, thanks for clarifying. |
17 |
> So we can narrow down all those scenarios to one type of attack: theft by |
18 |
> third part (or yourself). |
19 |
> |
20 |
> It does not protect more the user while he uses it nor from potential |
21 |
> "after-use" trails. Either you lose the livecd along with your identity (or |
22 |
> data that leads to your identity) and you get caught or while using the |
23 |
> software you get caught (like your TOR connections have been detected). |
24 |
> The only purpose and advantage encryption would have is to obfuscate some |
25 |
> passwords like in the firefox example you gave. |
26 |
> |
27 |
> Now, from a legal point of view, being caught with an encrypted material |
28 |
> whether livecd or not in major countries (UK,GER,FR,US,china) requires from |
29 |
> you the decryption key (us patriot act, uk RIP act, etc) or else you can |
30 |
> straight take up to few years in some cases without much chance of having of |
31 |
> good defense (china=torture?). So in 95% of cases you end up giving away |
32 |
> your key to prove that you are not a spy from whatever organisation and that |
33 |
> at least you hadn't that bad intention with your encrypted software. And you |
34 |
> do handle the key in the objective of lowering the sentence you get for |
35 |
> being caught in the first place. |
36 |
> |
37 |
> I think that encryption has nothing to do with hiding. In the contrary, it |
38 |
> is like a big flag standing saying "hey look at me I got something to hide, |
39 |
> come and get me!". It is just obfuscating technology. |
40 |
> |
41 |
> The real solution to your problem would be to use a steganographic layer ( |
42 |
> http://en.wikipedia.org/wiki/Steganography ) . Not for the whole squashfs |
43 |
> but only for a single file (whatever the size) inside a clear livecd. Note |
44 |
> that 20% of the size of that file is really containing data, you do not want |
45 |
> to push too much (50%) or we get data loss (blocks from different containers |
46 |
> overwriting them) in an exponentially manner. |
47 |
> |
48 |
> You want to be able to *deny* that you are in possession of such material. |
49 |
> Go from the basis that if you get caught you will *have to* handle your key |
50 |
> away. That is real practice because you can get 5 times more being secretive |
51 |
> than actual real sentence against the data you want to hide. |
52 |
> A steganographic FS will allow you when being caught with your livecd of |
53 |
> saying first: "it is a clear livecd!" Sounds idiotic but believe me, it is |
54 |
> the best start for the official police questioning. Then in the worst case |
55 |
> scenario, they find your single encrypted file and ask you for the key which |
56 |
> you will provide one of the many different you have set up (properties of a |
57 |
> steganographic FS), which will decrypt a part of that encrypted file, |
58 |
> discovering data that will not incriminate you so far for just having a |
59 |
> picture of your dog. |
60 |
> Charges are dropped, you justify your secretive attitude as being |
61 |
> respectful of your privacy rights and next morning you wake up in your bed! |
62 |
> |
63 |
> Because I want to be fair, I think having an encryption layer is great for |
64 |
> catalyst, but when related to the specific purpose you described you would |
65 |
> better at least give a try to a steganographic FS if you really fear the |
66 |
> sentence you can get for the data you are hiding. |
67 |
> |
68 |
> You will not find much (I mean actual real software) besides some |
69 |
> linux-2.2 tweak over ext2 "proof-of-concept" (10years old not stable |
70 |
> unreliable) and an update by some chinese with 2.4 but the whole is mainly |
71 |
> broken and I guess somehow a little taboo, the projects seems dead, no main |
72 |
> other projects have been replaced. |
73 |
> |
74 |
> You can try an implementation I have worked on few years ago. It does |
75 |
> everything that I have described (in a non friendly C hardcore way) so far |
76 |
> and is called denyfs. |
77 |
> |
78 |
> It is not a driver, and can be started in userland if the correct losetup |
79 |
> and cryptsetup have been done. |
80 |
> |
81 |
> http://www.openchill.org/2005/06/denyfs_a_steganographic_file_s.php#more |
82 |
> |
83 |
> have a look there, it is not fully stable, requires manual compilation and |
84 |
> configuration though it does the job (I made a quick GUI in gtk if you |
85 |
> provide the gtk USE flag). Follow the howto to get a grip on it. And |
86 |
> remember if you want to retrieve with a 90% probability your data as you |
87 |
> have put them in the box, do not exceed 15-20% of the total size of the |
88 |
> file! And even do not be surprised when it happens. |
89 |
> |
90 |
> Steganography is a concept that aims at small and *static* file system. Do |
91 |
> not even think about putting an OS(where files are dynamically arranged |
92 |
> again and again) inside a steganographic FS, it is as of the concepts and |
93 |
> mathematics we have simply impossible. |
94 |
> |
95 |
> I didn't realized I wrote so much, I'm just passioned by this topic |
96 |
> because of past experiences moving from one country to another. I am |
97 |
> currently developing a Portage based GNU/Linux natively encrypted OS and I'm |
98 |
> about to re open DenyFS inside that distribution by stabilizing it, hence my |
99 |
> reason for being so communicative. |
100 |
> |
101 |
> Thanks for reading |
102 |
> |
103 |
> erick |
104 |
> |
105 |
> On 7/1/07, Nelson Batalha <nelson_batalha@××××.pt> wrote: |
106 |
> > |
107 |
> > Hi Erick, |
108 |
> > |
109 |
> > There are many uses for this! |
110 |
> > |
111 |
> > They mainly come from the fact that now you can have sensitive |
112 |
> > information everywhere on your cd root, and not be afraid of losing your cd, |
113 |
> > either physically (happens to me all the time), or in the net if you don't |
114 |
> > want an open distribution. |
115 |
> > |
116 |
> > -Read on for examples: |
117 |
> > |
118 |
> > 1) If you're in a country like China and you can't have applications |
119 |
> > like Tor on your desktop (suspicious), you can just make a livecd and try to |
120 |
> > disguise it as something else by filling the filesystem. Also it's portable |
121 |
> > and replicable. You could also encrypt your hard drive, but this way you |
122 |
> > don't have to worry if they take it for testing. Specially if using luks on |
123 |
> > the desktop (no plausible deniability). It's also much easier to hide a |
124 |
> > mini-cd/dvd physically. |
125 |
> > |
126 |
> > 2) Also for instance, I'm going away next semester and I won't be taking |
127 |
> > a laptop. However I would like to use gentoo, my favourite programs and have |
128 |
> > my passwords stored in them (like Firefox), and transport some personal |
129 |
> > and/or sensitive files. (only option is put those files in an encrypted |
130 |
> > container and extract them on *every* boot). |
131 |
> > |
132 |
> > 3) If you're creating some official livecd and would like to test it |
133 |
> > with some group, but for security reasons you prefered if nobody else tested |
134 |
> > it. |
135 |
> > |
136 |
> > 4) In general companies/organizations can create a easily updatable |
137 |
> > portable working environment and mail it or publish it online. |
138 |
> > |
139 |
> > Etc. |
140 |
> > |
141 |
> > Take care, |
142 |
> > Nelson |
143 |
> > |
144 |
> |
145 |
> |