| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jan 2011 18:55:27 +0100 From: stormrider <strmrdr42@...oo.de> To: full-disclosure@...ts.grok.org.uk Subject: Re: ESFS - The encrypted steganography filesystem Hey Tomás, this sounds like a nice idea. Especially the fact that you kinda "overmount" one filesystem over another to access hidden data. But - as far as I know there is actually no steganography technique that can really *hide* the data. So you will not be able to prevent someone from finding out that there is some information inside the images. You might want to read Attacks on Steganographic Systems. Andreas Pfitzmann: Information Hiding. Third International Workshop, IH'99, Dresden, Germany This should clarify things ;-) My information might be out of date, but after that publication it became very silent around steganography and I haven't heard any news since then... regards, stormrider Am 12.01.2011 20:08, schrieb Tomás Touceda: > Hello everyone, > > I wanted to announce this little pet project that was born a couple of > weeks ago, and now it sees the light in the form of a proof of > concept, in hopes that it'll become a fully featured filesystem. > Here's an extract of the main README text: > > ============================================================================ > > What's this? > > Just like the title says, it's a filesystem. Particularly, it's a FUSE > filesystem that's implemented entirely in Python (for now), and it's a > proof of concept in alpha state, so don't save stuff only within this > filesystem just yet. A couple of weeks ago, I started reading about > and playing with encrypted filesystems (LUKS + dmcrypt, encfs, etc). I > came across an email (actually, a friend of mine tossed me the link) > from the now well-known Assange, about a Linux kernel module he and > other people were working on that provided different layers of > encryption in a filesystem, so you can say "oh, yes, I have encrypted > data in here", but in a deeper layer you'd have more encrypted data, > with another key, and nobody but you would know about it. And I > thought it was a really cool idea. I started looking for the code, but > it was too old to be used with the current kernel. A couple of days > before that, I read about StegFS, a filesystem that uses steganography > to hide your files within your other files. And again, I thought it > was a really cool idea, BUT I didn't like the fact that (and please > correct me if I'm wrong) when you copied a file in StegFS, there's a > chance you'll lose some other file. So, this one is usable, but this > drawback didn't suit me. I started bouncing ideas with a lot of > friends, and then it hit me: a filesystem, hides its data in images > and encrypts this data. I wanted to build a FUSE filesystem since I > first learned about it, so I finally had an idea to work with. This > idea gives you the same advantages of Assange's kernel module: you > have a bunch of images that seem like regular files, but when you > mount the filesystem with certain parameters BAM! you have lots of > files that nobody knew were there. > > ============================================================================ > > You can find the rest of this README, a more detail design document, > and the actual code in: https://github.com/chiiph/esfs > > If you find any bugs, please let me know. > Any comments and critics are more than welcome. > > Regards, _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists