lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <AANLkTineyAoWbYuOE=pUBzfMZ28iBg0S4puHsb0-2C6e@mail.gmail.com>
Date: Thu, 13 Jan 2011 13:10:53 -0800
From: coderman <coderman@...il.com>
To: stormrider <strmrdr42@...oo.de>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: ESFS - The encrypted steganography filesystem

On Thu, Jan 13, 2011 at 9:55 AM, stormrider <strmrdr42@...oo.de> wrote:
> ...
> this sounds like a nice idea. Especially the fact that you kinda
> "overmount" one filesystem over another to access hidden data.
> But - as far as I know there is actually no steganography technique that
> can really *hide* the data. So you will not be able to prevent someone
> from finding out that there is some information inside the images. You
> might want to read
>
> Attacks on Steganographic Systems. Andreas Pfitzmann:
> Information Hiding. Third International Workshop, IH'99, Dresden, Germany

my favorite steganographic file system design used bits in inodes for
storage. the benefit of this more stealthy mechanism is offset by the
vastly expanded storage requirements. you need a *lot* of files to
have enough inodes in play to be useful.

this would not be vulnerable to the trivial unmasking that image based
storage or other similar approaches take (like mentioned in the paper
above) although it is unclear exactly how sparse and subtle the inode
modification must be across a large, populated file system to be
effective.

alas, i remember hearing about this from a certain fellow at DC13 and
never heard more...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ