Stego file system (Was: Inaccurate study)
Julian Assange
proff at iq.org
05 Apr 1998 23:08:08 +1000
Ross Anderson <Ross.Anderson@cl.cam.ac.uk> writes:
> The week after next, I will be giving a paper at Portland about the
> Steganographic File System. This has the property that it will give
> you the contents of any file (or directory) whose name and password
> you know, but without a correct combination of name and password
> you can't obtain any evidence at all that the file is even there.
>
> If implemented for Windows, this would be the most unpleasant thing
> imaginable from the point of view of a police forensic lab. Crooks
> could hide their drug deals, kiddieporn and so on on their laptops
> together with some `innocuous' secrets such as lists of sales
> prospects for their cover business. Given a decryption warrant,
> they hand over the password for the directories containing these
> cover secrets.
>
> Of course, the stego file system will be completely unaffected by
> the DTI's proposed legislation - whether the previous government's
> version or the new, spun, version.
>
> The paper's at http://www.cl.cam.ac.uk/users/rja14/#Tempest
>
> Ross
>
> PS: No, before you ask, I don't intend to write a version for Windows!
Ross, I've already written one of these - 'marutukku'. It runs as a loadable
kernel module under FreeBSD and Linux, with an NT port underway.
Cheers,
Julian.