Home Office question on wiped rather than encrypted data.

[Ross Anderson]

"Selkirk,A,Alexander,NZG6 R" wrote:
> 
> Presumably the operating system must have some way of telling when disk
> space is in use - otherwise encrypted data could just be overwritten when a
> new file is created?

See our paper on the Steganographic File System, which is available
from <http://www.cl.cam.ac.uk/users/rja14/#Tempest>. There's also an
implementation for Linux linked there. It was designed to be pretty
solidly plod-proof.

Volunteers to write a Windows version, anyone?

Ross

PS: It being the end of March, I'm now getting large piles of
applications on my desk from people who want to do PhDs in computer
security with us. Slightly over half of them want to tackle anonymity,
steganography, plausible deniability and similar topics.  I find it
hard to believe that this is entirely independent of the recent
conduct of Her Majesty's Government. 

In fact, by the time the dust settles in about 2010, I expect that the
RIP bill will be seen by cops and spooks alike as having been a
spectacular own goal - just like Clipper in the USA. But by then, the
apparently responsible people such as Charles Clarke will all have
retired, as will the really responsible people at the top of the
various agencies. So there might be a lot to be said for appointing as
Director GCHQ someone who's still in her thirties.