From: baumbach@atmel.com ( )
To: cypherpunks@toad.com
Message Hash: e0fff108a0c0074c720d33a27fcdf93578d97b406942b2ac085adcb45ae225ad
Message ID: <9401032054.AA09864@trident.chp.atmel.com>
Reply To: N/A
UTC Datetime: 1994-01-03 21:38:58 UTC
Raw Date: Mon, 3 Jan 94 13:38:58 PST
From: baumbach@atmel.com ( )
Date: Mon, 3 Jan 94 13:38:58 PST
To: cypherpunks@toad.com
Subject: Risk and Opportunity
Message-ID: <9401032054.AA09864@trident.chp.atmel.com>
MIME-Version: 1.0
Content-Type: text/plain
I stumbled onto a pair of programs called seejunk.exe and prune.exe this
past week. It seems that files are stored on disk media in fixed units
called clusters. Your file size is usually not an integral multiple of
disk clusters in size, so the ends of your file is followed by random
data to fill up that last cluster. Random is a bad choice of words
though. I suppose each system is different, but under DOS, the extra
fill data is a copy of a piece of whatever you had in memory at the time
your system wrote the file. You could have information written to disk
that you do not wish to have there, and seejunk.exe will show it to you
... and anyone else. prune.exe is the solution offered. Using this
program, I wrote "This space intentionally left blank " repeating in
the 5K of space sitting at the end of the doc file for these two programs.
That was the risk and the fix available. There is also an opportunity
here. Encrypted information could be stored at the end of your files.
In other words this is an opportunity for steganography. You would
have to be careful though; any disk operation involving that file could
corrupt your encrypted data.
I don't have full access to the internet. If someone finds these
programs on the internet, can they post the location here. If the
files aren't on the internet, I can email them to anyone that wants
to post them to the cypherpunk ftp site.
Peter Baumbach
baumbach@atmel.com
Return to January 1994
Return to “ferguson@icm1.icp.net (Paul Ferguson)”