From: “Deranged Mutant” <WlkngOwl@unix.asb.com>
To: Adam Back <aba@atlas.ex.ac.uk>
Message Hash: 4f5fcb16c4169e4f82061306452dc543d492cf09e008b66c1032584a6aa55982
Message ID: <199607191718.NAA04087@unix.asb.com>
Reply To: N/A
UTC Datetime: 1996-07-20 13:24:55 UTC
Raw Date: Sat, 20 Jul 1996 21:24:55 +0800
From: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Date: Sat, 20 Jul 1996 21:24:55 +0800
To: Adam Back <aba@atlas.ex.ac.uk>
Subject: Re: Opiated file systems
Message-ID: <199607191718.NAA04087@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain
On 18 Jul 96 at 11:01, Adam Back wrote:
> For plausibility it would probably be best if very few people used the
> duress key feature.
And how can you guarantee that? Also: an attacker doesn't care about
what percentage of (other) users use duress feature of not. His
concern is whether you use it.
Note that you'd have to be careful of what you say and do over email
in the clear (or encrypted to someone cooperating with an attacker):
if you post an excerpt of source code or maybe somehting like
Edupage, or if you save mail, there might be reason enough for the
attacker to expect to see some of that on your encrypted fs after
he's rubber-hosed your key from you. If he doesn't, and he knows you
have a possibility of using the duress-key feature...
Oh yeah. Psychology is a good way of determining the likelihood of
using a duress system.
With the extra work and overhead of a duress system, you're better
off using stego on some gifs or graphics files.
Rob
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto)
AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.
Return to July 1996
Return to “JonWienk@ix.netcom.com”