From: Adam Back <aba@dcs.ex.ac.uk>
To: WlkngOwl@unix.asb.com
Message Hash: 71184cb1ccc9e7f7c95d9ba05e179cb5251fc8cd1e579089640077300e474ef9
Message ID: <199607191743.SAA00535@server.test.net>
Reply To: <199607191718.NAA04076@unix.asb.com>
UTC Datetime: 1996-07-20 12:47:27 UTC
Raw Date: Sat, 20 Jul 1996 20:47:27 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 20 Jul 1996 20:47:27 +0800
To: WlkngOwl@unix.asb.com
Subject: Re: Opiated file systems
In-Reply-To: <199607191718.NAA04076@unix.asb.com>
Message-ID: <199607191743.SAA00535@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain
Rob <WlkngOwl@unix.asb.com> writes:
> On 18 Jul 96 at 22:48, Adam Back wrote:
> [...]
> > ie. the attacker can not tell without the hidden file system key (if
> > one exists) whether the unused space on your drive is really just
> > that: unused space filled with garbage, or whether it is in fact
> > another encrytped filesystem.
>
> There has to be a way to tell the system that the sectors are used
> when not the drive isn't mounted and the filesystem isn't active.
Ah I see what you're getting at. My solution (I'm sure I wrote this
somewhere in this thread) was that you'd always have to mount both
file systems during normal usage, otherwise you'd risk damaging the
hidden fs. You'd only mount the duress fs alone in a duress situation.
Not attractive, but I don't see any easy way around it.
> > They might be suspicious, but I don't think they would be able to
> > claim you were in comptempt of court, if you provide the 1st key and
> > claim there is no other key: the software has support for either 1
> > or 2 filesystems.
>
> Having a copy of the driver is enough to arouse suspicion. If they
> don't find anything useful in that one partition, they'll assume
> the second is in use and that you're not giving up the key. You may
> very well get accused of maintaining a second system even if you are
> not and do not have anything incriminating in the one encrypted fs.
You could be right, I'm not sure how it would go in practice. But I
don't think there is really much more you can do unless you assume the
ability to conceal a piece of hardware from your opponents. Say like
a floppy disk with the stego or duress drivers on? But that gives
rise to all sorts of problems also... where do you store it when
you're not using the computer? What if they grab you while you're at
the computer? When you leave the computer for 5 mins?
Adam
Return to July 1996
Return to ““Deranged Mutant” <WlkngOwl@unix.asb.com>”