From: jim bell <jimbell@pacifier.com>
Date: Thu, 18 Jul 1996 20:49:30 +0800
To: WlkngOwl@unix.asb.com
Subject: Re: Opiated file systems
Message-ID: <199607180708.AAA09887@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:06 PM 7/17/96 +0000, Deranged Mutant wrote:

>1. Confiscate computer (along with physical drive) with duress-capable
>encrypted file system; 2. back up the encrypted sectors; 3. reverse-engineer file 
>system driver to figure out how the duress-key works, if there are 
>multiple keys, where data is stored; 4. make sure you've rubber-hosed 
>or subpeoned all passphrases or keys; 4a. if the system destroys data, 
>you've got backups ("Very funny kiddo; now give us the real key...")
>4b. even if there are two filesystems, the attacker will want access 
>to both, just to make sure...

It has long occurred to me, considering the size and low power of the 
typical 3.5" hard drive compared with the size of the typical house or 
apartment, that it might be an interesting project to remotely connect such 
a (hidden) drive to your computer using a reasonably surreptious link that 
is difficult to trace.  Say, an IR optical link, a single bare (unjacketed) 
optical fiber, a LAN with hidden nodes, or a similar system.  Maybe an 
inductive pickup.  In any raid, they'll have to decide what to take, and 
chances are very good that they won't find every hidden item.



Jim Bell
jimbell@pacifier.com