1998-09-23 - Re: Stego-empty hard drives… (fwd)

Header Data

From: Sunder <sunder@brainlink.com>
To: Jim Choate <ravage@EINSTEIN.ssz.com>
Message Hash: d513c6e15fb62ffa02a3a5d5ca28953e44a0c1090b168fce69571fe554c1649c
Message ID: <3608F63F.30A09543@brainlink.com>
Reply To: <199809230223.VAA07985@einstein.ssz.com>
UTC Datetime: 1998-09-23 00:26:44 UTC
Raw Date: Wed, 23 Sep 1998 08:26:44 +0800

Raw message

From: Sunder <sunder@brainlink.com>
Date: Wed, 23 Sep 1998 08:26:44 +0800
To: Jim Choate <ravage@EINSTEIN.ssz.com>
Subject: Re: Stego-empty hard drives... (fwd)
In-Reply-To: <199809230223.VAA07985@einstein.ssz.com>
Message-ID: <3608F63F.30A09543@brainlink.com>
MIME-Version: 1.0
Content-Type: text/plain

Jim Choate wrote:

> If there was as much variety at the hardware level as you assume nobody
> could afford to introduce new computers every few months.

> Realisticaly it isn't this complicated. All one needs to do is write a
> program that allows the operator to talk directly to the hard drive
> controller. At that point it's a trivial matter to go out and find those
> hidden partitions. You could use normal drive recovery software if you had a
> mind, and that only costs a few hundred to a few thousand dollars and can be
> bought in the back of Computer Shopper.

Yes, and depending on the threat model this was about 5-6 on the last I've last
sent. To get around that, you either modify the hard drive's on board
controller, or you build a CPU emulator.  There is one that's freely available
called Bochs which will do this.  They can happily boot from their floppy and
talk directly to your virtual "hardware" and you still get through.

Yeah, I know, ol'e paranoid Jim will reply to this using the word "Tempest"
signature, to which I reply, if you're that paranoid, tempest shield your
notebook and put in several RF transmitters to spit back pre-recorded tempest
noise to play in synch.

Shit, and why not?  If you're gonna get THAT paranoid, you might as well take
all the precautions in the universe.  Oh, it's too expensive?  Well that's just
waaay too fucking bad.

Gee, but one would have to think, why would they go to that extent and expense
to find hidden bits of data on your drives, and not do body cavity searches and
MRI and XRay scans of your body?  Hell, why don't they buy electron tunneling
microscopes just incase you might have encoded your data on the surface of that
perfectly innocent looking CD jewel case in which you're carrying your music?

> Don't bother, I already know how to do that.
> This would stand out like a sore thumb.

Shaaa, now that I've shown you how, of course you already know how to do that. 
Now that I've shown you the code and told you how it works, of course to you it
would stand out like a sore thumb because you know what to look for.  The
question is will it stand out to the minimum wage customs drone?  You seem to
think these guys are actually super spies, not clueless overpaid (for their
level of skills) bored burrowcrats working on an assembly line.  You're over
estimating their abilities by at least four orders of magnitude there.

Gee, I bet you use RSA with 65536 bits too and superencrypt with 3DES, IDEA,
and Blowfish and Misty.


.+.^.+.|       Sunder       |Prying open my 3rd eye.  So good to see |./|\.
..\|/..|sunder@sundernet.com|you once again. I thought you were      |/\|/\
<--*-->| ------------------ |hiding, and you thought that I had run  |\/|\/
../|\..| "A toast to Odin,  |away chasing the tail of dogma. I opened|.\|/.
.+.v.+.|God of screwdrivers"|my eye and there we were....            |.....
======================= http://www.sundernet.com ==========================