Slashdot Mirror

Of course, the authorities may have already backed up your data. And the new password can be compelled out of you by various means. (So-called "rubber hose cryptography", as in, "We beat the password out of him with a rubber hose.")

So you use a cryptographic filesystem that has several passwords. One retrieves mildly incriminating data, and another one gets the real data. So you can look like you complied but it doesn't do them any good.

Available for Linux 2.2, *BSD ports coming along.

There are filesystems that intentionally make it difficult to distinguish between encrypted data and cover noise, so They know you can never prove that you've revealed all your information.

The ingenius system Rubberhose.org allows the creation of large, small or tiny disk images, containing random data, into which not 1, not 2 but n files can be embedded.
Once the disk image is created, there's no way to determine how many pieces of information are embedded, so rubberhose offers true plausible deniability.
Rubberhose disk images can be easily sent by email, http, ftp etc.
Forced key escrow on rubberhose images is a farce, because the owner can hand over one or two private keys which will yield up only the data the owner wants to hand over - there's no way to prove the image contains any more data.

All this aside, my conclusion is that the only way to stamp out illicit information is to ban the internet, as the Taleban has done. The problem with this, of course, is the growing sector of the economy that depends on e-commerce.

Most of the "classified" information was probably classified out of convenience. These big bureaucracies classify everything.

Even if the information was important it would seem like they would have something like rubberhose crypto for just such contingencies.

But, no let's not have reasonable classification procedures, or use ready made tools, let's spend money on more crap like Super Sekrit Briefcases . Love that groupthink.

Check out Rubberhose. It is a cryptographic filesystem for linux and almost the BSD*'s that provides plausible deniability. I.e. even if they grab your computer and figure out that you are running rubberhose to hide stuff, you can throw them a bone by just decrypting your financial records, or your diary, or some other similarly benign piece of information and then no one can prove that there are any other items still encrypted on the disk.

www.rubberhose.org

Soudns great for the apartment complex.... Just the way to store all that illegal porn so if the police arrives your machine is clean, as its on someone elses drive

Isn't that the reason you should use either the RubberHose filesystem or the StegFS filesystem?

A better use of that knowledge would be to help these fine people . The problem is that they would of course be able to tell that the data is encrypted no real way to keep that knowledge from them but with Rubberhose they can never tell how much or if the have it all. A pretty sweet project.

Taken off the http://www.rubberhose.com/

Rubberhose transparently and deniably encrypts disk data, minimising the effectiveness of warrants, coersive interrogations and other compulsive mechanims, such as U.K RIP legislation. Rubberhose differs from conventional disk encryption systems in that it has an advanced modular architecture, self-test suite, is more secure, portable, utilises information hiding (steganography / deniable cryptography), works with any file system and has source freely available. Currently supported ciphers are DES, 3DES, IDEA, RC5, RC6, Blowfish, Twofish and CAST.

For thoses that don't know about the software you can read about it here.

PS:I never post to /. This is a first! back to getting the new /. DB built...

using Rubberhose. Make the government arrest us all get all the keys we can remember (and if fact all the keys we have) and they still can't prove that they have everything. That would be very cool and make it clear just how pointless trying to ban encryption is. The only way to put a end to this will be for a whole bunch of us to go to the mat for it. Should be fun if nothing else. :)

Well my predictions are that This, rubberhose and this will all be very usefull for those of use who don't want to conform in the next few years. Also brush up on PGP, GNUPG, and any other cyrpto schemes that you think might be cool. Privacy is key. Also key is throwing out the numbers on violence among say football players vs. Unreal players. (I'll have to look those numbers up.) They will try alot of thing but mostly due to the situation in Congress they won't do alot. Mostly if you are interested in security or anything that is not "normal" use crypto lots of it and watch them squirm.

The simple fact is we have tools that are as good or better than the tools any government or corp out there have. For example (I link to this all the time but it is because I think they deserve all the help they can get) take a look at rubberhose . Or if you really want your stuff to be private take a look at this. Either of those tools will help you protect your data. Ok for cruising the web there are a lot of anonymous redirectors out there and ways to encrypt your stuff. Now as to being able to live without someone tracking your stuff. It is possible to live without a credit card not easy and stuff tends to cost more (no shopping on the net) but it can be done. As for credit it is possible to get housing with bad/no credit (trust me I've done it) and you can do the same with a car but then again if you don't want someone to track you you would not be buying a car on credit anyway. As to background checks put some effort into it and figure out a way to make a living where it does not matter. The US military would like you and many of the people in their ranks to think that I am not able to get a job because of the kinds of issues that Jon is going on about. The fact of the matter is because of my skillset I have not had one employeer since I got out check my record and now it is so far in the past I doubt anyone would care. This is only a issue for the lazy and those who don't care. If you really care it is possible and not very hard to live a very private life.

This is a very bad assed encrypted filesystem. Also take a look at this. So you can have encryption today. Have fun.

It is just plain scary. And to think my story about this site got rejected. Wow. This is bad kids very bad

on the radio awhile ago. The thing about it if you listen to him or read his stuff for any length of time it becomes clear that he really has not clue about the power we the geeks have. He really does think that all the big companies have all the good tools and that we as people have no tools to fight them. What he does not understand is that many people (that would be most of us) have and have the knowledge to use tools that are as good or better than what the corps and the gov have. For example check out rubberhose. This kind of stuff is power and it is the power in the hands of the people who know and maintain the tech to do everything he wants the government to do. His idea is that the only thing that can stand up to a large corp is a large government. He just does not understand that we the people have the tools to do this for ourselves.

The current one by itself... is incapable of satisfying the needs of the Chinese government and companies as they enter the digital age.

I'm getting to the state where I'm ashamed to be British.

From what I understand, you have to pay by the minute for local phone calls. You also have to get a license just to have a TV. Then there's all that insanity with the government being able to force you to give up your crypto keys (check out RubberHose--they may be able to help with that). Now your DSL is getting screwed.

I can see why you'd be ashamed. From the geek standpoint, Britain is a barbaric country. :-)

Gov.uk can still take it over if they wanted, no one is going to make a fuss, just like when the US invaded Grenada, no one cares whether its actually legal or not, the best way I have found so far of defeating the RIP Act is Rubberhose, the website is here and if you're too lazy to click the link heres the synopsis -

Rubberhose transparently and deniably encrypts disk data, minimising the effectiveness of warrants, coersive interrogations and other compulsive mechanims, such as U.K RIP legislation. Rubberhose differs from conventional disk encryption systems in that it has an advanced modular architecture, self-test suite, is more secure, portable, utilises information hiding (steganography / deniable cryptography), works with any file system and has source freely available. Currently supported ciphers are DES, 3DES, IDEA, RC5, RC6, Blowfish, Twofish and CAST.

Try rubberhose

Have a look at Rubberhose.

I looked at this at Rubberhose.

It makes grisly sense. I'd prefer though truly vicious guerrilla war, with flaming gasoline-soaked tyres placed forcibly and irremovably about the necks of the subhuman vermin that populate such "security forces" (known in plain English as "torturers").

Have a look at Rubberhose.