Slashdot Mirror

← Back to Stories (view on slashdot.org)

Forensics Tool Finds Headerless Encrypted Files

Posted by timothy on from the sir-there's-an-anomaly-here dept.

gurps_npc writes "Forensics Innovations claims to have for sale a product that detects headerless encrypted files, such as TrueCrypt Dynamic files. It does not decrypt the file, just tells you that it is in fact an encrypted file. It works by detecting hidden patterns that don't exist in a random file. It does not mention steganography, but if their claim is true, it seems that it should be capable of detecting stenographic information as well."

14 of 374 comments (clear)

  1. Plausible Denial? by telchine · · Score: 5, Funny

    I'm am a citizen of the United Kingdom. Amongst many odd laws we have here, there's one that basically means that you can go to jail if you refuse to hand the police your encryption keys if they ask for them. The one saviour was Truecrypt's plausible denial. If they don't know you have encryption they can't ask for keys!

    Now they do know I have encryption... ...and I've forgotten my password.

    Can someone please give me tips on how to avoid dropping soap in the shower?

    1. Re:Plausible Denial? by wjh31 · · Score: 4, Funny

      practice holding soap between your cheeks, that should prepare you well.

    2. Re:Plausible Denial? by Randle_Revar · · Score: 2, Funny

      >recently used files lists

      strange, my cli apps don't seem to have that

      --
      Climate Progress - Hell and High Water
    3. Re:Plausible Denial? by Amazing+Quantum+Man · · Score: 4, Funny

      Simple. Make your password, "what hidden truecrypt volume?"

      --
      Fascism starts when the efficiency of the government becomes more important than the rights of the people.
    4. Re:Plausible Denial? by el+americano · · Score: 2, Funny

      "...an indication that you were using stenography."

      They can always just ask the stenographer if she did any work for you, and then she rats you out.

      Lesson: Don't use stenographers. Typing is fast enough.

      --
      Those are my principles. If you don't like them I have others. -Groucho Marx
  2. Re:That's STEGANOGRAPHY! by wjh31 · · Score: 3, Funny

    compressed and encrypted?

  3. Re:That's STEGANOGRAPHY! by idontgno · · Score: 3, Funny

    Our groundbreaking software can detect the presence of SHORTHAND* and allow law-enforcement decryption of this nefarious data-hiding technology!

    *Currently can detect Gregg, Pitman, Teeline, and Speedwriting. Also detects the presence of steno pads and stenotype machines.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  4. Re:Umm... by Daimanta · · Score: 5, Funny

    ssshhh, the "ga" is secretly embedded through steganography

    --
    Knowledge is power. Knowledge shared is power lost.
  5. Re:Don't worry by inviolet · · Score: 2, Funny

    The company has "innovations" in it's name, so their product probably won't work.
    If it did work against true crypt, which is a yard stick of well implemented encryption, I'm sure they'll come up with a counter measure by the next minor release.

    This will probably become an arms race, in order to use vs detect subtler and subtler patterns in the bytes.

    In any case, this tool will probably end up being used by law-enforcement as a polygraph, or breathalyzer: not true, not quite false either, but exciting enough to get the suspect to confess.

    Reminds me of a funny story about polygraphs. The cops were questioning a particularly stupid criminal, and they knew he did it (disclaimer, disclaimer). So they taped some stripped wire ends to his fingers, and ran the other ends of the wires into some random slot on a nearby xerox machine. They had secretly placed a paper onto the copier's glass with the words "HE'S LYING" written on it. When the guy answered a question and they knew he was lying, they'd fully press the copy button, rather than just pretending to press it. Out would come a copy of the paper -- HE'S LYING -- and the guy, whelmed, confessed. Ha ha, owned. :)

    --
    FATMOUSE + YOU = FATMOUSE
  6. Re:Umm... by Zapotek · · Score: 2, Funny

    Dunno, if the hidden data is 30 column wrapped that could be stenography[1].

    Steno = narrow
    graphy = writing
    Greek /. readers I expect a funny mod up. xD

  7. Re:That's STEGANOGRAPHY! by mfnickster · · Score: 3, Funny

    Easy, I'll just encrypt using a one-time steno pad!

    --
    "Slow down, Cowboy! It has been 3 years, 7 months and 26 days since you last successfully posted a comment."
  8. Re:Sure they do! :) by Anonymous Coward · · Score: 0, Funny

    I love you paranoia nerds. You are by far the funniest of the jackasses around here.

  9. Re:Don't worry by postbigbang · · Score: 2, Funny

    Not necessarily.

    Elliptical encryption can produce waves, but if the seed is large enough, it's a bear to detect. Bigger waves, bigger cache to AND for rhythms.... hint hint.

    What's needed is some sort of slam dunk header with Britney Spears in some sort of Japanese HD interlaced display. Hash it with bluefish, then salt it up with Atomic Rooster.

    This also bodes badly for Layer 7 router problems-- the kind where ISPs 'deep dive' into packet streams to throttle them back, so that all important ISP-provided movies can go through unfettered.

    --
    ---- Teach Peace. It's Cheaper Than War.
  10. Re:This is complete BS, and is easy to test by onsager · · Score: 2, Funny

    But /home/me/somefile.jpg IS a headerless encrypted data file. It is the number 0 stored as a 40960000 bit integer, encrypted against a pseudo-random one time pad.