Slashdot Mirror
Encryption? What Encryption?
Police in Britain have announced that two people have successfully been prosecuted under a UK law that forces defendants to give up their encryption keys and penalizes those who don't comply. Another UK woman's case had attracted attention two years ago, when the government demanded she give up her encryption keys after the police found encryption software on her computer, but the police say she was not one of the two defendant's charged. Is there a software solution to this problem — a way that people can encrypt files on their computers, without arousing the suspicion of law enforcement if the computers are seized?
File encryption, if properly implemented, is generally considered mathematically unbreakable. But to prevent suspicion falling on people just for encrypting files in the first place, requires a human solution as well as an engineering one. One way or another, some file encryption software would have to be in widespread use that has these two properties: (1) it's deployed on a large number of people's machines — not just a large absolute number, but a significant proportion of the total population, so that suspicion does not fall on people just for possessing the software — and (2) it should not be possible to tell the difference between machines where the users use the software regularly, and machines where the software has never been run. Then, and only then, would it be possible to use the encryption software on your machine, without anyone who seizes the machine having reason to think that you had ever encrypted anything at all.
(Of course, in a relatively free society, if law enforcement has probable cause to seize your machine in the first place, then they would presumably already have some evidence against you. But this would at least prevent police officers and judges from becoming more suspicious as a result of encryption software being present on your machine.)
Note that this is similar to the kind of problem that is normally solved with steganography, but by my reasoning, I don't think that using stego would actually gain anything in this situation. Whether you're talking about encryption software or stego software, if it's a program that not a lot of people have installed, then just by virtue of having it on your machine, you'll attract suspicion if your machine is seized. On the other hand, suppose you've cleared that hurdle and the software is installed on a lot of people's computers, so that just having installed it is not by itself grounds for suspicion. If it's stego, then you can embed the hidden data inside other images or videos, so that an intruder can't tell whether you've been using the software to hide anything (assuming the stego software is good enough that the intruder can't tell the images have been tampered with). But you could achieve the same thing with straight encryption software: just have every installation of the program create a "storage volume" file, where encrypted files will be stored. As long as a storage volume file with files embedded in it, is indistinguishable from a storage volume file that has never been touched, the presence of the storage volume file won't give you away.
I'm not actually aware of any encryption program that has that property: that for a given machine with the software installed, it's impossible to tell whether the software has ever been used to encrypt data. This is probably because this would normally not be a useful feature of an encryption program. The whole point of making it impossible to tell whether someone has used the program or not, is that people who have used the program would not attract undue attention to themselves as a result. But if the encryption program is only used by one thousandth of one percent of total Internet users anyway, then just the fact that a user has the program installed, would be enough to draw suspicion to the user if their computer is seized, so there's no benefit to concealing the fact that the program has been used. On the other hand, if the encryption program is installed on a significant proportion of users' machines anyway, then simply having the program installed is no longer grounds for suspicion. And that's when it would become a valuable feature for it to be difficult to tell whether the owner of the machine actually uses the encryption program or not.
This may be hard to implement correctly, and there are some tradeoffs that will have to be decided. For example, if the program creates a default "storage volume" file when it's installed, how big should that initial volume be? The problem with creating a small storage file initially and then letting it grow as encrypted files are added, is that this now makes it easy to tell who is using the program and who isn't — anyone whose storage file has grown beyond the default size, is using it to encrypt files (and is therefore a terrorist movie-downloading child pornographer, etc.). In order to avoid suspicion falling on people who use the program, the storage file would have to be the same size on everyone's computer. If you make it 1 GB, that wastes a lot of space on people's machines who aren't using it. On the other hand, if it's only 1 GB, it also means that users will only be able to store up to 1 GB of encrypted data — any more than that, and they'll have to expand the size of the storage file, thus calling attention to themselves if the machine is ever seized. And then, what about the fact that a large file which is created all at once, is normally not fragmented very much, but if the storage file is frequently modified, it is likely to become more and more fragmented — thus giving people a way to tell if the encryption program is being used frequently. (So you'd either have to deliberately create a very fragmented storage file by default on the first install, or create an unfragmented file on first install but then make sure to read and write from the file in a way that doesn't fragment it further.) I don't want to get too bogged down in implementation details. The point is just that you'd have to block all the possible ways that an intruder would be able to tell whether the software is used frequently — forget one thing, and you've given an intruder a way to identify people who are actually using the software to encrypt files.
A program called TrueCrypt achieves something close to this — TrueCrypt allows you to encrypt a storage volume with two different passwords, so that one password provides access to "innocent-looking" data, while the other password provides access to the data that you really want to keep secure. If someone is compelled to give up their password, they could provide only the password that unlocks the "innocent-looking" data — and there's no way, from examining the encrypted file, to tell that there is a second password guarding even-more secret data. (Of course, the "innocent-looking" data can't be truly innocent-looking, because it has to look like the kind of thing that someone would believe you might want to encrypt — so it should look suspicious enough that you would genuinely want to hide it, but not bad enough to get you in real trouble if you're forced to reveal it!) The Achilles heel of this scheme is that just having TrueCrypt on your computer in the first place, would at least signal to an intruder that you're encrypting files. And even if they can't prove that you might have another "super-secret password" guarding more private data on your encrypted volume, they would certainly suspect it, if they already had grounds to be investigating you and if they knew anything about how TrueCrypt works. To provide true plausible deniability of any encryption at all, you need a program that already exists on lots of people's machines, so that an intruder doesn't suspect anything when they find it on your computer.
(The same objection also applies to many other non-solutions to the problem, like using a Linux distro that encrypts your entire file system. Even assuming this would be within the technical means of the average person who wanted to do encryption, it's still going to look suspicious as long as the vast majority of people are not doing it.)
Which leads to the other half of the problem, which is getting the software widely deployed enough that it would not look suspicious for someone to have the program installed in the first place. Best of all for the purpose of avoiding suspicion, of course, would be for the program to come installed by default with a popular operating system. Windows XP and Vista have the built-in ability to encrypt folders, but anyone who seizes the machine can still see that you encrypted a folder, so this don't have the undetectability factor. Built-in deniable encryption of the kind that I'm describing, doesn't instinctively feel like the sort of thing that Microsoft would start bundling with its operating system. (Among other things, they might say that while companies often have business reasons for encrypting files, it's harder to think of a business case where employees would need to encrypt files and hide the fact that they were encrypting anything.)
Perhaps instead it could be bundled with a popular free software program beholden to no for-profit corporate masters. (My first thought was Firefox, but I was quickly told that Firefox was created specifically to strip out many of the features that had caused bloat in the original Mozilla project, and that any bundling of unnecessary tools would go against the whole ethos of the project.) Maybe a good place to include something like this would be the Google Pack — it's installed by lots of people, and currently doesn't have a file-encryption tool in the bundle. Beholden to for-profit corporate masters, yes, but ones that frequently declare "Don't Be Evil" and often seem to do cool stuff just to see what would happen.
Another possibility would be for a next-generation P2P program to bundle this capability with their software. This provides a nice dovetailing of interests — P2P users might want a way to hide the files that they've downloaded, while at the same time, intruders who seize the computer and found the P2P application installed, wouldn't necessarily suspect the owner of anything more than a little copyrighted file trading. "Well, he's got this NiftyP2P program installed, which comes with 'plausibly deniable' encryption, but most people use just NiftyP2P to download mp3 files and movies anyway. And I can't tell if he was actually using the encrypted file storage volume, because that's how 'plausibly deniable' encryption works. Is this the same guy who uploaded those subversive anti-government documents? I dunno."
Anyway, if you actually want to give people a way to run encryption software on their PCs, while ensuring that anyone who seizes their machine cannot tell that any encryption has been going on, these are the hurdles that you'd have to clear. I'm not sure whether this is better viewed as a blueprint for how to achieve this goal, or an argument for why it will probably never happen. There are lots of almost-solutions, like TrueCrypt with its ability to encrypt different sets of data into the same storage volume. But you still can't actually hide the fact that you're doing encryption in the first place.
(If you're willing to store your encryption software away from your computer, you could keep a steganography program on a CD or USB drive hidden in your house, and then whenever you need access to the encrypted data, plug in the program and use it to extract data that has been hidden in a large number of image or video files. That would achieve the goals I've outlined in the article: the ability to encrypt files, while still ensuring that anyone who seizes your computer won't be able to tell that you've encrypted anything. The problem is that it would require enough self-discipline to always return the CD or USB stick to its hiding place when you were done with it — and still, you'd have to hope that whatever authorities seize your computer, don't also search your house and find the CD or USB stick where you keep your stego software.)
Finally, risking the wrath of my civil-libertarian allies, I'll admit it may not actually be a positive thing for every citizen to be able to hide the fact from their local law enforcement that they're encrypting files on their computer. Many times if the police in a mostly-free country like the US or the UK seize a person's computer, they're trying to prevent real harm, and not every person with an encrypted file volume is a good guy. For some of the people who have left enough of an evidence trail that their computers get seized, it would be perfectly rational to view them with suspicion because of an encrypted volume found on their computer. But if you assume it's a worthwhile goal for people to be able to encrypt files without attracting suspicion, my argument is that the prerequisites in this article are necessary for that to work. At the moment it seems a long way off. But if someone created an encryption program with "deniability" — so that it was impossible to tell whether the program had ever been used after it was installed — and someone at Google thought "Hey, that's cool" and added it to the Google Pack, everything would change very suddenly.
Story? What story?
In theory there is no difference between theory and practice. In practice there is. - Yogi Berra
http://xkcd.com/538/
It's funny cause it's true.
Sent from your iPad.
A smart crook with stolen state secrets or child porn on their encrypted drives would just tell 'em to fuck off.
5 years in the pen for obstruction of justice ain't shit compared death for treason or being ganged-raped on a daily basis before having to live the rest of your life as a sex-offender.
People will respect you on the inside and the outside because inmates and corporations both don't like snitches.
captcha: harming
-- Ethanol-fueled
I'm the head of IT for my company.
We use TrueCrypt for whole-disc encryption.
Most companies use something similar. So why is it thought that encryption on computers is few-and-far-between?
AFAI can tell, encryption software is common, bordering on ubiquitous.
You see, you keep the noncriminating data encrypted on the computer - and you keep the criminating stuff hidden in the Program Files\Microsoft Office folder.
They'll be so concerned about accessing the encrypted stuff, that when they discover its just pictures of lolcats and epic fails, they'll stop searching your PC.
As a failsafe, if they DO find your stuff in the office folder, tell them it must be Microsoft's doing!
>Applications>Others>Truecrypt>Busted!
Some crypto junkies talk about distress keys. Where a user can enter two different keys depending on the situation. The real key loads the real OS. The distress key loads the "fake" OS. There are many ways to detect this in modern experiments. None will work without manipulating low level HD blocking.
If he has comments, he should post them under the story like everyone else. If they are good, they'll be modded up. There's no reason to post two stories on the front page on the same day for the same event. It's still a dupe, even if you acknowledge the previous story.
Give me Classic Slashdot or give me death!
I've often wondered why when you are setting up your user account on a box, and it gets to the part with setting up email, it didn't give you a chance to generate or import public/private keys right there and them upload the public to a server. Particularly on linux boxes, this seems like a completely feasible option.
One might also envision having a secret key storage mechanism, either by local external media or via remote storage where it could go look.
-- Who is the bigger fool? The fool or the fool who follows him? --
One option to hide well the existence of encription software and data could be to put them among game files.
It's common for games to have large data files, for example precompiled texture caches. You could change the program extension from .exe to .whatever and put it between those files. For extra stealth use a rare used packer (to avoiding signature matching) and also erase the first 2 bytes of the executable 'MZ', and use a good editor to put it back in place before executing it. The data it's encrypted and I don't think the NSA have parser for any arbitrary file in existence (game files in this case) so they won't suspect a think. Make sure that the date of change of those files don't draw attention to them.
You may find this interesting: http://www.truecrypt.org/docs/?s=plausible-deniability "In case an adversary forces you to reveal your password, TrueCrypt provides and supports two kinds of plausible deniability"
So now this Bennett dumbass has editors other than kdawson posting for him? wtf?
Can we get an option to hide stories from submitters, not just editors? I never want to see anything Bennett submits ever again. Please give me that option. Even hiding kdawson stories won't help now, it seems.
Why hide your sooper seekrit encrypted data? Just run uuencode or MIME/Base64 encode on a few megabytes of /dev/random and rename it 'killobama.txt.php' and let the spooks knock themselves out trying to uncover your fiendish plot.
Just keep your REAL encrypted gubbins between the regexp delimiters in your perl scripts and nobody will be any the wiser.
Maybe this is a new business opportunity for the Pirate Bay. In addition to the private VPN service, you could also get remote anonymous encrypted storage. If you only access the storage through the VPN, it could make it pretty difficult to track.
Instead of focusing on hiding *LEGAL* activities perhaps some effort should be directed towards making sure that our rights to be free of unwarranted search and seizure, to be secure in our person and our documents and most importantly the rights to not being required to incriminate ourselves are not so easily and casually violated.
Unfortunately the only way to ever truly and safely encrypt something is to not store that information at all. "Never write when you can talk, never talk when you can nod, and never, ever, put anything in an email."
The standard technique for moving such files a while was to hide the data inside pornography. They are one of the most commonly trafficked file types on the internet and people prefer not to look at it too closely. Or did before it became a standard..
Ubuntu seems to be including an encryption tool. But the configuration information reveals whether you've enabled it. If you manually mount your encrypted data there is no indication that you are the creator of that suspicious file... other than it being your computer.
What all the talks on crypto seem to forget is that crypto only protects your data when you are not using it.
If they are investigating you to the point where they are going to be seizing your computer they have means of acquiring your password.
They can get a warrant an put a key logger on your system. Optionally they could acquire a warrant to install some sort of surveillance with the intent of either shoulder surfing the password or to simply read the data off the screen.
I find being offended by me offensive.
TrueCrypt thought of this problem a long, long, long time ago. It's called a hidden volume. It is designed *specifically* to deal with the problem of an adversary forcing you to reveal your key/password. Read more at http://www.truecrypt.org/hiddenvolume and http://www.truecrypt.org/docs/?s=hidden-operating-system
About 99 or 2000, I found a browser made by a hacker on one of my random hacking sites. It had some really cool features, such as split screen browsing(as opposed to tabs, back then I thought it was quite novel) but one feature that stood out was that it had a built in message encryption/decryption tool for text. So you you write a plaintext email, select the text and select the algorithim and strength and the opposite for when you got it back. I'm talking about using it for email but it had many other potential uses, and the whole browser was still light and fast. I think I agree that the best way nowadays to make something really really common is to make it into a browser. On a side note, about once a year I dig through my old file archives and favorites trying to find this old hacker browser, and still haven't found it.
While this does not do everything you want, every computer with Ubuntu already has gnupg installed - it is used by the package manager to verify the downloaded packages. You could use the atime on the gnupg executable to see if it has been used, except that the package manager itself already uses it, and if you use noatime instead of the default relatime (which you should, to get a little bit more performance while only breaking stuff if you do not use Maildir, which again you should for several reasons), there is no way to tell it has been executed.
The only missing piece of the puzzle would be to get a Perl guru to coin an easily-memorizable one-liner which does simple steganography (it has to be easy to memorize so you can type it every time you want to use it, remembering to temporarily disable bash's history functions first).
If it's not going to be a part of the OS itself, make it a part of the browser. Firefox could "reclaim the heart of the people" by adding this as a part of browser security. By default, the browser should encrypt all personal data, such as passwords and even file/URL history. Add a small option as a menu item in Tools/Privacy/Encryption/Personal History and allow you to create as large a file as you want (password protected of course) and use the browser to save to/browse the file.
This tool should also use a form of "hidden volumes" like truecrypt and it should save in the browser history folder, but give you the option to create it anywhere you want.
If 25%-plus of the population has it installed, it becomes much less suspicious.
Hell, if MS put it in IE 8.1 it would possibly even win-over the geek crowd.
put the what in the where?
Ad 1: Whoever wrote the article is paranoid and should be treated.
Ad 2: The article is totally false from the first letter on. The reason is: all encryption can be broken. The NSA has found a math proof and a practical mat framework which cracks both prime based and ellipse based ciphers in practical time using 5000 node or larger x64 supercomputers. Forcing you to divulge the key or go to prison is simply a way to save on the electricity bill in Langley or the MI5/6 headquarters.
Ad 3: I can't understand how anybody could believe in strong encryption in the first place. If there was anything easy to cipher and harder to crack, it would violate the conservation of energy. Essentially you could run a perpetual machine off AES power. This is so trivial!
Truecrypt solves this problem: Plausible Deniability
In effect, you can encrypt some stuff, and encrypt another volume with a different password. The second volume is indistinguishable from random data, so if you give the password to the first volume, there is no way to prove that you are witholding anything.
They also offer hidden volumes within encrypted volumes for the same reason. There's no way to ever prove that a person has withheld ALL of the passwords, or that any data even exists in that space.
If moderation could change anything, it would be illegal.
Steganography was very big at the time. For instance, some people believe that Wm Shakespere was involved in the King James Bible but could not be credited because, as an actor, he was not respectable. Find the King James Version, find psalm 46, find 46th words from the start and the end. The nice thing is it could be pure coincidence, which is a core principle of staganography.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Tag it into the end of some other sort of binary file (executable, image file etc) that will work fine with extra data on the end but is not human readable therefore cannot be easily checked. Eg adding binary data onto the end of a .txt file would be spotted by all but the most stupid technician.
Why would you have the software on your computer anyway? Encrypt your data, put it in an unmarked area of the drive and delete the encryption program. Travel. When you want to decrypt the data, download the decryption program (better do it on a USB stick) and run it. The data, while encrypted with a decent algorithm, looks like random noise on the hard drive unless it's VERY carefully analyzed. Just don't write anything to the drive in the meantime.
This whole "story" seems suspiciously like an attempt to work the buzzword "social" into the discussion.
Whether you're talking about encryption software or stego software, if it's a program that not a lot of people have installed, then just by virtue of having it on your machine, you'll attract suspicion if your machine is seized.
Using a portable program like [url=http://sourceforge.net/projects/hide-in-picture/]hide-in-picture[/url] along with some easy to use portable GUI to make it easier to hide several files is a suitable solution.
On the one hand, you could have such program (along with any indexing it creates) in a USB thumb drive, or just upload it somewhere in a server where you always have access (thus, you do not need it in your computer while passing through unreliable points).
On the other hand, pictures are something that everyone has in their computers (I have around 4GB of pictures taken with 5megapixel cameras...). Thus, it should be trivial to hide whatever information in such libraries.
The steganography technology already exists, what is still lacking is software which makes it easy and convenient to use it. That is what truecrypt did for cryptography.
The issue is with truecrypt (or other crypto program) is that even when using a portable version, a fast WinDirStat scan will yield some big files.
Ubuntu is an African word meaning 'I can't configure Debian'
You don't put the program on your compute; you keep it as a portable executable on a memory stick that is kept somewhere where it's highly unlikely to be found by a casual search; not too difficult given how small they can be. Combine that with something like TrueCrypt's hidden partitions that are supposedly(*) undetectable and as long as you don't slip up and divulge the fact there is a hidden "key", you can leave them searching through some suitably innocuous collection of data files.
(*) I refuse to believe in any "absolutes" like this when it comes to IT; many of the more innovative exploits out there take advantage of the mistaken belief that something can't be done or isn't an issue. People used to say it wasn't possible to write a program that could replicate by itself, and we all know how that turned out.
UNIX? They're not even circumcised! Savages!
I am ardently in favor of a huge increase in deployment of encryption. Everyone should encrypt everything by default. There's no such thing as information "not worth encrypting," because processors are so damn fast; encryption is free.
That said, I don't see the big deal about plausible deniability. (Granted, I don't live in UK.) When goons get you tied to a chair, you have lost. It's over. Plausible deniability doesn't change that. You're going to give up the goods, and your dignity has already been violated.
So it's about not attracting suspicion? I don't buy it. There is way too much crime and accidents, for use of encryption to even be a modest hint that someone is doing something possibly suspicious. Things get stolen. Laptops get lost. Backup tapes go unaccounted for. These are very real, not theoretical, risks. It's not weird to protect against such risks; it's simply wise.
So I guess while I'd like to see plausibly deniable encryption be deployed on a wide scale, it's really just because I want to see encryption deployed. If deniability is the marketing gimmick that gets the job done, well ok, I'm not going to complain.
As for UK, y'all just need to repeal that law. You have an evil government, and installing some kind of magic software isn't really going to fix your problem.
This whole problem has arisen because people are storing everything on a single hard drive now instead of using removable media as they did in the past, e.g., with floppy disks. Removable media makes it easy to take your sensitive data away and hide it. Removable media can be encrypted. And if you have multiple units, you can plausibly claim that you forgot the password to that old disk because you don't use it every day (a claim that's hard to make about your main hard drive).
Hide the stego program inside another binary. Running an application with a hidden option would then turn it into a stego program. No idea how viable this is.
Why not just put the sensitive data on an encrypted USB drive. These devices are far from rare these days, so common that I'd venture to guess that Grandma down the street probably has her raspberry jam recipe encrypted, just because that's how the damned thing is set up when you plug it in.
Er, instead of going to those lengths, why not just include this 'double key' encryption technique in commonly used encryption software (which might also pack as well), and have a *choice* of using an ordinary single key or a double key. Software such as winrar or 7zip could add it for instance.
A program called TrueCrypt achieves something close to this â" TrueCrypt allows you to encrypt a storage volume with two different passwords, so that one password provides access to "innocent-looking" data, while the other password provides access to the data that you really want to keep secure. If someone is compelled to give up their password, they could provide only the password that unlocks the "innocent-looking" data â" and there's no way, from examining the encrypted file, to tell that there is a second password guarding even-more secret data. (Of course, the "innocent-looking" data can't be truly innocent-looking, because it has to look like the kind of thing that someone would believe you might want to encrypt â" so it should look suspicious enough that you would genuinely want to hide it, but not bad enough to get you in real trouble if you're forced to reveal it!) The Achilles heel of this scheme is that just having TrueCrypt on your computer in the first place, would at least signal to an intruder that you're encrypting files. And even if they can't prove that you might have another "super-secret password" guarding more private data on your encrypted volume, they would certainly suspect it, if they already had grounds to be investigating you and if they knew anything about how TrueCrypt works. To provide true plausible deniability of any encryption at all, you need a program that already exists on lots of people's machines, so that an intruder doesn't suspect anything when they find it on your computer.
It's been a while since I've used TrueCrypt, so maybe things have changed. I do remember the feature where you can have a 'hidden volume' inside your TrueCrypt encrypted volume, which sounds like what the quote above is talking about, that is protected by a second password. The thing with TrueCrypt is, at least the version I used around 2003, you don't have to have the software installed on the computer in order to use it. TrueCrypt can run entirely off of a flash drive or other removable media.
From what I understand, the hidden volume's data is stored in the free space of the main encrypted volume, so the filesystem doesn't actually have handles to this data, something like that. I wonder if it would be possible to store this hidden volume directly inside the free space of an NTFS volume instead of inside a TrueCrypt encrypted volume? So then an intruder would have to know that TrueCrypt was used, and then use the tool to scan the NTFS volume for hidden data, rather than just seeing that there's an encrypted volume there, and suspect there may be hidden data as well.
Having a smoking section in a public restaurant is like having a peeing section in a public swimming pool.
I have a bunch of programs on my computer that are installed because they seemed kind of cool, but that I never used because I'm lazy or they weren't so cool after all. So yeah, Truecrypt is on my PC, but I never used it. Forgot to delete it, thought I might use it one day, maybe. So I don't have a password or anything encrypted.
Why does having the program imply use? I've got a weed-wacker in my garage I haven't used in years. Tent up in the attic, I haven't been camping in decades.
I've got utilities that were going to save me time and money, some of which I even paid for, that I never used beyond the initial install. That's my story, and I'm sticking to it.
Everything you know is wrong, Just forget the words and sing along.
What a long piece of nonsense.
We solved this problem 20 years ago. It's called "plausible deniability". There are various ways to get it. The easiest one is this:
Use an encryption tool that can hide encrypted volumes, like TrueCrypt.
Encrypt your porn collection on the outer shell, your private data on the inner.
If someone asks for your decryption key, stall a bit, then blush and hand them the porn key.
Obviously, you didn't want your wife to find out about your porn collection, which is why you encrypted it. No, officer, there's nothing else there.
Modify for your particular case. If you have serious sensible material, you need more serious stuff to hide it behind, e.g. the e-mails from your mistress or whatever.
There's no need whatsoever for any complicated solution. On the contrary, it makes you more vulnerable, not less.
Assorted stuff I do sometimes: Lemuria.org
Encrypting one's entire filesystem ( especially on a laptop ) is a common corporate policy to prevent a stolen laptop from resulting in bad guys getting company data. Having such software installed is common for legitimate reasons.
A promising looking p2p data storage system which meets your requirements is this: http://www.madore.org/~david/misc/freespeech.html. It's based on the fact that the same data can be interpreted in more than one way. 128k of bytes can be interpreted by another 128k of bytes as an MP3 song fragment, or by yet another 128 k of bytes as an illegal list of credit card numbers.
...
Bundle program with os (so it's installed on every computer) and use encrypted distributed storage (there are some projects out there) as virtual hard disk.
Connect to that disk manually on every computer startup so there are no traces in init.d/autoexec.bat.
I was thinking about using the unused parts of the harddisk but the encrypted data bits should be really random while your deleted jpegs aren't so it would be
very easy to detect....
What about Microsoft's Bitlocker? It's built into most editions of Vista and Windows 7. Is that not what was meant by widespread?
In the US the government can force a suspect/defendant to turn over a key to the safe, but not to turn over the combination to the safe.
Doe v. United States, 487 U.S. 201 (1988)
If someone says he and his monkey have nothing to hide, they almost certainly do.
Okay, the author makes an interesting statement - unless you have something to hide, why encrypt? IOTW, for those looking at computers, the author argues that encryption is nto widespread enough to have it be looked at without suspicion.
;)
Now - let's turn it around. In my work, we manadate that all laptops and usb keys are encrypted. Always. When we get a laptop (I think my department has around 800 laptops, with mine the only one running Ubuntu.) the hard drive gets encrypted. Any USB key gets encrypted.
I do the same for home. My three desktop PCs (two Ubuntu one Vista) are all encrypted.
Why?
In the case of work, they don't want the possibility of any portable device having personal or otherwise comprimising data being stolen. (See: http://www.washingtonpost.com/wp-dyn/content/article/2006/09/21/AR2006092101602.html or http://blog.internetnews.com/agoldman/2009/04/lost-laptop-okdhs.html for examples.)
In the case of my house, I don't want the possibility of my home PC being run off with my last years tax statements in plain view. (Actually I have those on a separate hard drive, but you get the idea.)
Now - for downloading pr0n, one should simply do what comes naturally and use a neighbors open unprotected wifi connection...
The Kai's Semi-Updated Website Thingy
gWVg+xEojKXMDhE2m4cdSEMYkx1KkL6oTIGqxVFksjxhY6h4aELohkJDrFX+P6ESb/Qmhpjw6ySB
mg6nGIbrWVlQpCSTSaePyU8hCACOiAUQQ7HsV6S5dS9JKiklzPzXpLl1L0kqKSXM/NxpWKAVvARQ
t4DSEpQHz7zVuolJ/gBYUEHwIUUoSymmUFCAIg1H1GFWRL5GEMIP0klImAAdywQgAg3RhAkgsLCC
QcNpCdksSV0tgMgg/6qTIdQIMVDJBEGCdyBAQJ0zbBIOyQ1JAYQGQRogyxsoDGEEIhAkgmJqGoKg
iKTNVL+mmhAQIa7IQkA4VKCUwBWVVAQ+NAgExIGovYL0oETDQKoIRMVQHyacMEh+ilDACHYWxQEJ
OK, first off you idiots who didn't read the whole editorial and suggested TrueCrypt: try expanding your attention spans beyond the length of a tweet.
Now on to my own contribution. Since TrueCrypt is open source, one could come up with their own custom build that would no longer have the same appearance as the original. By appearance, I mean the GUI could be modified or eliminated (command line only). In addition the executable file could be sufficiently scrambled so that its pedigree could be hidden: it would not look like a TrueCrypt derivative.
One project that's on my to-do list is to make a customized version of TrueCrypt's whole-disk encryption (with bootloader) that makes the computer look like it's broken when you try to boot it. Talk about deniability. You just tell them they broke it. In reality it's prompting you for a password but it just doesn't look like it.
Did you vote in the last election? Did you campaign door-to-door? When was the last time you attended a demonstration? These are the things that will improve your legal rights, not trying to use tech to hide your use of encryption.
For a start, you might snail-mail your representative and ask how you can communicate with their office privately, now that governments are starting to claim the right to intercept and store snail-mail, email, and telephone calls.
Don't mess with The Phone Company. Piss them off and you'll be using two tin cans and a piece of string.
I've been wondering about this for some time. I'm no crypto expert, but no amount of AES/Twosword encryption and/or Spinfish hashing will alter the entropy or correlation function of the volume's content. So IMHO it is possible to generate entropy 'fingerprints' or correlation functions of most felonious data (kiddy pron, state secrets etc.) and match these against the volume contents. Simply said, if I have a document in plain English, some characters will correlate more than others. The sequence 't-h-e' will for instance be more prominant than 'x-v-b'. Encrypting with anything other than a one-time-pad (i.e. an absolute random (correlation==0) encryption key with exactly the same bit length as the data to encrypt) will IMHO not change the correlation function. So the encrypted data can be identified as a plain English text document. Same will aply mutatis mutandis for pictures and movies. Or am I missing something???
I keep telling people, "Keep your illegal porn and plans to assassinate [insert name here] on other peoples PCs."
Doesn't Wuala solve this? It stores your files in encrypted pieces spread over multiple remote machines (so you can't see the size used without your password). It already has a large number of users as well. The password is not stored anywhere.
I don't know of any encryption software that creates an encrypted file that isn't easily identifiable. Heck, running "file passwords" on my machine results in:
passwords: GPG encrypted data
I'm sure it's possible to try to hide encrypted data as noise, but that doesn't seem to be the default operation
"Knowledge is the only instrument of production that is not subject to diminishing returns" -Journal of Political Econom
What happened to simply "I forgot my password". You know going to jail and such is a traumatic experience I can see no reason as to why one might not be able to recall their password/phrase.
There, solved the problem of suspicious because he has the file.
excitingthingstodo.blogspot.com
Convenience and plausible deniability are somewhat mutually exclusive. Forensic traces are really hard to combat. Even if you memorize the ones and zeros, the "encryption" can mostly be broken with rubber-hose cryptoanalysis.
An interesting solution would be a browser plug-in gaining popularity which integrates with several major image hosting providers, offering client-side stenography and crypto. Only small files would fit though, but it'd be usable in some of the same scenarios Freenet was meant for, e.g. communication without 3rd parties being able to prove the communication takes place.
That's a tougher problem than most people seem to realize. If I'm hiding my collection of exotic photos of, I dunno, under-aged parrots or skanky sheep (but here, I perhaps reveal too much), I have to worry about my computer's environment as a great big system ... I have to ensure that, for example, windows doesn't index that mounted drive (or whatever you're using), I have to make sure that my picture viewer doesn't cache thumbnails in an awkward place, or that editing doesn't create unencrypted temp files. My "recently opened documents" has to be, what, encrypted too? Regularly overwritten 60 billion times per day? Turned off? Something.
It's not that the things I've mentioned are themselves insurmountable, or even difficult. It's that there are so many little leaks, based on so many convenient services that a relatively complex software ecosystem provides.
High bar? Not really.. In order to make encryption software pervasive, all you would have to do is convince a few of the filesharing programs and bit torrent clients to bundle truecrypt with their software. That'll get you several million within a month or so. Furthermore, the next time an update for that software rolls out, you'd see increases in the 5 to 10s of millions. Likely enough people using p2p often could use a good encryption method.
How about using Bitlocker To go to encrypt your USB devices? It's installed/available on all Win7 SKU's (though you need Enterprise/Ultimate to initally encrypt the device). As it's part of the OS, there's no suspision for having it...
First rule of crypto: you do not talk about crypto.
So the encrypted data can be identified as a plain English text document.
That's incorrect. If what you said was true, no encryption would work. For a good algorithm, the encrypted data is (feasibly) indistinguishable from random noise.
Imagine if my algorithm to encrypt files was to create a duplicate size set of random bits (essentially a one-time pad) and XOR it with my source file. Now I have essentially two sets of random data from all apperances. My only problem is that if I store both of these in the same place, an attack such as the one you described could work, because I can XOR all the data by the source, and eventually out comes the key, despite the fact that the data appears random.
Alternately I could XOR blocks of data by each other, (similar to convolution) and eventually out would pop the source document from the random noise.
However, all I have to do is shuffle these two sets of data around a little bit, say using a hashing algorithm, to make your attack infeasible.
By the way, I'm not saying that this is how Truecrypt works, but it's an example of how it's possible to encrypt something and make it appear random.
If moderation could change anything, it would be illegal.
It seems to me that the obvious solution would be to keep the incriminating evidence on an owned machine, just not one that you possess. In other words, let the proving or disproving fall on somebody else. Installing bots is what working overtime at the office is for.
AFAIK, every single computer out there running Unix and Linux variants all have the crypt command, so that satisfies his first requirement of not having a suspicious program.
Then just put your data on a thumb drive.
"Cryptographically strong" at this point means that the signature you are talking about is not present (because things have come a long way since Enigma).
Nerd rage is the funniest rage.
Move to a more civilized country, that does not transform itself in to the very definition of terror and everything mentioned in 1984.
Or alternatively, move them who transform your country, out of you country! :)
You are millions. They are some thousands. At maximum.
(If needed, use beer to stop being wusses. There's no shame in either of them;)
Any sufficiently advanced intelligence is indistinguishable from stupidity.
http://www.faqs.org/docs/Linux-HOWTO/Loopback-Encrypted-Filesystem-HOWTO.html
There you go. Next question?
It's already within the means of the average person who wants to 'do encryption' - as part of the (very simple) install process for Ubuntu 9.04 it asks you if you want to install full file system encryption or not.
I use them to encrypt the data files here that store my online banking access data. Yeah, you see, I keep forgetting them and that way they're safe in case some trojan slips into my system, I only decrypt them when I do online banking and then I quickly encrypt them again.
Yes, that's all I use it for. Those files there? Don't ask me, those used to be data files for an old game I once had but they got garbled somehow in a disc crash and those bitjunk files was all I could salvage. I kept them in case I ever got around to trying to make them readable again... but hey, you might have some luck there! After all you're experts...what? The faulty disk? I dumped it, duh.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Use a web-based stegonographic program on a file-by-file basis. Use it only in an incognito browser, and do not keep a bookmark other than in your noggin. Deniability achieved.
What we need here is a game that stores its files in an encrypted format (including activation code and serial number) then has a utility for decrypting the games (minus serial number and activation code) for editing then encrypting them or any other files when finished.
The game developers would have to make sure there's no back door on their end of things but that shouldn't be too hard to do.
But then of course we're stuck with the problem of making a popular game....or maybe not.
You could in theory follow this pattern and make a lot of games that aren't really popular but are downloaded and installed on enough systems to promote a reasonable doubt in a court defense situation.
"Bah!" - Dogbert
The encrypted data isn't easily identifiable. The file the data is in is. That's why I suggested not putting the data in a file. That part is brain dead simple. In UNIX just type 'rm myencryptedfile'. Now, getting it back is a little trickier. Before you do the rm your stealthy encryption program should really make a note of where the data is so it can be reconstituted into a proper file and recovered later.
ANY data in an actual file is going to be suspicious. "Sir, why do you have this large file full of apparently random data?" "Uh, I like listening to line noise?"
I don't think there are any encryption programs around to specifically do this to a file (some can hide volumes though) but it would be easy to write one. It would be for very specific uses though, like getting your computer across the border with very good deniability if it was searched.
Is it possible to modify slashdot so that AC's never get first post? I understand the concept of sometimes wanting anonymity in a post, but I would not mind if the use of "Post Anonymously" means your post is cued until after a non-AC post is made...
Assuming that you still live in one of the few societies that still have a presumption of innocence until proven guilty, the matter is simple... the burden of proof is on the prosecution.
It's simple in that case, isn't it?
1) you have a block of encrypted data on your computer. Posession of encrypted data should NOT mean that you're guilty... however some draconian laws now say that you have to provide the keys.
2) so long as ANY key will decrypt the data successfully, just with varying results (some valid, others not), shouldn't it be sufficient to provide ANY key, claiming it was the valid one? So long as the software creates a random-sized, randomly-generated block of data when you install it, it should be impossible to say for sure if there was ever anything valid in there in the first place.
Theoretically, a block of random data could decrypt an infinate number of ways (well, almost infinate) depending on the key you provide. It's the "infinate monkeys, infinate typewriters" argument - if the police got lucky and provided the right key, they could theoretically convert that random data into child porn, or into gospel music... something that you could probably prove in court using a one-time-pad system.
My suggestion:
- write a program that handles file encryption
- ensure that when it installs, it creates a random-sized, random-content storage file which is updated regularly by a daemon, even if not used.
- include multiple encryption options, including one-time-padding, to enable plausable deniability later
Guilty-until-proven-innocent is an impossible situation because you can't generally prove a negative. If simple posession of encryption tools or encrypted data is enough to hang you... flee. That's all I can suggest.
MadCow.
I used to have a sig, but I set it free and it never came back.
My netbook (an ASUS EeePC) came with gpg installed. So far, so good. Now, if the default installation would have used a path pointing to a USB drive mount point instead of ~/.gnupg/gpg.conf, then (assuming the cops didn't find that one memory stick) I could plausibly deny that I had ever used gpg. All distros come with it and, although I may have used USB drives, they'd have to find one with gpg.conf to prove I've been encrypting data.
Have gnu, will travel.
The true thrust of his article is that just having TrueCrypt (or any other advanced encryption tool) installed on your machine is enough to pique the interest of law enforcement.
And TrueCrypt gives you that legitimacy: many people use it with just a single key, so if you give law enforcement a key to your porn and/or financial collection, there is nothing particularly suspicious about having or using it with just a single key and no reason for them to conclude that there needs to be a second key for something else.
The answer is, of course, 'yes'.
The solution is to have TrueCrypt and then encrypt your entire drive. If the police seize it, give them the key without any hassle, explaining that you encrypted it just in case someone stole it, because it has personal and/or work data on it.
If that ever ends up in court, with a claim you must be hiding something because of you have encryption software installed, pull out some stats about the sheer number of security breaches from stolen computers and repurposed-without-wiping hard drives. Point out that TrueCrypt is one of the few free and trusted pieces of software to transparently encrypt a hard drive, and you had no problem with giving the police the password to look at your files, it's other people you're hiding stuff from.
For some jobs, in fact, you can be required by law to protect specific data. For example, my job grants me access to the programming of an ecommerce store, which in theory means I need to protect my login under the law or someone could get in and change the files to capture credit card numbers. I'm very confused as to how this following the law should, in any way, imply I am a criminal...I'm trying to protect people's credit cards. Isn't that right, members-of-the-jury-who-have-credit-cards?
The fact that they have some files on that volume that they assert is some another truecrypt volume that you can somehow open up at the same time is, well, silly. That's just a DVD you tried to rip or something, which didn't work, because they're apparently encrypted. Of course you don't know the password, ask the DVD people.
If corporations are people, aren't stockholders guilty of slavery?
Chaffing / Winnowing works by allowing allowing several messages to be encrypted in the same file. And a random amount of random data is also included in the file. Each message would have a different key. When confronted for the key, you provide the key for the first message (the one with Aunt Bettie's cookie recipe - which you, of course, want to protect with encryption). Of course, Thay aren't sure if there is another message in there too, so, after the threats, you tell the second key, for the message where you critisize your boss (which, of course, you want to protect with encryption). More threats, but thats all that is in the file. Or is it? They have no way of knowing if there is more or not. The deniability that you want. I don't know of anybody that produces a package based on this technique - which is too bad .
To me, this seems to have an obvious solution today. Hide the thing in plain sight. No deniability, no nothing. The whole point being brought up here is that having encrypted data is suspicious in and of itself. Everyone runs for TrueCrypt and its dual-password system, except anyone with a clue, as has been mentioned, will realize that given n passwords, they'll never know for sure whether that volume had n or n+1 passwords, and it's bloody obvious you're trying to deny having something , rather than just trying to hide data you're known/supposed to have, otherwise you wouldn't be using TrueCrypt (plain old crypto would keep the data hidden well enough).
My suggestion is, therefore, to have a plain vanilla encryption tool, and actively use it for sensible things. Encrypt all your sensitive customer data (it's good practice anyway). Separate files and separate keys for all those customers too, of course. Encrypt all your personal data, financial data, whatever. Compartmentalize it as well. Toss in some encrypted porn, and hide it somewhere. You can safely provide the keys to all of those, after expressing some concern about customer privacy, and asking the cop not to let your wife know about your porn stash. At this point, you have successfully shed the "he has encryption, he has to be guilty" thing, you're just plain paranoid.
Now, grab a file you would normally not use much. Say, the file with your medical records (provided you have no big health problem, that is), and split it by date. All the stuff from, say, mid-last year goes into one file, and the more recent stuff goes into another. Name the "old one" something appropriate (like "Health -- Backup.crypto" or "Health -- Old.crypto" or some such), and stick all the really secret stuff in there with the actual old health data. If anyone asks, look sheepish and say "oh, I don't use that one much, so I completely forgot the password to the old one and had to start a new one. I still keep it around in case I remember the password". Provided you can keep access records consistent with the story, you've just accomplished deniability as well, because saying "I don't know the password" became credible.
Reminds me of a similar idea I had around high school, package a condom with each canned drink in the vending machines.
\u262D = \u5350
I thought England was home of the "you can't be compelled to testify against yourself".
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
You have to be careful that your O/S or hardware does not leak out that the encrypted container file is being written/read to in areas where officially there's no data. Otherwise they say: "Well where's your other password - we know you're accessing the other parts".
For example, if disk errors are logged to a logfile, and there's a "reallocated sector" in an "unofficial" area in recent times, you might be in trouble...
Also SSDs try to avoid overwriting existing data in many cases - they write the updated data in a "clean block" and leave the old data where it is since that's faster than erasing and rewriting. So that could leak out usage info as well.
This could be masked if programs like truecrypt and rubberhose rewrite different blocks of the entire container (without destroying data) at unpredictable times. but some hardware could treat overwriting with the same data differently from writing different data.
The author's suggestion (which isn't new[1]) is also vulnerable to such problems - since "Aunt May" is unlikely to be using the encrypted container.
BTW it seems to me TrueCrypt's hidden partition system is inferior to Rubberhose's - since with truecrypt, using the "official" partition could cause you problems (even if you enter the hidden partition's passphrase there could be clashes).
[1] I suggested something similar to deal with what the author is talking about nearly 2 years ago: https://bugs.launchpad.net/ubuntu/+bug/148440
I'm probably not the only one. But yes that's vulnerable, and something like the "rewrite" thing might be required.
Another source of leakage could be if you (or someone/something) copied/backed up the container file, and the cops get access to the copy or copies - then they can compare which parts were changed, and things go downhill for you.
Yet another source of leakage could be you posting on slashdot or somewhere else that you do use hidden partitions/aspects.
Lastly, the advantage of creating encrypted partitions for everyone (and making them easy to use) is more people might use them. And more people might forget the passwords to them, including judges, police officers, juries.
It's easier to claim "I was messing about with it to see what it did, and forgot the password" and be believed, if more people have done that before.
I was getting into the whole suggestion, but halfway through, I realized something.
At least in America (I'm not very familiar with court systems around the world), there's the whole legal system of "innocent until proven guilty" and the fifth amendment and such. This means that even if you DO have an encryption program installed, until the prosecution can present sufficient evidence that you're storing child porn within some encrypted volume, you can't be asked to give up your password, or even charged with possession.
The futility of this guy's talk is, if you're NOT in a court system where you're innocent until proven guilty, whether it's some backwater third world nation or some secret prison camp in the U.S., whether or not you've got a super stealthy encryption tool, if the Bad Guys think you've got state secrets hidden on your laptop, they're gonna break your bones until you tell them where the secrets are hidden. All in all, it'll be futile. You're fucked whether or not you've got the secrets.
Instead of having a "secure" and "super secure" sections how about a third option: "nuke data." That way you give them the byebye data password (you have a hidden backup right?) and when they enter it in the data disappears. You could even have it go through and scramble the data. No real biggie there just trash some bits randomly then relock with an unknown password.
Scenario: You make a data encrypted area (heck make it the whole harddrive like TrueCrypt can) then backup the encrypted
Situation: You are forced to give over the password.
Solution: You give them the "nuke data" password.
Outcome: Encryption program reports that secure partition has been improperly modified and is corrupt. Now none of your passwords will work.
Officer: Ok smartie. Whats the decrypt password?
You: RickAstley (cause your "never gonna give you up". sorry bad joke ill show myself out)
Officer: Ok. lets try it. Hmm. It says that the partition is corrupt
You: ARE YOU SERIOUS! I go from having to show you my private data to not having it. Great. Thanks. Way to go.
Officer: Right. Not working here. What the REAL password.
You: The full decrypt was "1337Crypt" but if it is corrupt were both screwed
Officer: Yep still says corrupt. Cannot decrypt information. Well were both screwed I guess.
So the other question is would this make you just as guilty?
Procrastinating life a way at a rapid rate of speed.
Why not use a live OS for encryption that allows saving to the computers hard drive? That way the encryption software is not on the PC at all. Then if absolutely forced to hand over the PC and the encryption program on the live CD then have a pseudo password that deletes the file and simply supply the pseudo password to the demanding party.
Obviously after they delete the file you will have to claim you had no idea that the deletion would take place and either you or they must have made some sort of error.
Modern version of RHEL, Fedora, and probably more can encrypt the entire filesystem (except for /boot) in a fairly stock way at installation. The author linked to a *1998* article when encryption was more hands-on.
Actually , Truecrypt can be used as a stand alone executable , which could be put on an external medium , like a usb stick .
And there are USB keys small enough to swallow. For best results, chew first.
All this talk of eating cipher keys reminds me of the good old days. Back then you hid your data in a microdot, and there was no snotty sysadmin to lecture you on security by obscurity. There's never a cold war when you want one.
Maybe this is a new business opportunity for the Pirate Bay. In addition to the private VPN service, you could also get remote anonymous encrypted storage. If you only access the storage through the VPN, it could make it pretty difficult to track.
This also sounds like an opportunity for the NSA and the Russian Mafia.
For anyone, really, who has a clue to what use might be made of front organizations like Pirate Bay and billions of dollars to invest in traffic analysis and crypto.
Security
"I'm just here to regulate funkiness."
The issue is not having encryption software widely distributed. You need to have (1) common software, (2) used by many people, (3) on a regular basis, and (4) for the purpose of hiding data. If you have anything less, than whatever GUI/script/tool you use is the difference that singles you out.
tomorrow who's gonna fuss
In many cases encryption is simply necessary to protect your customers' data in case of computer theft, just to comply with the regulations on the processing of data.
I guess you've figured out how I built six karma-capped sock puppets, eh?
I haven't used any of them since I met Commander Taco ten years or so ago, and he asked me nicely not to do that sort of thing. My original intention was to sell them on eBay, but Rob's a nice guy, so I will respect his wishes.
One option to hide well the existence of encription software and data could be to put them among game files.
But this doesn't help you at all, because if they find this out then they know you've gone to extraordinary lengths to hide the data and the presence of the data. Which is even worse for you than just having truecrypt installed 'but I never used it'.
A real solution: a p2p distributed backup system. You store 10g of other people's data in exchange for 'free' distributed backup of 1g of your data (numbers made up). This would require strong encryption, and could also be widely popular or if nothing else explainable. This software could have a small feature where you could store a few of your own files into the local cache (the 10g part). So by entering a special extra password, you can retrieve the truecrypt or stenocrypt program or even the encrypted container file itself... this would be like 100 lines of code max on top of this distributed backup system. Save from the 'hidden backup' to ram disk and run from there, so it isn't saved to disk (disable swap).
Anyway, if you actually want to give people a way to run encryption software on their PCs, while ensuring that anyone who seizes their machine cannot tell that any encryption has been going on, these are the hurdles that you'd have to clear.
I don't think any computer manufacturer or application vendor is going to enable encryption by default. And in the case of P2P, encryption doesn't help much without an anonymizer like I2P (which has gotten rather good lately, but still at least an order of magnitude slower than regular sharing so something on the 2-10MB range is relatively quick but full length videos take days).
I do find Soulskill's words on the subject less than well thought out, as I thought it would be obvious to techies that only an encrypted partition (not a volume file) automatically created during the initial computer setup / unpackaging would provide the kind of deniability needed escape persecution in Britain.
This is unlikely to happen unless A) PC makers somehow make it a selling point, or B) applications that want to setup an encrypted partition encourage users to "Now connect a blank external drive" for encrypted formatting and normal use with the app.
Incidentally, its trivial to turn on whole disk encryption with an Ubuntu install disc (as long as you have the alternate version)... you could even do it by accident. I wonder how such an Ubuntu setup would fare in the British courts.
Disclaimer: I'm not by any stretch of the imagination an expert on things crypto; I'm just throwing out this suggestion to see what people think.
So how's this: write a really good backup utility and give it away for free. (Yes, I know it's been done...but not for Windows and for free and really well.) Mass adoption ensues. Lots of people have this program installed, and have backups made by it.
As a bonus, the backup files are encrypted to protect your privacy with a password you supply. This is important: encryption is mandatory. You must supply a password. That's so everyone who uses this program has encrypted backups—this is not grounds for suspicion. There is also another undocumented (but well-known) option: you can supply two more passwords to the program when it compresses and backs up your files. The second password is used to encrypt a list of files or directories that you designate for special handling. The third password works just like the first one, with one small exception: it destroys all the files on the "specials" list, or manipulates them in such a way as to make them look innocuous. (This might work especially well with a steganographic approach using image files...so you have a bunch of blurry under-exposed .bmp photos...being a bad photographer isn't a crime)
The first password is for decrypting the non-sensitive files if you need them. The second one decrypts the sensitive data after the first round of decryption is completed. Obviously, the third password is the one you surrender to the police (after a reasonably realistic show of resistance).
Great men are almost always bad men--Lord Acton's Corollary
This sounds like a great application for my new write-only-memory (WOM) drive! Just copy all your illegal files over to this drive and the authorities will never know you have them!
Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
All current OSs ship with a boatload of encryption. E-mail programs can handle S-MIME. Browsers use SSL/TLS. OSX and Linux come with gpg/pgp to verify signatures. Even Windows can encrypt folders.
So what's the point? It's already there. Use it.
Also, if you've attracted enough attention that They will notice that you've renamed SooperSekret.exe to BoringWorkStuff.exe (or JuicyStuff.encrypted to GameBackup.dat), you're screwed anyway.
Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
THERMITE
"i lost my dignity on a slippery wiener"
Let's say you had the software that allows you to publish "protected" sound and video files. Wouldn't you be able to encode media in a way that requires you to manually authorize each viewing? I suppose the whole point of DRM is to be able to non-interactively allow playback from an authorized computer, but it would nice to hack that stack to require a manual intervention for the decryption to proceed. Having a DRM auth server on computer may be non-suspicious enough to avoid assumption of guilt for possession of encrypted secrets. If your computer were searched or seized, then you might get into trouble, explaining that the DRM-protected content was benign and not possible to re-authorize.
Well for those that have kids or SO's that may use your computer, pr0n may be a valid reason. Not because you have illegal content, but because you don't want just anyone to be able to pop through your computer and poke at things.
Other files of course include confidential documents such as tax information etc which you might not want your curious "PC repairman" to poke at while servicing your computer or your RMA'ed hard drive...
I remember a posting about a solution called Vanish see ( http://vanish.cs.washington.edu/ ), that produces an encrypted email where neither the sender or recipient has the key and due to the nature or the cloud P2P key storage system the email becomes unreadable some 8-9 hours after creation. Using this idea with and a small access key protected application running on a remote server. It would allow me to store encrypted data on Amazon S3 for example in such a way that if I fail to access the volume at least once every 8 hours the volume key expires. This way, if I am arrested and held for more than 8 hours - period to last access, before questioning (which is likely) I can give law enforcement the access keys to my server application to extract my encrypted volume which will by that time have expired. This I can comply with the law, follow all their instructions and yet still not give them access to secret information. The only two proviso's being that the keys expire before I am asked and that I am allowed to keep silent until a question is asked without that in itself being incriminating. i.e. 'You do not have to say anything, but it may harm your defence if you do not mention, when questioned, something which you later rely on in court. Anything you do say may be given in evidence.'
Just make your crypto password "I committed an act of littering on 2009-09-10 aj8s6wg". When the judge tells you that your password itself isn't protected by your right not to self-incriminate, you can tell him that your password itself is a confession to a crime. If you hit the bullseye, the dominoes will fall like a house of cards. Checkmate.
Learn to steganography.
Hiding behind encryption schemes is like a kid hiding in his little box fort, taunting people. Eventually someone goes over and knocks down his fort and smacks him up a bit.
I believe there's an episode of Family Guy where Stewie does this with cereal boxes, and Brian knocks it down after getting annoyed. It's a pre-cancellation episode, so it's okay to reference it.
I'm getting pretty sick of comments that suggest deletion.
The first think your antagonists will do is to dupe the data. Especially, 100%, if they are police- who have to be able to show that they didn't just *plant whatever they wanted*. The first thing that would happen during a lawful seizure of a powered-down equipment is the removal of your hard drive, hooking it up to a device that write protects it, they boot it connected to their own box, which images the drive. Then they hash the image file and write that down. Now a corrupt cop can't frame you (though a whole GROUP of them still could manage, I think we agree that is less likely).
So if you give them a deletion passphrase, this makes two stupid assumptions.
1- That they will be dumb enough to run YOUR BINARY.
2- That they will be dumb enough to run your binary on THE ONLY COPY OF THE DATA THAT THEY HAVE.
If you were SERIOUS about that route, you would need something that would actually physically destroy your disk if $CONDITION were to be true. For instance, if your machine thermites your drive when the case is opened, you might actually have a secure mechanism there. Note that even THEN you'll probably be in trouble in court- you probably destroyed evidence, after all.
Cued? Like when you're playing pool or snooker... So what should happen when slashdot accidentally pots the cueball?
Because it is, so there.
Mod Parent Informative because too many people forget about this step when trying to make data self destruct.
And forget the password yourself.
http://www.cbc.ca/health/story/2009/03/13/fear.html
A thoughtful person who travels outside of his or her country would certainly take that into account when thinking of which encryption system to use
I would begin by asking why I was taking a sensitive file or folder across the border.
"Any port in a storm."
Nothing is guaranteed to go the way you planned.
You are navigating a legal no man's land where the power and authority of the customs agent, secret service, police and military are least likely to be questioned.
Five months as the guest of Kim Jong II makes all things negotiable. Including that key you've held back for so long.
And then, what about the fact that a large file which is created all at once, is normally not fragmented very much, but if the storage file is frequently modified, it is likely to become more and more fragmented â" thus giving people a way to tell if the encryption program is being used frequently.
FYI, fragmentation isn't an issue if the size of the file isn't changing.
If you append even one extra byte, or shrink the file, you may have issues, depending on the filesystem, but filesystems don't merrily go around shuffling/fragmenting files on every single write. If a file is 256MB, and you're overwriting 6MB somewhere in the middle, it overwrites those 6MB. If the file isn't fragmented, then the HDD doesn't have to seek much, so it'd be ludicrous re-writing that chunk of the file(or the whole thing) at another location. That would just slow things down, so HDDs and filesystems avoid that.
Although, I can't speak to how Truecrypt manipulates file writes... if the encryption really scatters the data, there might be a lot of seeking involved - but I really doubt it'd fragment the file.
... and your Selenium deficiency taken care of too!
The time has come for edible USB sticks.
something useful could still come out of /dev/null if they are designed correctly.
Exception Duck - may or may not contain chicken.
I work at a helpdesk and recently responded to a 'hacktool.rootkit' warning from Norton Security Scan. It couldn't tell the filename, but did report the problem. RootkitRevealer reported one file and four registry entries were hidden from the Windows API; they were well hidden and I couldn't find them with normal searching, even with all the Windows check-boxes set properly. Booting from a Linux CD allowed access to find and delete the file, but the point is that if a rootkit can hide that well, then documents can hide just as well. Perhaps they can be found with a non-Windows system, but the sheer quantity of Windows files will hide them anyway ... use a naming convention that you can find them, but others will assume Microsquish is behind them, perhaps something starting with MSxxxxxx.
(posted anonymously as I know how much everyone hates DRM)
I remember reading about DRM servers being shut down and music being inaccessible. Could there be a key server that goes down automatically if not contacted in a certain period of time or something. I haven't though this through so there's probably lots of holes in this though.
Although I guess this just puts the key in someone else's hands, which would make them liable unless they are outside the jurisdiction.
Alternatively could the passphrase be replaced with some type of biometrics, maybe a finger print that could be lost in an accident.
Funny that this should come up now. Next week I have a meeting with a Civil Liberties Council to start advising the Lawyers there about using encryption for email and client data on their computer systems. I've been involved for other matters but I've notice that the lawyers I've seen don't actually use any form of encryption for their clients data or communication.
Surely some of them know about it but I think the general problem is while the term IANAL is thrown around the term IANAT (I Am Not A Technologist) isn't and frankly it's the people here in this thread that are the appropriate people to start sharing that education that encryption is no more sinister than an envelope. It remains to be seen how effective I am in that regard as there are many techno-legal issues arising to cover and I'm told (by my legal friends who invite me) that they have no idea of the consequences of.
I plan to use this thread to help me draw up some things to talk about next week. I'd encourage anyone here to see if the are some Civil Liberties Councils in your city/state you can get involved with as they need our help as much as, inevitably, we need theirs. The Information Technology profession is maturing and surely we need to have quality laws that reflect IT's place in society so if encryption isn't popular now perhaps it's because we have been remiss in performing our duties.
My ism, it's full of beliefs.
It seems that Kubuntu 9.04 at least comes with GPG already installed, so at least there it already comes with the OS.
He was posting on slashdot, you insensitive claude!
GNU Privacy Guard is part of the default install of Ubuntu / Debian because it's used to validate the digital signatures of .deb packages before they are installed. It can easily be used for pass-phrase file encryption with the "-c" option. If you run "gpg -c some_file" it will prompt you for a passphrase and spit out an encrypted some_file.gpg. If you then run "gpg some_file.gpg" it'll prompt you for the passphrase and recreate the origional some_file.
There are various reasons why this doesn't perfectly accomplish the goal described, but the fact that many Linux systems have user-accessible strong crypto functionality installed as an integral element of the system is definitely relevant to the topic at hand.
-- The act of censorship is always worse than whatever is being censored. Always.
Of course, in a relatively free society, if law enforcement has probable cause to seize your machine in the first place, then they would presumably already have some evidence against you.
Not in the UK, where if they search your property they may seize and search your computers and telephones as a matter of course, a warrant is not required provided you have been arrested, or your tenant or lodger has, and they can pursue any suspicions they form, or anything they find in the course of the search. (When Damian Green MP was arrested last year in connection with his having received leaked documents, all the equipment from his parliamentary office was seized without a warrant. We had a revolution about that sort of thing in the 17th C.)
"We saw he had encryption software, and this made us suspicious, can we have a decryption warrant please?" Is possible. In practice it is rare because they have a long queue for the more serious sort of computer examination, and don't bother to understand what software is there unless there is other suspicion. Practicality may protect you; the law won't.
Maybe I am overseeing something, but the software is not as much the problem as the actual existence of encrypted data.
It is fairly easy to avoid problems due to the software and you don't even have to 'popularize' it, simply by using a bootable usb stick with an encryption program, or mounting drives you want to encrypt via the network from another computer.
Another method which was mentioned is a complete hd encryption with the system partition encrypted as well.
However this is all in vain since once the authorities identify 'any' kind of encrypted information on your hd you are in deep trouble.
So the challange is actually being capable of hiding the data. Steganoraphy seems to be the solution, but I am assuming it has some limitations in terms of size of the encrypted content etc. and is not really practical in case you have loads of sensitive data. Furthermore, hiding stuff somewhere is really effective only if the person you are hiding it from is not convinced you hid it there - meaning, data stored in an image will fool the viewer of the image but not a crafted data mining algorithm looking for stego.
A much more pragmatic option might be a vpn connection to some dedicated server which lies outside of the countries authority. but eventually, it all boils down to the effort the autorities are ready to invest into resolving the matter.
so 'bad guys'... after all it still might be the most effective thing to hide the really sensitive stuff on a plain usb stick in your ASS! :)))
WARNING: before applying, please consider the negative sideeffects on your athletic performance during a pursuit.
Proper plausible deniability is actually pretty easy. For example if you truecrypt non-system whole drives, the entire drive is encrypted. There is no way to prove one way or the other that that the drive is encrypted and not just over-written with random data. Because truecrypt exists installed on another drive means nothing, just throw a few container files in. These people are getting done because they have no plausible deniability at all. Steneography is completely different. Imagine for example that you had an image in BMP format. The least significant bits of the BMP image are usually noise and not noticable by the eye. So you could embed encrypted data into your images and it would be plasuible that they are just images, as they look like images with a tiny bit of random noise. You can do the same thing with music files. Uncompressed lossless formats like wav, you can simply encrypted data into the least significant bits of the wave. The noise will not be audible and it will be impossible to prove it wasn't just noise in the original recording. Of course even these are somewhat unplasible. Is it plasubile for someone to have gigabytes of bmp's or wav's or other highly compressible data?
Looks to me like someone has worked out how to encode a secret message and make it look like a long, rambling and pointless slashdot story.
So I believe that these kinds of laws are nonsense. I treat my laptop like an extension of my mind. It's private space. My private space. I am, politically-speaking, a libertarian.
But seriously? The fact is, the people using this software are trading child pornography. Yes, yes, there's companies using it to protect their data (not enough of them according to news reports). But that's not what we're talking about. Corporate citizens are concerned with protecting their data from thieves. Cops don't want the source code to Windows 2017. They don't want your secret financial records (usually) and they don't want your meeting minutes, nor your patient data. Corporations, by definition, have an obligation a social obligation, to turn their data over to the authorities when requested. That's part of the social contract they sign, when we give them special privileges as a corporation.
Companies protecting their data from thieves is a perfectly legitimate use of encryption, but I think we can safely assume that the majority of meth heads who're going to jack a laptop for the credit card number of its owner aren't going to bother with trying to decrypt the data. This is a red herring argument.
What we're really talking about is...do private citizens have the right to keep their data private from the government. I think they do. Morally speaking. From a constitutional "intent" standpoint. Illegal search and seizure, etc. But. The fact is, encryption, in the real world, usually is going to work against you. It's going to be pictures of your kid on someone's hard drive, it's going to be evidence of the owner using that laptop to trojan into yours, it's going to be evidence of some hacker cleaning out your bank account. Really.
The frank truth is, no one cares about your 'Big, Busty, Beautiful Women' surfing habits. Or your penchant for buying women's clothes off of E-bay or whatever. You, really, just don't have data worth being encrypted. Paranoid privacy geeks always have the "But what if..." argument. But statistically, they fall down in the face of reality. Yes, one person out there will probably get screwed with this.
Basic CyberPunk 101 teaches us that the best defense, in a surveillance state, is that statistically, it's impossible to find one gold fish in a tank of 4000. Or four million. In essence, companies will never be threatened by the government in any situation that is a legitimate, ethical argument for hiding their data. They should decrypt their data before handing it over to any investigation. Think BCCI, Enron, Berney Maddoff, etc.
You, as a private citizen, are either A) doing something illegal, or B) don't have any data that'd get you in trouble anyway. Period. In that case, why does it matter? Again, I'm all about civil liberties, but who is going to benefit the most from this kind of interference? Virus writers, botnet administrators, child pornography traders, and...terrorists. Why is this a good thing? Is your granma's chili recipe really that sacrosanct?
Finally, wasn't the whole point of it being illegal to export 128-bit encryption-capable technology outside of the US, that the NSA's RAZOR or whatever it was called had the ability to break anything simpler? That was...in the 1990s, I believe. I'm not so sure, with the talk of a super computer being built lately that approaches 1/22nd of the neural network necessary to simulate a brain, as well as the HUGE recent interest in 'anti-terrorism' that your encryption is as secure as you think it is, if they seriously wanted it. For that matter, at one point in time there was talk of a 'master password' being put on computers/encryption software that would allow the government to unlock it.
Basically...these people are professional conspiracy theorists and paranoids. You're trying to beat them at their own game. And I'm still not sure why. No offense, not an attack on anyone. Just a query and my input. I don't get how this is an issue morally speaking. Sure, sure, it would suck to have the RIAA fine me $1200 or
So...your recommendation is that we just give up, and assume that at some point, the police are going to come for us, and we're going to die, because they are uncaring jackbooted goose-stepping fascist bastards who just love torturing people to death.
Even aside from the terminal cynicism of that viewpoint, it's totally useless. What's useful is the knowledge that at least in some cases a plausible-deniability encryption tool like TrueCrypt will provide you with the means to keep some data private even when you are required by law to hand over encryption keys.
So pardon me if I flip your ideology the bird and go where people believe in at least trying to live a normal life.
Dan Aris
Fun. Free. Online. RPG. BattleMaster.
Isn't the simplest solution that EVERYBODY installs TrueCrypt, whether they use it or not. Thus it ceases to be suspicios as such.
Why don't you extract something like TrueCrypt to a flash drive and use that to encrypt your files? If you've already purchased plane tickets, grabbing a $10 flash drive at your destination isn't a big deal. Just leave it behind when you head home. That way you won't have any "suspicious" software while you're actually traveling.
Somebody "patch" Windows Solitaire to have encryption software come up with a secret keypress (similar to how Pinball has a hidden game in it). The software will embed encrypted files in random JPEG files downloaded from I Can Haz Cheezburger and put in My Pictures. That would meet most of this essay's criteria.
If you can use steganography to completely hide encrypted data on your hard drive and you can use a program that runs from a thumbdrive and doesn't need to be installed, then your problem is solved. Hell, you could just use a large capacity thumbdrive or flash memory card to store all your incriminating stuff and hide it where no one will find it. Hell, SD cards are so small and have so much capacity that you could loose several terabytes in the cushions of your sofa. Micro SD cards will fit in one of those hollowed out quarters.
Anyone who is dumb enough to store incriminating data on their primary hard drive frikkin' deserves to be caught.
Did you just post your password on slashdot? nowai bro!
You seriously need to rethink that strategy...
2^3 * 31 * 647
Seriously, what's wrong with hiding it in plain sight? Make an ISO file and keep it in a directory of other ISO files with an innocuous name. Much less likely to show up on anybody's radar of "hey, what's this guy doing here" and if you remember to clean your caches often (you don't?) then you're fine.
2^3 * 31 * 647