|
Posted by David Eather on January 19, 2007, 10:41 pm
If you were Registered and logged in, you could reply and use other advanced thread options
nemo_outis wrote:
>
>> nemo_outis wrote:
> ...
>>> The following will not fool a sysadmin (well, not a good one) but it
>>> works very well against casual or inept snoops.
>>>
>>> Hide the Truecrypt file as an "alternate file stream" attached to
>>> some other file (which could itself be perfectly functional, such as
>>> an Excel file). The hidden stream will not show in any normal system
>>> operation (directory listings, etc.) although some (by no means all)
>>> antivirus software may report it.
>>>
>>> If the ordinary file you wish to use is, say,
>>> C:\directorypath\somefile.xls then create (and subsequently mount
>>> and use) the Truecrypt file as, say, C:
>>> \directorypath\somefile.xls:tc (i.e., the alternate file name -
>>> extent, really - is defined as prefixed by the regular file name and
>>> a colon)
>>>
>>> Regards,
>>>
>>>
>>>
>> So, your saying it is OK that your security is not based on a
>> mathematical proof or a conjecture of the computational bounds of an
>> adversary, but rather based on the hope that the adversary is
>> incompetent.
>>
>> Do you see anything wrong with that?
>
>
> Short answer: No, I see nothing wrong with that.
>
> Longer answer:
>
> The OP framed her question in terms of using nothing stronger than an
> inconspicuous file. Compared to that, an alternate data stream is
> leagues ahead.
>
> Going further, the OP's threat model is coworkers who casually snoop,
> folks who are, if not outright incompetent, clearly without special
> resources or competence.
>
> Against a sufficiently competent, well-funded, and motivated adversary -
> especially one who has repeated unobserved direct access to the machine
> as could happen in a work environment - I fell confident in saying there
> is NO satisfactory method of disguising the use of Truecrypt.
>
> So, the task is not to overdesign the system inordinately in a misguided
> attempt to thwart the NSA. Instead, as with most security questions, the
> real task is to implement a scheme appropriate to the specified threat
> model.
>
> And this is exactly what my suggested use of ADS in these circumstances
> does. It is a convenient, readily implemented method that is entirely
> suitable and appropriate for the described threat model.
>
> Regards,
>
>
The rub:
The adversary is not the NSA. You saw how quickly SG was onto the
faults in this idea. It will only take one person who knows what he is
doing, to show one script-kiddie what to do, who will show everyone else
and security becomes zero or even worse; the user still thinks they have
some security and may well be indiscreet.
| 
XML site map