[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ESFS - The encrypted steganography filesystem



On Thu, Jan 13, 2011 at 9:55 AM, stormrider <strmrdr42@xxxxxxxx> wrote:
> ...
> this sounds like a nice idea. Especially the fact that you kinda
> "overmount" one filesystem over another to access hidden data.
> But - as far as I know there is actually no steganography technique that
> can really *hide* the data. So you will not be able to prevent someone
> from finding out that there is some information inside the images. You
> might want to read
>
> Attacks on Steganographic Systems. Andreas Pfitzmann:
> Information Hiding. Third International Workshop, IH'99, Dresden, Germany

my favorite steganographic file system design used bits in inodes for
storage. the benefit of this more stealthy mechanism is offset by the
vastly expanded storage requirements. you need a *lot* of files to
have enough inodes in play to be useful.

this would not be vulnerable to the trivial unmasking that image based
storage or other similar approaches take (like mentioned in the paper
above) although it is unclear exactly how sparse and subtle the inode
modification must be across a large, populated file system to be
effective.

alas, i remember hearing about this from a certain fellow at DC13 and
never heard more...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/