Re: Deniable data storage
hi, Keep K =Original Key P =Original Plain Text C =Original cipher text D=Dummy plain text C'=Dummy cipher text K'=Dummy key use a symmetric key encryption algorithm with a secret key 'k' over plain text 'P' to obtain cipher text 'C' Then we find k'= C (xor) D Preferably D is atleast as long as C. Now we can claim we used k' as one time pad to encrypt. When the police decrypts they obtain D= C (xor) k', the dummy plain text. This is not an efficient algorithm but even if you did have one, this is not a very good idea because the secret police will first get the dummy key and when they see there is nothing of significance in the plain text, they will beat the original key out of us and I dont suppose any democracy in the world prevents this from happening :-) Regards Sarath. --- James A. Donald [EMAIL PROTECTED] wrote: I want to store information deniably. So there would be a fixed sized block of data, say one megabyte, increasing by multiples of 8 as needed. This would contain various items of information that one could extract by supplyin a secret, symmetric, key. A random key would extract a block of gibberish of random length There would be no indication as to how many bits of meaningful data were stored in the block, though obviously they would have to add up to less than the size of the block. So one could store one's password list under one key, and the location of the dead bodies under another key, and absent that key, there would be no evidence that they key, or information hidden under that key, existed. What is a good algorithm for this? __ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree
RE: Six Step IE Remote Compromise Cache Attack (fwd from dcopley@eeye.com)
- Forwarded message from Drew Copley [EMAIL PROTECTED] - From: Drew Copley [EMAIL PROTECTED] Date: Wed, 5 Nov 2003 16:32:54 -0800 To: Benjamin Franz [EMAIL PROTECTED], Thor Larholm [EMAIL PROTECTED] Cc: Liu Die Yu [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Six Step IE Remote Compromise Cache Attack -Original Message- From: Benjamin Franz [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 2:50 PM To: Thor Larholm Cc: Liu Die Yu; [EMAIL PROTECTED] Subject: RE: Six Step IE Remote Compromise Cache Attack On Wed, 5 Nov 2003, Thor Larholm wrote: This post raises an interesting question. Is our goal to find new vulnerabilities and attack vectors to help secure users and critical infrastructures, or is our goal to ease exploitation of existing vulnerabilities? There are no new vulnerabilities or techniques highlighted in this attack (which is what it is), just a combination of several already known vulnerabilities. This is not a proof-of-concept designed to highlight how a particular vulnerability works, but an exploit designed specifically to compromise your machine. All a malicious viruswriter has to do is exchange the EXE file. Believe me, I am all in for full disclosure and detailing every aspect of a vulnerability to prevent future occurances of similar threats, but I don't particularly think that we should actively be trying to help malicious persons. I have mixed emotions about this. On one side - why put millions of systems at risk to script kiddies? On the other side, as noted by the poster, one of these vulnerabilities has been known for more than _TWO YEARS_. Surely far more than enough time for MS to have actually _fixed_ the problem if they intended to. MS seems (at least in some cases) to ignore security problems until someone publically 'holds their feet to the fire' over them. I suspect this happens when the problem 'runs deep' in their code and will require more than fixing a boundary limit check and recompiling. Very well said. I would note that I believe their strategy for securing code wants to be inline with their strategy for pushing their products. The company is full of strategies, and this is good. But, the primary stategy needs to be to put security first. Especially, post 9/11. A few others things... As with all security issues, the researcher is not bound to tell anyone about them. Liu Die Yu could have just shared this with his friends, and we all could have kept these to do as we will. Kind of like keeping your own personal nuclear weapon. Who knows? Maybe there will be a rainy day. My question then, to everybody, is would you have preferred that he keep this to himself and his friends, or would you have preferred for him to have disclosed this, with a workaround? Because Liu Die Yu has worked with Microsoft (China) in the past, and he has, unfortunately, found that he can not trust them. Maybe he talked to the wrong person. Who knows? But, we can all see plainly that Microsoft was without excuse to ignore these problems all of these years. What was the thinking behind that? Was somebody's job saved so this could happen? Was somebody able to make a more successful career move because of this? Are researhers like Liu Die Yu too intimidating to deal with, too challenging, too successful? What would have happened if someone else put these flaws together and discovered they could make them work? What would have been the case in that situation? Why did Microsoft ignore the advice of all these researchers and not do something about these issues? Why did they think they could go it alone in this way? The advice was free for them. They had almost two years to fix this, should Liu Die Yu even conceivably be forced to wait another three to six months from a company that has shown him bad dealings in the past? This is using the system at its' best. It is an example of the best kind of system. There is no bureaucracy, there is no limitation, no glass ceilings, no prejudice... Anyone who is capable, come, find bugs. Microsoft is putting out millions of dollars in bounties for worm writers while people like Liu Die Yu are just trying to get into the security field, so they can do what they are best at. What they love to do. It isn't like he is incapable of doing this. He has found swarms of bugs since starting to look for them. Bounties work. We know they do. But, let's close the gap. Let's make sure that tomorrow's bugs are not found outside of the Full Disclosure community. Why would anybody be making these kinds of shortcuts? What good is AV or Firewalls or anything if your OS let's the attacker through? We worry about script kiddies trying to figure out what Liu Die Yu did here to make their own version? We should be worrying about rogue nations and criminal organizations creating teams of bug finders so they can penetrate any system they want to. The computers themselves
Re: [declan@well.com: [Politech] FBI visits John Young, asks about anti-government activity [fs]]
It's a little late for Special Agent Todd Renner to avoid publicity: http://www.networks.org/?src=cnn:2003:US:Northeast:05:22:explosives.arrest Todd Renner -- an FBI special agent assigned to the Joint Terrorist Task Force in New York DCF At 02:39 PM 11/5/03 -0800, Eric Murray wrote: - Forwarded message from Declan McCullagh [EMAIL PROTECTED] - Date: Wed, 05 Nov 2003 17:01:52 -0500 To: [EMAIL PROTECTED] From: Declan McCullagh [EMAIL PROTECTED] Subject: [Politech] FBI visits John Young, asks about anti-government activity [fs] John Young is a longtime supporter of open government and public access to government information. See: http://www.mccullagh.org/cgi-bin/photosearch.cgi?name=john+young -Declan --- http://cryptome.org/fbi-cryptome.htm 4 November 2003 Cryptome received a visit today from FBI Special Agents Todd Renner and Christopher Kelly from the FBI Counterterrorism Office in New York, 26 Federal Plaza, telephone (212) 384-1000. Both agents presented official ID and business cards. SA Renner said that a person had reported Cryptome as a source of information that could be used to harm the United States. He said Cryptome website had been examined and nothing on the site was illegal but information there might be used for harmful purposes. He noted that information in the Cryptome CDs might wind up in the wrong hands. SA Renner said there is no investigation of Cryptome, that the purpose of the visit was to ask Cryptome to report to the FBI any information which Cryptome had a gut feeling could be a threat to the nation. There was a discussion of the purpose of Cryptome, freedom of information, the need for more public information on threats to the nation and what citizens can do to protect themselves, the need for more public information about how the FBI functions in the field and the intention of visits like the one today. SA Kelly said such visits are increasingly common as the FBI works to improve the reporting of information about threats to the US. Asked what will happen as a result of the visit. SA Renner said he will write a report of the visit. Cryptome said it will publish a report of the visit, including naming the agents. Both agents expressed concern about their names being published for that might lead to a threat against them and/or their families -- one saying that due to copious personal databases any name can be traced. Cryptome said the reason for publishing names of agents is so that anyone can verify that a contact has been made, and that more public information is needed on how FBI agents function and who they are. Cryptome noted that on a previous occasion FBI agents had protested publication of their names by Cryptome. Cryptome did not agree to report anything to the FBI that is not available on the website. ___ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) - End forwarded message -
Re: [s-t] needle in haystack digest #3 (fwd from Nick.Barnes@pobox.com)
No Such Agency doesn't fab much of anything; they can't afford to. They and their ilk are far more interested in things like FPGAs and adapting numerical algorithms to COTS SIMD hardware, such as graphics processors (a la http://www.gpgpu.org/). Why do they have their own fab plant if they don't fab anything? http://www.globalsecurity.org/intell/facility/nsaspl.htm
Re: Deniable data storage
James A. Donald ([EMAIL PROTECTED]) wrote on 2003-11-06: I want fully deniable information storage -- information theoretic deniable, not merely steganographic deniable, for stenography can never be wholly secure. So, StegFS is not deniable enough? I'm not much of a theory buff, but it sure sounds nice from the paper...