Forwarded message:
Date: Mon, 21 Sep 1998 23:37:06 -0400 From: Lazlo Toth <lazlototh@hempseed.com> Subject: Re: Stego-empty hard drives... (fwd)
How do you propose to prompt the user for the correct time to type?
Pressing an obscure key combination during bootup to trigger the password prompt should do the trick.
And just exactly how do you propose to spread this technology commercialy without alerting at least some members of the constabulary of its existance? Now if we are looking for a spin-loop in a POST that isn't there in a normal BIOS then I would say simply use sig-analysis on the machine during POST. You've got two options on labeling the BIOS. Either pick a ID that isn't a legitimate BIOS id or else scam a legitimate version number. In either case the police will have listings of the legitimate BIOS versions from the maker. The actual sig-analysis could probably be done with a standard AM radio as a technology demonstration. Since a spin-loop in the POST is going to sound much more consistent than the memory checks and hardware inits that take place. Now on a commercial basis what I'd do is get the BIOS manufacturers to sell me a copy of each of their legitimate BIOS'es and then create a library of signal envelopes (similar to the library of ship sounds subs carry) and it would be a trivial feat to build a detector that does a diff on the signal. If it doesn't match they yank you out of line and ask you some tough questions while a guy with some hardware savy, a BIOS listing, and a logic analyzer builds a case against you. No, I suspect you'll pull this off a few times and then they'll catch on, assuming the NSA or DIA doesn't give them a jump start. My guess is they already know how to do this sort of stuff and considering the budget being spent on neutron scanners, gas sniffers, etc. the lifetime for this technology won't be very long. ____________________________________________________________________ The seeker is a finder. Ancient Persian Proverb The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------