On Fri, 23 Apr 2004, Major Variola (ret) wrote:
filesystems (etc) with layers of deniable stego. Are there any decent implementations for Linux/BSD/NT?
I haven't looked recently. One property that such a FS or app should have is that it is useful for something *else* besides stego & duress layers. Maybe a watermark :-) management tool that can embed multiple watermarks that don't interfere. Hmm... a meaty problem... tasty, with heavy theory sauce..
Regarding filesystems, some time ago I came up with an idea of a filesystem as a block device that has the filesystem handling code in its bootblock area in a bytecode. Mount the fs, it reads the functions into the interpreter's sandbox. Could be useful especially for read-only media that would be using exotic encryption or compression algorithms, and quick portability of them between various OSes; you have to develop only the interpreter and the filesystem API for any OS in question, the rest is on the medium itself. I recently stumbled over an extremely interesting Linux project, "FUSE" - filesystem in userspace. The fuse.o module serves as an interface between the kernel and user space, relaying the filesystem-related calls. It's quite robust approach, as any crash of the external filesystem code is in userspace and is unlikely to take down the machine itself. Wondering if something like that could be written for Windows. Would simplify a lot of things.
There are magnesium rods on the camping market, sold as firestarters for very bad weather.
One can also buy mag ribbon which is more convenient than the mini-ingots you are referring to. I know that pyrotechs coat Mg curls and the like with blackpowder paste (apply wet then dry). A coil of coated ribbon and a rocket-igniter would make a neat little daughterboard :-) Just don't take it on an airplane. There are patents on similar, of course.
Somebody mentioned here the trick with KMnO4 and glycerol. I saw this experiment in elementary school, where it was shown as a demonstration that mixing "ordinary" things may give extraordinary results - it was shown to light up a glob of magnesium shavings. A setup with a dongle circuitboard covered with an insulating/protective varnish, a magnesium strip attached over the memory chip (held in place by steel wire thick enough to keep it there even while burning, for long enough to deliver enough heat into the chip, or wrapped around the chip and the board), the strip coated with caked permanganate, and a glass vial with glycerol in the dongle's casing, could be usable for the field use - if you get enough time to drop the dongle and step on it. Electrical ignition of the Mg strip may be useful in the setups when the device is connected to home security system or machine movement sensors. A purely electronic system would have an advantage, though - could be shipped much easier as it won't contain more "dangerous" components than a lithium or silver-oxide cell. Maybe a microcontroller with a SRAM chip, with the data stored as XORs of pairs of cells, and the micro periodically inverting the pairs, to prevent the "remembering" in the SRAM cells after a power-off? (Related question: are there any SRAM chips with smaller capacity, that would have smaller case and smaller number of pins?)
Testing might get expensive unless you can get destructive-test dongles cheaply, and how much effort do you expend trying to read the data?
Or replace the test dongles with test rig with a mechanically similar chip; new serial EEPROMs in SMD casings can be bought for as cheap as USD1/3-1/4, maybe even less. We don't need to completely obliterate the chip; we need to heat it just enough to get the electrons from the floating gates (maybe my terminology is wrong, but if you saw a pic of an EEPROM or FEPROM cell, you are likely to know what I mean), get them over the not-that-high energetical barrier so they can (and will) jump back and forth freely, discharge the memory cells. Then not even the most expensive atomic-level machinery can recover the original content. If the temperature is enough to recrystallize the silicon at the chip surface, it should have a rather wide safety margin. The casings of the SMD chips are fairly thin - under a millimeter between the surface and the chip, so even a relatively small strip should be enough. Tests can be done even with discarded chips, as the remains aren't required (nor supposed) to be functional anyway - they have to be examined by eg. optical microscopy. Electron microscopy would be the best - but that's outside of the reach of a "garage technician"; maybe an university or an industrial lab could be hired or bribed to do the tests, though.