Forwarded message:

Date: 22 Sep 1998 03:11:01 -0000 From: Anonymous <nobody@remailer.ch> Subject: Re: Stego-empty hard drives... (fwd)

There's a third option, but it may be a bit more difficult (or not). I'm not really a hardware person, and it's probably obvious.

3. Use a "crypto-dongle" similar to what someone here (Mr. Geiger, I believe) has come up with. You plug it into the parallel port or somewhere else, and the encrypted data is useless once the dongle is removed. I would think that if we plugged this into the bus we could have the BIOS remap the IDE routines to some EPROM in that dongle. The cryptography could take place there too. If the spooks are on to you, you trash the dongle.

So you're proposal is not only to put the crypto in the BIOS but a set of hardware device drivers to drive this port during boot but won't interfere with regular OS device drivers?

This paradigm breaks down when we get into the operating system, though. Linux, for instance, apparently disposes of the BIOS and uses its own IDE driver. I assume that Windows 98 does the same thing. Linux is open source, so modifications could be made, but Windows would be harder.

That was an additional issue that I was going to bring up. I suspect that in both cases it would be feasible to do, though you'd need to use a special driver in Linux type OS'es to shadow the BIOS driver back into the memory map. The real issue with me about this whole scheme is the distribution mechanism. It is just too shakey and porous not to allow LEA's to know about it. If they can get a copy themselves then they have a perfect mechanism to build a virus-scanner style of program to look for the appropriate footprint. ____________________________________________________________________ The seeker is a finder. Ancient Persian Proverb The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------