Re: Stego-empty hard drives... (fwd)
Forwarded message:
Date: 22 Sep 1998 02:15:42 -0000 From: Anonymous <nobody@remailer.ch> Subject: Re: Stego-empty hard drives... (fwd)
How do you propose to do this? Via a BIOS setting?
By default. The machine boots. It is either told to accept a passphrase or is told nothing. If the latter, it boots normally, only with its HD-hiding code. If the former, it prompts, accepts a passphrase, and then boots normally, only with the HD-hiding code disabled.
Understood.
What I think you're asking is how the actual cryptography would be done. I
That aspect is trivial from the mod-the-BIOS perspective, let's assume for a moment that the crypto is in the ROM-burner... Specificaly I am asking: Given a BIOS which has been modified to allow the end-user to select between encrypted and non-encrypted operation, how is the end-user supposed to make this selection? So far I've seen two suggestions: 1. The BIOS is only 'sensitive' at particular points in the POST. 2. The BIOS has a user-accessible selection via some method to activate their selection. Both are workable, I'm looking for a more specific description of the methods. In the case of 1., is the marker going to be particular windows which are bounded by particular messages printed to the boot console? In the case of 2. is it going to be a particular 'magic keystroke' that enables some hidden option screen? It seems to me that both have obvious methods of attack if the only goal is to demonstrate to a legal standard that such capability exists. ____________________________________________________________________ The seeker is a finder. Ancient Persian Proverb The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
At 9:41 PM -0500 9/21/98, Jim Choate wrote:
Specificaly I am asking:
Given a BIOS which has been modified to allow the end-user to select between encrypted and non-encrypted operation, how is the end-user supposed to make this selection?
So far I've seen two suggestions:
1. The BIOS is only 'sensitive' at particular points in the POST.
2. The BIOS has a user-accessible selection via some method to activate their selection.
Both are workable, I'm looking for a more specific description of the methods.
In the case of 1., is the marker going to be particular windows which are bounded by particular messages printed to the boot console? In the case of 2. is it going to be a particular 'magic keystroke' that enables some hidden option screen?
It seems to me that both have obvious methods of attack if the only goal is to demonstrate to a legal standard that such capability exists.
If you do (1), and simply have _no_ prompt, just a small space in time AFTER the POST (say, immediately after) to type in your passkey, and things are set up that if you type the wrong keys, it goes straight into hidden space mode, then there would be no suspicion, other than a slightly long boot sequence (and if the wait time were only 2 or 3 seconds, it might not even be noticable.) -- petro@playboy.com----for work related issues. I don't speak for Playboy. petro@bounty.org-----for everthing else. They wouldn't like that. They REALLY Economic speech IS political speech. wouldn't like that.
participants (2)
-
Jim Choate -
Petro