Re: Stego-empty hard drives... (fwd)
Forwarded message:
Date: Tue, 22 Sep 1998 00:46:03 +0000 From: Michael Hohensee <mah248@is9.nyu.edu> Subject: Re: Stego-empty hard drives... (fwd)
I believe that the idea was to set it up so that BIOS defaults to HD-hiding mode.
How do you propose to do this? Via a BIOS setting?
When you're taking your laptop through customs, you do nothing while the machine boots up, the doctored BIOS does its thing, and everybody's happy. When you want to get at the stuff on the rest of the HD, you reboot and type in your passphrase.
How do you propose to prompt the user for the correct time to type? ____________________________________________________________________ The seeker is a finder. Ancient Persian Proverb The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
On or about 8:16 PM -0500 9/21/98, Jim Choate wrote:
Forwarded message:
Date: Tue, 22 Sep 1998 00:46:03 +0000 From: Michael Hohensee <mah248@is9.nyu.edu> Subject: Re: Stego-empty hard drives... (fwd)
I believe that the idea was to set it up so that BIOS defaults to HD-hiding mode.
How do you propose to do this? Via a BIOS setting?
Yes.
When you're taking your laptop through customs, you do nothing while the machine boots up, the doctored BIOS does its thing, and everybody's happy. When you want to get at the stuff on the rest of the HD, you reboot and type in your passphrase.
How do you propose to prompt the user for the correct time to type?
Pressing an obscure key combination during bootup to trigger the password prompt should do the trick. -Lazlo
At 11:37 PM 9/21/98 -0400, Lazlo Toth wrote:
When you're taking your laptop through customs, you do nothing while the machine boots up, the doctored BIOS does its thing, and everybody's happy. When you want to get at the stuff on the rest of the HD, you reboot and type in your passphrase.
As I recall, this thread is about customs officials booting your laptop from *their* floppy and scanning your hard drive. I suggest two practical solutions to avoid this incursion: 1) Leave the floppy drive at home ;-) Many PCs have swapable floppy/ CD-ROM bays. I've learned to live without my floppy (others may not have that option.) 2) If you can't leave your floppy at home, carry your sensitive data on a PCMCIA Type-II Hard Drive. Kingston sells one sporting 500MB of capacity. Pop it out and put it as far away from the laptop as you can. Inside your other luggage somewhere. -MpH -------- Mark P. Hahn Work: 212-278-5861 mhahn@tcbtech.com Home: 609-275-1834 TCB Technologies, Inc (mhahn@tcbtech.com) Consultant to: The SoGen Funds 1221 Avenue of the Americas, NY NY
Mark Hahn wrote:
2) If you can't leave your floppy at home, carry your sensitive data on a PCMCIA Type-II Hard Drive. Kingston sells one sporting 500MB of capacity. Pop it out and put it as far away from the laptop as you can. Inside your other luggage somewhere.
I am ignorant about hardware. Question: Wouldn't it be possible to somehow put information on a music CD?
At 03:33 PM 9/22/98 +0100, Mok-Kong Shen wrote:
Mark Hahn wrote:
2) If you can't leave your floppy at home, carry your sensitive data on a PCMCIA Type-II Hard Drive. Kingston sells one sporting 500MB of capacity. Pop it out and put it as far away from the laptop as you can. Inside your other luggage somewhere.
I am ignorant about hardware. Question: Wouldn't it be possible to somehow put information on a music CD?
Sure. Simply trade offs of what's important to you and the situation you might be in. If disguise is a primary factor, then a write once music CD would be excellent. If you need re-writable capability, use a CD-RW (re-writable CD). However a CD-RW appears gold underneath, not sliver-ish, so you have less of a disguise. If you need fast random access, then neither version of CD will be suitable. Hence the PCMCIA Hard Disk. However, you may have difficulty coming up with a cover story if, indeed, you do not want to tell a customs officer, "Oh, yeah, that's a portable disk drive". As another trade off, most Laptops don't have CD-ROM writing drives, so you would need an outboard drive. There are probably slick, portable versions available, but that's more junk to lug through the airport (and to explain, if necessary.) Also, I was trying to suggest something practical to address the problem. I.e. can be done in a week and under $500. Some of us could re-write the BIOS and flash in the update in that time frame. Others of us will find a credit card and mail order an easier route to take. (uh... minus the lack of anonymity of buying mail order....) -MpH -------- Mark P. Hahn Work: 212-278-5861 mhahn@tcbtech.com Home: 609-275-1834 TCB Technologies, Inc (mhahn@tcbtech.com) Consultant to: The SoGen Funds 1221 Avenue of the Americas, NY NY
At 8:16 PM -0500 9/21/98, Jim Choate wrote:
Forwarded message:
Date: Tue, 22 Sep 1998 00:46:03 +0000 From: Michael Hohensee <mah248@is9.nyu.edu> I believe that the idea was to set it up so that BIOS defaults to HD-hiding mode.
How do you propose to do this? Via a BIOS setting?
When you're taking your laptop through customs, you do nothing while the machine boots up, the doctored BIOS does its thing, and everybody's happy. When you want to get at the stuff on the rest of the HD, you reboot and type in your passphrase.
How do you propose to prompt the user for the correct time to type?
Why prompt, you installed it, just have the startup stop at a certain point, just simply pause. You hit a couple keys (4-8) and go on. Given this case you don't really need the security of a long passphrase since if they are looking to get in, you've lost already. -- petro@playboy.com----for work related issues. I don't speak for Playboy. petro@bounty.org-----for everthing else. They wouldn't like that. They REALLY Economic speech IS political speech. wouldn't like that.
Jim Choate wrote:
Forwarded message:
Date: Tue, 22 Sep 1998 00:46:03 +0000 From: Michael Hohensee <mah248@is9.nyu.edu> Subject: Re: Stego-empty hard drives... (fwd)
I believe that the idea was to set it up so that BIOS defaults to HD-hiding mode.
How do you propose to do this? Via a BIOS setting?
Well, I don't propose to do it at all, since I lack the expertise to do it or even know how much trouble it would be to do it. :) I believe that the idea was to change BIOS itself. That is, change the BIOS program, rather than a setting. This was to be done by flash-updating the BIOS with a new program.
When you're taking your laptop through customs, you do nothing while the machine boots up, the doctored BIOS does its thing, and everybody's happy. When you want to get at the stuff on the rest of the HD, you reboot and type in your passphrase.
How do you propose to prompt the user for the correct time to type?
Perhaps the new BIOS program listens for something like Ctrl-Shift-P, and if it gets it, goes into passphrase mode. Otherwise, it does its little trick. As long as the doctored BIOS program produces a normal looking bootup sequence (but hides the HD), everything's fine.
participants (6)
-
Jim Choate -
Lazlo Toth -
Mark Hahn -
Michael Hohensee -
Mok-Kong Shen -
Petro