‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, February 27, 2020 11:43 PM, John Young <jya@pipeline.com> wrote:
Ex-CIA Joshua Schulte Describes His Data/Crypto Hiding Prowess (WikiLeaks Vault 7)
"Which brings me to my next point. Do you know what my specialty was at the CIA? Do you know what I did for fun? Data hiding and crypto. I designed and wrote software to conceal data in a custom-designed file system contained within the drive slack space, or hidden partitions. I disguised data. I split data across files and file systems to conceal the crypto. Analysis tools would never detect random or pseudorandom data indicative of potential crypto. I designed and wrote my own crypto. How better to fool buffoons like forensic examiners and the FBI than to have custom software that doesn't fit into their two-week class where they become forensic experts? Make no mistake. I am an expert in data hiding and cryptography with thousands of hours of experience and among the top specialists in the world, or was."
Joshua continuing to prove he lacks good sense in legal matters. these steganographic techniques are most effective when not suspected. if you point out you're using them, the adversary is going to reverse them, negating your advantage. (full disk encryption helps protect against disclosure, but FDE is designed for confidentiality, not covertness!) back at DEF CON 13 discussed a system with an MIT alum; he used the inode entries themselves as covert storage. slack space is poor at stealth! down side with inode approach is paltry volume sizes, relative to cover storage. (although, i'd argue, the effectiveness makes it attractive, none the less :) best regards,