Deniable Thumbdrive? (and taking signal detection seriously)

[Major Variola (ret)]

> From: "Tyler Durden" <camera_lumina at hotmail.com>
> The cool thing about this drive (small enough that it has holes for
use as a
> keychain) is that it's got a "Public" area and a private area, and the

> private area is accessible (if one desires) only via the little
fingerprint
> reader on the top of the drive. (It's also USB based, and on
Windows2000 and
> beyond you don't need any software drivers--just plug it in to a USB
port
> and it appears as a drive).
>
> ANyway, I was wondering. I'd really like a nice software mod of this
thing
> so that, depending on which finger I use for verification, a different

> private area on the drive will open (right now several users can be
assigned
> access by the master user to use their fingerprint for access to the
single
> private area). Of course, there should be no indication that there
even IS
> more than one private area.

1. You should not rely on their encryption alone, you should use your
own crypto on
whatever you store there.   You can carry your whole environment --incl.

copies of tools, digsigs,and keyrings -- with you.   You do, of course,
have
to trust the hardware/OS you use it with.  "If you don't know the
socket,
keep your dongle in your pants"

2. If you use your 'nose' you need to borrow other noses to do a signal
detection study ---tally hits, misses, false alarms, false positives.
Then
get back to us.  We can even characterize and compare the performance
of say human sentries this way; even measure their fatigue, perhaps.  If
the
FAA/TSA has half a clue they've done this for their x-ray snoopers.