Forensics on PDAs, notes from the field

Tyler Durden camera_lumina at hotmail.com
Fri Aug 13 12:57:05 PDT 2004 

Sunder wrote...

>And PGP won't stand out because.... ?

Just wondering. Is it possible to disguise a PGP'd message as a more weakly 
encrypted message that then decrypts to something other than the true 
message?

OK...perhaps we stego an encrypted message, then encrypt that photo using 
something weaker.

Not like they haven't already thought of that, though. And it seems to me to 
be a difficult task getting ahold of enough photos that would be believably 
worth encrypting.

-TD



>From: Sunder <sunder at sunder.net>
>To: Morlock Elloi <morlockelloi at yahoo.com>
>CC: "cypherpunks at al-qaeda.net" <cypherpunks at al-qaeda.net>
>Subject: Re: Forensics on PDAs, notes from the field
>Date: Fri, 13 Aug 2004 14:11:36 -0400 (edt)
>
>On Fri, 13 Aug 2004, Morlock Elloi wrote:
>
> > The purpose would be that they do not figure out that you are using some
> > security program, so they don't suspect that noise in the file or look 
>for
> > stego, right?
> >
> > The last time I checked the total number of PDA programs ever offered to 
>public
> > in some way was around 10,000 (5,000 ? 100,000 ? Same thing.) That can 
>be
> > trivially checked for. Any custom-compiled executable will stand out as 
>a sore
> > thumb.
>
>How? Not if you get something like a Sharp Zaurus and compile your own
>environment.  "Hey, I want to get as much performance out of this shitty
>little ARM chip as I can."
>
> > You will suffer considerably less bodily damage inducing you to spit the
> > passphrase than to produce the source and the complier.
>
>What makes you think they'll have enough of a clue as to how to read the
>files off your PDA without booting it in the first place?  99% of these
>dorks use very expensive automated hardware tools that do nothing more
>than "dd" your data to their device, then run a scanner on it which looks
>for well known jpg's of kiddie porn.
>
>If you're suspected of something really big, or you're middle eastern,
>then you need to worry about PDA forensics.  Otherwise, you're just
>another geek with a case of megalomania thinking you're important enough
>for the FedZ to give a shit about you.
>
> > Just use the fucking PGP. It's good for your genitals.
>
>And PGP won't stand out because.... ?
>
>
>----------------------Kaos-Keraunos-Kybernetos---------------------------
>  + ^ + :"Our enemies are innovative and resourceful, and so are we.  /|\
>   \|/  :They never stop thinking about new ways to harm our country /\|/\
><--*-->:and our people, and neither do we." -G. W. Bush, 2004.08.05 \/|\/
>   /|\  :                                                             \|/
>  + v + :    War is Peace, freedom is slavery, Bush is President.
>-------------------------------------------------------------------------
>

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

More information about the cypherpunks-legacy mailing list