Re: [Tails-dev] TAILS steganography proposal

Poista viesti

Vastaa
Lähettäjä: jvoisin
Päiväys:  
Vastaanottaja: tails-dev
Aihe: Re: [Tails-dev] TAILS steganography proposal
Hello,
thank you for your interest in Tails.

> I think, there is a way to hide a TAILS into a FAT32/64 USB disk/memory.

In what kind of threat model?
>
> FAT32 allows some reserved sectors before the first copy of filla
> allocation table.
> There is a way to hide some little assembler/machine code in a
> polimofric form to hide the boot loader.
>
> Example:
> A "normal" USB partition with FAT32 and TAILS hide.
>
> The MBR can hide a little sequence to load a disk sector with the real
> boot loader.
> The boot loader can shuffle some code via JMPS instrucions, NOP etc...
> to prevent a pattern recognition.

I'd like to take a look at your polymorphic bootloader implementation.
>
> Into the FAT32 partitions:
> 1) Crate a file, then delete it with random data and rename some times.
> (The data will create only into de root dir section).
> This can be used to hide an encrypted partition and boot loader.

This will not hide the "encrypted partition" nor the bootloader, since
they have recognizable headers. Also, how can you prove that the file
will not be always written in the same place?
>
> 2) TAILS and the persistence can sored from in reverse order form end to
> start of USB disk with encryption of boot loader.

Why in reverse order ?

> 3) Free space can be filled to rando data.

"Can", or "must" ?
> This is the similar situation used by truecrypt to hide the outer/inner
> volume.

No, it's not :)

>
> This steganography cha be used as option to hide TAILS usb.

I don't get how it's hiding Tails, since it will boot Tails when you
plug the usb key in.

I think you may want to read a bit more about cryptography and
steganography/forensic[1][2][3] before suggesting implementations :)

1. http://www.forensicswiki.org/wiki/Main_Page
2. http://forensix.org/
3. https://github.com/volatilityfoundation