Hi,
anon via Tails-dev (2020-10-25):
> Would it be possible to add steghide as tails default package ?
> https://packages.debian.org/buster/steghide
>
> If the goal is to hide stuff (the persistent storage is not hidden),
> I think it gives clues to attackers (who got access to persistent
> storage) where to look next if this package can be seen as
> "additional software".
I hear this argument.
Have you considered this possible rebuttal:
If we include steghide by default, then an attacker who is familiar
enough with Tails to be aware of Additional Software will surely be
aware of the presence of steghide, and thus will have an almost as
strong clue that it could be worth looking for data hidden with
steghide, instead of data hidden using another of the several
steganography tools available in Debian.
?
At this point of the conversation, I would recommend users for whom
this matters a lot to install their preferred steganography tool
by hand (without Additional Software) whenever they need it, so that
it leaves no traces and such attackers are left with no clue
about potential steganography usage, and which tool could be used.
Cheers!
