Full Disclosure mailing list archives
Re: ESFS - The encrypted steganography filesystem
From: Tomás Touceda <chiiph () gentoo org>
Date: Thu, 13 Jan 2011 15:21:46 -0300
Hi stormrider, 2011/1/13 stormrider <strmrdr42 () yahoo de>:
Hey Tomás, this sounds like a nice idea. Especially the fact that you kinda "overmount" one filesystem over another to access hidden data. But - as far as I know there is actually no steganography technique that can really *hide* the data. So you will not be able to prevent someone from finding out that there is some information inside the images. You might want to read
What I meant with hide is that, since it uses the LSBs, you can pick any image, and "find data" in them, so it makes it a little bit harder to know where you actually have data, and if you really do.
Attacks on Steganographic Systems. Andreas Pfitzmann: Information Hiding. Third International Workshop, IH'99, Dresden, Germany This should clarify things ;-)
Thanks, I'll read it... I haven't read a lot about steganography I must admit, I have to get up to date with this. Thanks a lot for the input! Cheers,
My information might be out of date, but after that publication it became very silent around steganography and I haven't heard any news since then... regards, stormrider Am 12.01.2011 20:08, schrieb Tomás Touceda:Hello everyone, I wanted to announce this little pet project that was born a couple of weeks ago, and now it sees the light in the form of a proof of concept, in hopes that it'll become a fully featured filesystem. Here's an extract of the main README text: ============================================================================ What's this? Just like the title says, it's a filesystem. Particularly, it's a FUSE filesystem that's implemented entirely in Python (for now), and it's a proof of concept in alpha state, so don't save stuff only within this filesystem just yet. A couple of weeks ago, I started reading about and playing with encrypted filesystems (LUKS + dmcrypt, encfs, etc). I came across an email (actually, a friend of mine tossed me the link) from the now well-known Assange, about a Linux kernel module he and other people were working on that provided different layers of encryption in a filesystem, so you can say "oh, yes, I have encrypted data in here", but in a deeper layer you'd have more encrypted data, with another key, and nobody but you would know about it. And I thought it was a really cool idea. I started looking for the code, but it was too old to be used with the current kernel. A couple of days before that, I read about StegFS, a filesystem that uses steganography to hide your files within your other files. And again, I thought it was a really cool idea, BUT I didn't like the fact that (and please correct me if I'm wrong) when you copied a file in StegFS, there's a chance you'll lose some other file. So, this one is usable, but this drawback didn't suit me. I started bouncing ideas with a lot of friends, and then it hit me: a filesystem, hides its data in images and encrypts this data. I wanted to build a FUSE filesystem since I first learned about it, so I finally had an idea to work with. This idea gives you the same advantages of Assange's kernel module: you have a bunch of images that seem like regular files, but when you mount the filesystem with certain parameters BAM! you have lots of files that nobody knew were there. ============================================================================ You can find the rest of this README, a more detail design document, and the actual code in: https://github.com/chiiph/esfs If you find any bugs, please let me know. Any comments and critics are more than welcome. Regards,_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- Tomás Touceda Gentoo Developer Herds: Qt, Scheme, Lisp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ESFS - The encrypted steganography filesystem Tomás Touceda (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Peter Maxwell (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Tomás Touceda (Jan 13)
- Re: ESFS - The encrypted steganography filesystem stormrider (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Tomás Touceda (Jan 13)
- Re: ESFS - The encrypted steganography filesystem stormrider (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Tomás Touceda (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Tomás Touceda (Jan 13)
- Re: ESFS - The encrypted steganography filesystem coderman (Jan 13)
- Re: ESFS - The encrypted steganography filesystem Peter Maxwell (Jan 13)