Re: ESFS - The encrypted steganography filesystem

[Tomás Touceda <chiiph () gentoo org>]

Hi stormrider,

2011/1/13 stormrider <strmrdr42 () yahoo de>:
> Hey Tomás,
>
> this sounds like a nice idea. Especially the fact that you kinda
> "overmount" one filesystem over another to access hidden data.
> But - as far as I know there is actually no steganography technique that
> can really *hide* the data. So you will not be able to prevent someone
> from finding out that there is some information inside the images. You
> might want to read

What I meant with hide is that, since it uses the LSBs, you can pick
any image, and "find data" in them, so it makes it a little bit harder
to know where you actually have data, and if you really do.

> Attacks on Steganographic Systems. Andreas Pfitzmann:
> Information Hiding. Third International Workshop, IH'99, Dresden, Germany
>
> This should clarify things ;-)

Thanks, I'll read it... I haven't read a lot about steganography I
must admit, I have to get up to date with this.

Thanks a lot for the input!

Cheers,

> My information might be out of date, but after that publication it
> became very silent around steganography and I haven't heard any news
> since then...
>
> regards,
> stormrider
>
> Am 12.01.2011 20:08, schrieb Tomás Touceda:
> > Hello everyone,
> >
> > I wanted to announce this little pet project that was born a couple of
> > weeks ago, and now it sees the light in the form of a proof of
> > concept, in hopes that it'll become a fully featured filesystem.
> > Here's an extract of the main README text:
> >
> > ============================================================================
> >
> > What's this?
> >
> > Just like the title says, it's a filesystem. Particularly, it's a FUSE
> > filesystem that's implemented entirely in Python (for now), and it's a
> > proof of concept in alpha state, so don't save stuff only within this
> > filesystem just yet. A couple of weeks ago, I started reading about
> > and playing with encrypted filesystems (LUKS + dmcrypt, encfs, etc). I
> > came across an email (actually, a friend of mine tossed me the link)
> > from the now well-known Assange, about a Linux kernel module he and
> > other people were working on that provided different layers of
> > encryption in a filesystem, so you can say "oh, yes, I have encrypted
> > data in here", but in a deeper layer you'd have more encrypted data,
> > with another key, and nobody but you would know about it. And I
> > thought it was a really cool idea. I started looking for the code, but
> > it was too old to be used with the current kernel. A couple of days
> > before that, I read about StegFS, a filesystem that uses steganography
> > to hide your files within your other files. And again, I thought it
> > was a really cool idea, BUT I didn't like the fact that (and please
> > correct me if I'm wrong) when you copied a file in StegFS, there's a
> > chance you'll lose some other file. So, this one is usable, but this
> > drawback didn't suit me. I started bouncing ideas with a lot of
> > friends, and then it hit me: a filesystem, hides its data in images
> > and encrypts this data. I wanted to build a FUSE filesystem since I
> > first learned about it, so I finally had an idea to work with. This
> > idea gives you the same advantages of Assange's kernel module: you
> > have a bunch of images that seem like regular files, but when you
> > mount the filesystem with certain parameters BAM! you have lots of
> > files that nobody knew were there.
> >
> > ============================================================================
> >
> > You can find the rest of this README, a more detail design document,
> > and the actual code in: https://github.com/chiiph/esfs
> >
> > If you find any bugs, please let me know.
> > Any comments and critics are more than welcome.
> >
> > Regards,
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



-- 
Tomás Touceda
Gentoo Developer
Herds: Qt, Scheme, Lisp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/