flat assembler
Message board for the users of flat assembler.

Index > Heap > [Encryption] Boucher gave in. Fricosu betrayed. Doe succeeds

Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
DOS386 wrote:
> In the UK you can be jailed for not giving your password.

Because UK is just a slave of USA (same for Germany, Poland, ... & Co ... except Iran + North Korea) Sad
Not for long. We're the social networking addicted retards of all of first world academia. India and China are pumping out geniuses on a scale the US can never match, even proportionally.

I wonder what China will do to protect our civil liberties. I can hear it now:
Quote:
"Give me your computer."
"It's my data!"
[Chinese dude gets lead pipe and beats dude with data]
"OMG dude!!! My head/knees/anything soft and exposed!!!"
[Chinese dude takes computer]
You get the idea.
Post 14 Oct 2010, 04:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
Civil liberties? In the US? Me thinks you are mistaken about that. You have the illusion of it only, powered by the US media propaganda. Twisted Evil Still, it's no worse than most other countries so you are not alone there ... unfortunately.

However, a thought strikes me. I have a lot of old backup drives that I have set aside as I upgraded to new sets. Usually all I do to "wipe" them is just to change the TC volume password by bashing randomly at the keyboard for a bit and copy/paste into the dialog box to set a new password. I truly do not know the passwords for these old backups. I sure hope that if I ever get asked for the passwords that I don't get jailed for failing to provide something I cannot possibly provide.

Having any random data on your HDD would seem to be a dangerous thing to do. Since how can you prove that it is not some encrypted info that your are refusing to acknowledge and thus refusing to provide the password for?

Many of the utilities that do free space wiping and such like just put random data there. OMG that could land you in jail since it could be something illegal that you encrypted.
Post 14 Oct 2010, 05:35
View user's profile Send private message Visit poster's website Reply with quote
guignol



Joined: 06 Dec 2008
Posts: 725
guignol
Freedom? In the Canuckia? Mine thinks you are mistaken about that.
You have only the illusion of it there, fed by the Canuckian propaganda.
See, it's no better than in most other countries, yet you are not alone there ... unfortunately.
Post 14 Oct 2010, 10:26
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
Does anybody know about some application that does this:

You have two files, one you want to encrypt, the other one a decoy.

You encrypt it with 2 passwords.
If you input the first one, the real file will be uncrypted and showed.
If you use the other password, the decoy file will be uncrypted.
Post 23 Oct 2010, 20:46
View user's profile Send private message Reply with quote
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
Enko wrote:
Does anybody know about some application that does this:

You have two files, one you want to encrypt, the other one a decoy.

You encrypt it with 2 passwords.
If you input the first one, the real file will be uncrypted and showed.
If you use the other password, the decoy file will be uncrypted.
I don't know for sure, but I bet that would be as easy to detect as stenography.
Post 23 Oct 2010, 20:58
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
Becouse of the file size?

The crypted data can be compressed to, the whorst case I think would be have two videos or two bin files

I think if it's a text file, compressing it too, whoud be preaty much hidded.
Post 23 Oct 2010, 21:07
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7752
Location: Kraków, Poland
Tomasz Grysztar
Enko wrote:
Does anybody know about some application that does this:

You have two files, one you want to encrypt, the other one a decoy.

You encrypt it with 2 passwords.
If you input the first one, the real file will be uncrypted and showed.
If you use the other password, the decoy file will be uncrypted.

It is called Deniable encryption.

Tyler wrote:
I don't know for sure, but I bet that would be as easy to detect as stenography.
Did you mean steganography?
Post 23 Oct 2010, 21:20
View user's profile Send private message Visit poster's website Reply with quote
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
Tomasz Grysztar wrote:

Did you mean steganography?

Yes. I spelled it right, but spellcheck highlighted it, and I went with it's suggestion. Smile
Post 23 Oct 2010, 23:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
Enko wrote:
You have two files, one you want to encrypt, the other one a decoy.

You encrypt it with 2 passwords.
If you input the first one, the real file will be uncrypted and showed.
If you use the other password, the decoy file will be uncrypted.
Yes, deniable encryption as pointed out by Tomasz, but your encrypted container will need to be at least the size of the both videos combined. This can be a problem with deniable encryption, how to explain the extra "unused" space in the encrypted container?
Post 23 Oct 2010, 23:16
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
Not surprisingly another case comes to court with the data encrypted.

http://techbreakingnews.blogspot.com/2011/07/doj-we-can-force-you-to-decrypt-that.html
Quote:
The Colorado prosecution of a woman accused of a mortgage scam will test whether the government can punish you for refusing to disclose your encryption passphrase.
IMO, it is wrong to expect to be able to force someone to decrypt stuff for the government on demand. Proper investigation and evidence gathering should not require the cooperation of the person accused. In fact there are a multitude of possible reasons why someone can't or won't recover data. Laws that require decryption make a huge assumptions about the reason for the existence of the data, the reasons for the accused not cooperating, and indeed that the data is actually something encrypted and not just random noise.
Post 11 Jul 2011, 12:26
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
... and she (Ramona Fricosu) has now been ordered to decrypt her data.

http://209.157.64.200/focus/f-news/2836970/posts

Now I have a problem: How can I travel to the USA with my encrypted system? There is no way I can risk being jailed for either a) failure to decrypt, or b) for breach of contract if I decrypt my customers data and expose it to the USA thugs .. er .. I mean the USA FEDS. Is there no decency left in the world? Sad
Post 24 Jan 2012, 13:21
View user's profile Send private message Visit poster's website Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
revolution wrote:
How can I travel to the USA with my encrypted system?

If the data you need during your travels is small enough you can obviously compress, encrypt and upload it on some online storage service.
Post 24 Jan 2012, 13:42
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
ManOfSteel wrote:
If the data you need during your travels is small enough you can obviously compress, encrypt and upload it on some online storage service.
The data requirement is rather large (multi-GB) and often there is no Internet connection anyway (hence my occasional absences from this forum).

Although there is the obvious silliness of being jailed for bringing encrypted data on a HDD and being perfectly legal for bringing it in by Internet.
Post 24 Jan 2012, 13:48
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3502
Location: Bulgaria
JohnFound
Probably it is possible to make an encrypting system that to be able to be decrypted in two ways - one with your secret files and one full of innocent and legal porno. Very Happy
You simply need two passwords.
It is called Deniable encryption
Post 24 Jan 2012, 13:50
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
JohnFound wrote:
legal porno.
Unfortunately, not all countries have the same idea as to what that is. Anyhow, deniable encryption is problematic in NTFS drives, and the FAT formats can't handle my requirement for files larger than 4GB. Deniable encryption is more tricky than it might first appear.
Post 24 Jan 2012, 13:59
View user's profile Send private message Visit poster's website Reply with quote
Coty



Joined: 17 May 2010
Posts: 554
Location: ␀
Coty
women posing in bikinis should pass as legal in most countries, although that's probably to boring for you guys to even waste your time downloading Razz

_________________
http://codercat.org/
Post 24 Jan 2012, 16:34
View user's profile Send private message Send e-mail Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3502
Location: Bulgaria
JohnFound
Coty, the contents of the fake encrypted volume should be improper enough to be encrypted and legal in the same time. If you want this fake content it to be legal all over the world, it could be problem in itself. Smile
Post 24 Jan 2012, 18:42
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
revolution wrote:
JohnFound wrote:
legal porno.
Unfortunately, not all countries have the same idea as to what that is. Anyhow, deniable encryption is problematic in NTFS drives, and the FAT formats can't handle my requirement for files larger than 4GB. Deniable encryption is more tricky than it might first appear.
If you use partition-based containers, TrueCrypt doesn't need the partition to be flagged as NTFS. It might be weird to have an 8GB "Linux Swap" partition on a Windows laptop, but it could be from a previous install of linux that was hastily replaced with Windows.

Of course you'd need TrueCrypt not to be installed on the machine, and definitely without an installer that's easy to locate anywhere on the harddrive.

_________________
Image - carpe noctem
Post 24 Jan 2012, 20:25
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17472
Location: In your JS exploiting you and your system
revolution
f0dder wrote:
Of course you'd need TrueCrypt not to be installed on the machine, and definitely without an installer that's easy to locate anywhere on the harddrive.
But everything is easy to find with the search function.

However all of the above ideas require that the user lie about the true contents of the HDD. I would much prefer a solution that does not require any subterfuge and does not allow any government to jail me for non-disclosure.

I've been trying to find a solution where I can make data non-recoverable, and can prove that it is non-recoverable, but at the same time be possible to reconstruct from public sources, and also have the public sources mask the true contents of the data. It sounds a bit like alice-in-wonderland (and maybe it is) but it might be doable given the right method. Something like erasing the header sector (thus killing the master key) but also having the master key broken down and distributed among public sources in a fashion that looks perfectly normal. Even a simple four word phrase with each word selected from a list of 128k words will encode 68 bits of data. Do this enough times and in enough public sources with some redundancy and you could store a full 512byte sector without anyone suspecting. I guess this would be a form of steganography, and it would require access to public resources like the Internet so it is still not an ideal solution.

coaster driving planet molecule

Hehe, these forums could store a lot of hidden coded text. And posts from some people sometimes look like coded text anyway.
Post 25 Jan 2012, 00:25
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 9002
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
truecrypt can mount device, so if u got 500gb hd, then just make primary partition 100gb for windows, then the rest no partition then truecrypt can mount and format..
Post 25 Jan 2012, 09:00
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.