Forensics Tool Finds Headerless Encrypted Files 374
gurps_npc writes "Forensics Innovations claims to have for sale a product that detects headerless encrypted files, such as TrueCrypt Dynamic files.
It does not decrypt the file, just tells you that it is in fact an encrypted file. It works by detecting hidden patterns that don't exist in a random file. It does not mention steganography, but if their claim is true, it seems that it should be capable of detecting stenographic information as well."
Plausible Denial? (Score:5, Funny)
I'm am a citizen of the United Kingdom. Amongst many odd laws we have here, there's one that basically means that you can go to jail if you refuse to hand the police your encryption keys if they ask for them. The one saviour was Truecrypt's plausible denial. If they don't know you have encryption they can't ask for keys!
Now they do know I have encryption... ...and I've forgotten my password.
Can someone please give me tips on how to avoid dropping soap in the shower?
Re:Plausible Denial? (Score:5, Funny)
Re:That's STEGANOGRAPHY! (Score:4, Funny)
Re:That's STEGANOGRAPHY! (Score:4, Funny)
Our groundbreaking software can detect the presence of SHORTHAND* and allow law-enforcement decryption of this nefarious data-hiding technology!
*Currently can detect Gregg, Pitman, Teeline, and Speedwriting. Also detects the presence of steno pads and stenotype machines.
Re:Umm... (Score:5, Funny)
ssshhh, the "ga" is secretly embedded through steganography
Re:Don't worry (Score:3, Funny)
This will probably become an arms race, in order to use vs detect subtler and subtler patterns in the bytes.
In any case, this tool will probably end up being used by law-enforcement as a polygraph, or breathalyzer: not true, not quite false either, but exciting enough to get the suspect to confess.
Reminds me of a funny story about polygraphs. The cops were questioning a particularly stupid criminal, and they knew he did it (disclaimer, disclaimer). So they taped some stripped wire ends to his fingers, and ran the other ends of the wires into some random slot on a nearby xerox machine. They had secretly placed a paper onto the copier's glass with the words "HE'S LYING" written on it. When the guy answered a question and they knew he was lying, they'd fully press the copy button, rather than just pretending to press it. Out would come a copy of the paper -- HE'S LYING -- and the guy, whelmed, confessed. Ha ha, owned. :)
Re:Umm... (Score:2, Funny)
Steno = narrow
graphy = writing
Greek
Re:That's STEGANOGRAPHY! (Score:4, Funny)
Easy, I'll just encrypt using a one-time steno pad!
Re:Plausible Denial? (Score:3, Funny)
>recently used files lists
strange, my cli apps don't seem to have that
Re:Plausible Denial? (Score:5, Funny)
Simple. Make your password, "what hidden truecrypt volume?"
Re:Sure they do! :) (Score:0, Funny)
I love you paranoia nerds. You are by far the funniest of the jackasses around here.
Re:Plausible Denial? (Score:3, Funny)
"...an indication that you were using stenography."
They can always just ask the stenographer if she did any work for you, and then she rats you out.
Lesson: Don't use stenographers. Typing is fast enough.
Re:Don't worry (Score:3, Funny)
Not necessarily.
Elliptical encryption can produce waves, but if the seed is large enough, it's a bear to detect. Bigger waves, bigger cache to AND for rhythms.... hint hint.
What's needed is some sort of slam dunk header with Britney Spears in some sort of Japanese HD interlaced display. Hash it with bluefish, then salt it up with Atomic Rooster.
This also bodes badly for Layer 7 router problems-- the kind where ISPs 'deep dive' into packet streams to throttle them back, so that all important ISP-provided movies can go through unfettered.
Re:This is complete BS, and is easy to test (Score:2, Funny)