On Fri, Feb 28, 2020 at 12:11:10AM +0000, coderman wrote: > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Thursday, February 27, 2020 11:43 PM, John Young <[email protected]> wrote: > > > Ex-CIA Joshua Schulte Describes His Data/Crypto Hiding Prowess > > (WikiLeaks Vault 7) > > > > "Which brings me to my next point. Do you know what my > > specialty was at the CIA? Do you know what I did for fun? > > Data hiding and crypto. I designed and wrote software to > > conceal data in a custom-designed file system contained within > > the drive slack space, or hidden partitions. I disguised data. > > I split data across files and file systems to conceal the > > crypto. Analysis tools would never detect random or > > pseudorandom data indicative of potential crypto. I designed > > and wrote my own crypto. How better to fool buffoons like > > forensic examiners and the FBI than to have custom software > > that doesn't fit into their two-week class where they become > > forensic experts? Make no mistake. I am an expert in data > > hiding and cryptography with thousands of hours of experience > > and among the top specialists in the world, or was." > > > Joshua continuing to prove he lacks good sense in legal matters. these > steganographic techniques are most effective when not suspected. if you > point out you're using them, the adversary is going to reverse them, negating > your advantage. (full disk encryption helps protect against disclosure, but > FDE is designed for confidentiality, not covertness!) > > back at DEF CON 13 discussed a system with an MIT alum; he used the inode > entries themselves as covert storage. slack space is poor at stealth! down > side with inode approach is paltry volume sizes, relative to cover storage. > (although, i'd argue, the effectiveness makes it attractive, none the less :)
Useful when one distinguishes classes of storage - e.g. master keys, key and header volumes, bulk stores - matching perfectly to the inode slack, fs slack, std volumes. If you've whipped it up yourself, an issue is storage of your scripts/progs which know your used layout/ volume separation scheme, and keeping backups of such bins. The majority of sheeple are on the treadmill of mortgage and moronicity - paying tithes to BigGov and her corrupt spawn. Perhaps Schulte's fs slack scheme has already been 'cracked' in this case against him - he apparently dumped vault 7 for us all, and that's quite a cache indeed! Perhaps that's his trick, and his trick is done, so he's no more to hide... just postulating.
