On Thu, 12 Aug 2004, Thomas Shaddack wrote:
The NIST CDROM also doesn't seem to include source code amongst its
sigs, so if you compile yourself, you may avoid their easy glance.
A cool thing for this purpose could be a patch for gcc to produce unique
code every time, perhaps using
A cool thing for this purpose could be a patch for gcc to produce unique
code every time, perhaps using some of the polymorphic methods used by
viruses.
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or
On Fri, 13 Aug 2004, Morlock Elloi wrote:
A cool thing for this purpose could be a patch for gcc to produce unique
code every time, perhaps using some of the polymorphic methods used by
viruses.
The purpose would be that they do not figure out that you are using some
security program,
On Fri, 13 Aug 2004, Morlock Elloi wrote:
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or look for
stego, right?
The last time I checked the total number of PDA programs ever offered to public
in
On Fri, 13 Aug 2004, Sunder wrote:
If you're suspected of something really big, or you're middle eastern,
then you need to worry about PDA forensics. Otherwise, you're just
another geek with a case of megalomania thinking you're important enough
for the FedZ to give a shit about you.
In
]
Subject: Re: Forensics on PDAs, notes from the field
Date: Fri, 13 Aug 2004 14:11:36 -0400 (edt)
On Fri, 13 Aug 2004, Morlock Elloi wrote:
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or look
for
stego, right
At 01:46 PM 8/13/04 -0400, John Kelsey wrote:
From: Major Variola (ret) [EMAIL PROTECTED]
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As
On Fri, 13 Aug 2004, Thomas Shaddack wrote:
In the world of industrial espionage and divorce lawyers, the FedZ
aren't
the only threat model.
At 03:06 PM 8/13/04 -0400, Sunder wrote:
Right, in which case GPG (or any other decent crypto system) is just
fine,
or you wouldn't be looking for
Quoth Thomas Shaddack [EMAIL PROTECTED]
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As suspicious, of course).
It should be enough to
On Fri, 13 Aug 2004, Morlock Elloi wrote:
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or look for
stego, right?
The last time I checked the total number of PDA programs ever offered to public
in
Right, in which case GPG (or any other decent crypto system) is just fine,
or you wouldn't be looking for stego'ing it inside of binaries in the
first place.
--Kaos-Keraunos-Kybernetos---
+ ^ + :Our enemies are innovative and resourceful, and so are
A cool thing for this purpose could be a patch for gcc to produce unique
code every time, perhaps using some of the polymorphic methods used by
viruses.
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or
On Fri, 13 Aug 2004, Sunder wrote:
If you're suspected of something really big, or you're middle eastern,
then you need to worry about PDA forensics. Otherwise, you're just
another geek with a case of megalomania thinking you're important enough
for the FedZ to give a shit about you.
In
On Fri, 13 Aug 2004, Tyler Durden wrote:
And it seems to me to be a difficult task getting ahold of enough photos
that would be believably worth encrypting.
Homemade porn?
]
Subject: Re: Forensics on PDAs, notes from the field
Date: Fri, 13 Aug 2004 14:11:36 -0400 (edt)
On Fri, 13 Aug 2004, Morlock Elloi wrote:
The purpose would be that they do not figure out that you are using some
security program, so they don't suspect that noise in the file or look
for
stego, right
At 10:07 PM 8/13/04 +0200, Thomas Shaddack wrote:
On Fri, 13 Aug 2004, Tyler Durden wrote:
And it seems to me to be a difficult task getting ahold of enough
photos
that would be believably worth encrypting.
Homemade porn?
Your 16 year old son's homemade porn.
[google on Heidl rape; a deputy
At 01:46 PM 8/13/04 -0400, John Kelsey wrote:
From: Major Variola (ret) [EMAIL PROTECTED]
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As
On Fri, 13 Aug 2004, Thomas Shaddack wrote:
In the world of industrial espionage and divorce lawyers, the FedZ
aren't
the only threat model.
At 03:06 PM 8/13/04 -0400, Sunder wrote:
Right, in which case GPG (or any other decent crypto system) is just
fine,
or you wouldn't be looking for
At 02:11 PM 8/13/04 -0400, Sunder wrote:
If you're suspected of something really big, or you're middle eastern,
then you need to worry about PDA forensics. Otherwise, you're just
another geek with a case of megalomania thinking you're important
enough
for the FedZ to give a shit about you.
Quoth Thomas Shaddack [EMAIL PROTECTED]
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As suspicious, of course).
It should be enough to
On Wed, 11 Aug 2004, Major Variola (ret) wrote:
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As suspicious, of course).
It should be
Saint John of Cryptome has a particularly tasty link to
http://csrc.nist.gov/publications/drafts.html#sp800-72
which describes the state of the art in PDA forensics.
There is also a link to a CDROM of secure hashes of
various benign and less benign programs that the
NIST knows about. Including a
Saint John of Cryptome has a particularly tasty link to
http://csrc.nist.gov/publications/drafts.html#sp800-72
which describes the state of the art in PDA forensics.
There is also a link to a CDROM of secure hashes of
various benign and less benign programs that the
NIST knows about. Including a
On Wed, 11 Aug 2004, Major Variola (ret) wrote:
Obvious lesson: Steganography tool authors, your programs
should use the worm/HIV trick of changing their signatures
with every invocation. Much harder for the forensic
fedz to recognize your tools. (As suspicious, of course).
It should be
24 matches
Mail list logo
