On Sat, 14 Aug 2004, Major Variola (ret) wrote:
> >Argh. You misunderstood me. I don't want to find hash collisions, to
> >create a false known hash - that is just too difficult. I want to make
> >every file in the machine recognized as "unidentifiable".
>
> No, I understood this. In a later po
At 05:30 AM 8/14/04 +0200, Thomas Shaddack wrote:
>On Fri, 13 Aug 2004, Major Variola (ret) wrote:
>
>> Even if you map a particular hash into one of a million known-benign
>> values, which takes work, there are multiple orthagonal hash
algorithms
>> included on the NIST CD. (Eg good luck finding
At 02:43 AM 8/15/04 +0200, Thomas Shaddack wrote:
>On Sat, 14 Aug 2004, Major Variola (ret) wrote:
>> It was disturbing that, as the bottom fell out of telecom, and
handsets
>> became commoditized, faceplates and ringtones were highly profitable.
>> Faceplates are at least made of atoms. There ar
On Sat, 14 Aug 2004, Thomas Shaddack wrote:
> > polymorphic or encrypted, but then they would be in the "unknown"
> > category, along with user-created files. And programs :-) To be
> > manually inspected by a forensic dude.
>
> Run a tool for signature changing preemptively, on *all* the fi
On Fri, 13 Aug 2004, Major Variola (ret) wrote:
> Even if you map a particular hash into one of a million known-benign
> values, which takes work, there are multiple orthagonal hash algorithms
> included on the NIST CD. (Eg good luck finding values that collide in
> MD5 & SHA-1 & SHA-256 simulta
At 01:48 AM 8/14/04 +0200, Thomas Shaddack wrote:
>Then you have
>the forest where every tree is marked and the leprechaun is laughing.
Love that story. But the self-watermarking you later mention is a
problem.
Even if you map a particular hash into one of a million known-benign
values, which tak
. Your P2P ID messages for the mixmaster network
should be invisible to users of the ostensible services of course.
-TD
From: "Major Variola (ret)" <[EMAIL PROTECTED]>
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: yes, they look for stego, as a "Hac
>> A cool thing for this purpose could be a patch for gcc to produce
unique
>> code every time, perhaps using some of the polymorphic methods used
by
>> viruses.
>
>The purpose would be that they do not figure out that you are using
some
>security program, so they don't suspect that noise in the fi
On Fri, 13 Aug 2004, Major Variola (ret) wrote:
> Any jpg which looks like noise will be of interest. And any stego
> program will make them look at your images (etc) more closely :-)
>
> Most of the programs they've hashed is so the forensic pigs can discount
> them. But they would find know
