An AWESOME return to form, sir!

Temporary files on an unencrypted partition could reveal document contents? How is this news? It's true of most things that aren't programmed with security in mind, anyway.

Anybody with the brains to use Truecrypt knows this already. And if you encrypt the ENTIRE machine, like you're supposed to for best security, it's not a problem. News would be that the new version of Truecrypt allows for multiple OS's to be installed, one of which is used to "decoy" people who want to look at your PC, one of which stayed hidden and encrypted unless you know the password. But if you were stupid enough to access files from the latter from inside the former, then there would be leakage just the same.

My favourite newspaper is The Metro (London edition). They have a "No s*!# Sherlock" column. This belongs in their next issue.

Apparently there's a new file system which encrypts your data until you threaten to lock it up for years, then it will show you where it is buried. Trouble is it doesn't decrypt exactly the same as when you last saw it.

I really feel that comments like that are really out of place on a website like this.

PS - Maybe running a destab utility may help recover said data?

Don't diss the Schneier. Even Chuck blinks when his name is mentioned.....

It took your comment to make me look for and realise the clever twist to A H-B's comment.

Thank you :)

>>> Schneier, CTO of BT Counterpane, told Dark Reading that although this version will "definitely close some of the leakages, but it's unlikely that it closed all of them". <<<

Why doesn't someone as "awesome" as Schneier simply join the tiny, struggling TrueCrypt team, and help it to close the rest of those pesky leakages? Complain, complain, complain. I've already written a bit about this on here, back on Tuesday, 30th October 2007:

"One major use I have for desktop virtualization, is for creating a high-security environment, for people who have stuff to hide. I put VMware virtual machines inside of TrueCrypt containers, thus getting around the need to use time-consuming products like CyberScrub (which securely erases files and unused disk space). I call this the "box within a box within a box" approach, as the physical computer is the outer box, which contains the safe, which contains the virtual computer. I'm curious as to whether anyone else does this, and I look forward to the conference."

- http://www.theregister.co.uk/2007/10/29/desktop_virtualization/comments/

The above is the answer to the leakage problem. The only problem left is how to explain the presence of a multi-GB file on your drive. That's not too easy, but certainly easier than creating your own, perfect version of TrueCrypt, from scratch. For example, write a program which treats the encrypted container as if it were a huge database of real estate listings, and tell the border guys that you sell homes for a living. In other words, write a program which maps the encrypted data to some output resembling data which you wouldn't bother to hide, or which reads actual real estate data that's been tacked onto the end of the file, or which simply pretends to extract such data from the encrypted data. If you do the first one, the solution is related to data compression, where you map one file to another, as you can, theoretically, create a program which transforms any one set of data into another, although this is most certainly the hardest one of the three options. Regardless of which way you go, the idea is to make the TrueCrypt container appear as a huge database for some program you use to prop up your "business".

Of course, if you live in a country where you can be sent to prison for not revealing the password, much less for what the password actually protects, then you have to be very careful about the construction of this program, but going this route is certainly better than writing a conference paper about how we don't have a real, usable DFS. Come on people, get creative. Even my British cat, Mr. Fluffer Wickbidget, III, knew this one, and he spends a lot of time licking himself.

Strictly speaking, this isn't news to anyone with a good understanding of security. However, as the article states, there has been an increase in interest in encryption for protection from border searches. It is probably safe to assume that not all of the people interested really understand the tools they are using. So, it is worth calling attention to these problems so that newbies realize the potential problems.

-Daniel

Indeed, it was well-known in the last millennium. Afaict, not having read it yet, the paper shows it happening.

Problem is, it isn't at all easy to solve.

You can put the OS on a write-only medium like a CD, so the temp etc files get erased - but if you put eg your home folder on the drive then there will probably be files relating to what you have done.

If the home folder is exposed, eg if it's on a visible TrueCrypt partition, then the Police may demand the keys to that partition using a RIPA s. 49 notice - and the information in those files may contain links or data, or even show that a file has been saved somewhere, suggesting the presence of a hidden partition.

Suppose instead that the OS is on CD and you arrange things so that you can only store files into the "visible" (where "visible" means the partition whose keys you give up on a RIPA demand, or under torture) and hidden partitions deliberately, rather than letting the OS create files for you.

Still doesn't work reliably.

TrueCrypt hidden partitions are usually at the end of the TrueCrypt volume. The volume is going to be stored somewhere, probably either on a hard drive or USB fob.

The problem then is that, if you store files in a hidden partition, the data at the end of the volume will be written to more often than if you don't. Modern hard drives have such high data density that it may be hard to recover overwritten data - but it's still easy enough to tell that data has been overwritten. If bits at the end of the volume have been overwritten more often than parts in the middle, or the part containing a persistent file, the interrogator may ask why, and conclude that a hidden partition exists.

USB keys are much the same, except worse - the load-levelling they use makes it easier to tell how many times a part of the filespace has been overwritten.

There are theoretical solutions, but they are all very expensive in terms of bandwidth and computation.

For instance the first Anderson/Needham/Biham construction works if you first fill it with random data a few times and don't use Larson tables, and I have an unpublished construction using universal re-encryption which works (not the one accepted for PET07, that doesn't work) - but both are horribly expensive.

I'm working on (I'm a cryptologist with a special interest in deniable/steganographic file systems) a better construction, but it isn't ready yet (see www.m-o-o-t.org )

Has anyone implemented amanfrommars Markov chain yet?

Come to think of it, is 'he' one already?

Please. Besides the fact that your scenario is outside of 99% of the possibilities anyone might ever run into (how many government bodies actually have electron microscopes they can dedicate to this?), it still only indicates a POSSIBLE location of stenographically hidden data. Simply writing random data in weighted series would be enough to completely eradicate any useful traces plus make the time required to examine the rest of the disk grow exponentially.

...but discovering it isn't exactly research either, is it?

If this is what Mr. Schneier does in the name of research then perhaps he's less of a guru than he pretends.

Can you explain how you can tell if data on a hard disk has been over-written? If the disk's been in use for a while and you fill it with random data, how can you detect that more random data has been written over any particular bit of the disk? And when?

I think you need to explain this as your other claims seem to depend on it.

Nope, amanfrommars is just a waste of bandwidth. His addle-pated gibbering is a bit like being trolled by a Markov chain parser. There's just enough structure in there to make it look like it should make sense, so it can commit a modest DoS of the unwary who try to untangle it. He's like a less extreme version of "drashek" in Another Place.

Both are a waste of kidneys, and their continued posting is a mystery. I think amanfrommars is tolerated as a sort of pet and mascot. However, you're not missing anything vital, don't worry- it really is just wibbling :-)

"(PS: I'm told that I have a good sense of humour but it may be lacking something. Is the gunk from amanfromMars supposed to be funny or just waste bandwidth?)" ... By Joe M Posted Saturday 19th July 2008 06:03 GMT

You do realise, Joe M, that it has sussed not to waste spectrum on your trash attack. Certainly the gunk has revealed what is and what isn't, inside your head.

And although it could be said that IT is not supposed to be funny, It most certainly can be and is always a Bonus.

A Tittering at a Twittering never did anyone any Harm.

Nice Shot @amanfrommars, Stiggy. Bulls Eye Gold with that AIM.

"Can you explain how you can tell if data on a hard disk has been over-written?"

You look at the noise in the raw output signal, using a suitable filter. Overwritten data will not be completely overwritten, and will create extra noise. You don't get to read the overwritten data this way on a modern hard drive, but then you don't need to, you just have to know it exists.

It's very easy to do, just compare noise levels. No electron microscopes required, just a screwdriver and £200 of electronics. You don't even have to open up the sealed part of the hard drive.

BTW, my security model includes "Can a prosecutor prove it to a jury?". That kind of deniability *is* useful, eg in the UK RIPA s.49 (police demands for keys) context.

You know I was going to use a hidden OS on a fully encrypted volume to load up a VMWare machine (on a hidden volume) that I writes my bitorrent of Duffys latest albume onto a hidden volume on an external drive with the added benefit of a hammer and a nail selotaped onto it.

As I contemplated this I realised that it was a little bit pointless. (can you imagine the spooks faces after 15 hours of water bording me and electonic scanning of the external drive they come across Duffys album and a couple of No-DVD cracks for the Sims2 and Weather Expansion from Reloaded!!). Not only is it overkill and they may think that I am some kind of uber terrorist but the bastards only need my IP address to cart me off to court.

You ask good questions sir. I'm not sure which contains more cr*p; Peter F or AmanfromArse. Shall we take a vote on it?

[The stuff about being able to detect overwritten data on a disk had some plausibility back in the era of the Diablo 2.5 Megabyte drive which filled about a foot high in a 19 inch rack e.g. the DEC RK05, in the 1970s. The theory was that by positioning the read head off the centre of where the track should be, you could, given a following wind, take a good guess at what had been there before the current data.

Such claims are completely irrelevant in the era of PRML-based (and beyond) near-terabyte disk drives where it is a major scientific miracle that you can actually read the current data most of the time under normal circumstances; the data density (both in bits per inch and tracks per inch) is now so high that the chances of anyone reading the sector by sector data which was there before it was overwritten are almost infinitely improbable. Cup of tea, anyone?]

1995ish: http://www.pdp8.net/rk05/rk05.shtml

2005ish: (long URL, sorry if it screws your browser, mine's OK)

http://www.actionfront.com/whitepaper/Drive%20Independent%20Data%20Recovery%20TMRC2005%20Preprint.pdf

...and as for leaving traces... even changes to a hidden volume will be noted as disk writes and hence recorded by Vista's "improved" System Restore/Volume Snapshot/ShadowCopy functionality - the only way you can stop that is to put any such file containers on another partition (or turn it off - it's pretty useless for small and full drives such as laptops anyway).

Second post today... no rant! Getting better

Oh dear. In future please can you take more care to reply to what I actually wrote, rather than what you imagine I wrote.

I most certainly did not say that overwritten data on a modern hard drive is recoverable. It probably isn't recoverable even by NSA, and it certainly isn't practicably recoverable by any publicly-known means, including off-center tracking and/or electron microscopy.

What I did say is that the *presence* of overwritten data is easily detectable.

http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1246592,00.html

"I asked Jim Reinert, senior director of software and services for Ontrack Data Recovery whether [recovering overwritten data] was possible. His answer was a blunt "No."

Reinert admitted that it is possible to read traces of previously written or overwritten bits, but reconstructing any usable data from them was a horse of a different color."

You don't have to reconstruct useable data in order to provide evidence of the existence of TrueCrypt hidden volumes - you just have to find traces of overwritten data.

And that's pretty easy to do, all you need is a screwdriver and £200 of electronics (plus a computer and some free software). No clean room, no electron microscope required. Detecting hidden volumes on USB sticks from wear-levelling data is actually quite a bit trickier to do in practice.

With a little more work you can even get a fairly good idea of how many times a space on a hard drive has been written to.

From a wiki entry: http://en.wikipedia.org/wiki/Dissociated_press

"A hackish idle pastime is to apply letter-based Dissociated Press to a random body of text in hopes of finding an interesting new word. (In the preceding example, ‘window sysIWYG’ and ‘informash’ show some promise.)"

Therefore, I submit that all of Amanfrommars' posts are informash.

Hello Peter, Mr RK05 here again.

As there is probably little reliable evidence to support your claims, it's hard to refute them, so I provided information which sensible people with at least some limited knowledge of the subject can use to calibrate their bullshitometers.

My bullshitometer (as a graduate physicist with a fair bit of post-graduation knowledge of electronics and data storage technology and indeed signal processing) says that your quoted variation in the "SNR" from a modern hard disk read head provides little or no meaningful information (let alone **evidence**) on whether data on a disk has been overwritten or not, though I can see circumstances in which gullible or otherwise motivated people might like to believe in that possibility, and in particular where certain organisations might like that belief to be widespread.

Even if there were some value in knowing whether a particular sector has been overwritten, what **evidence** does it provide? It might show, among other things, that the disk has previously been defragmented, or previously restored from backup, or a variety of other things unrelated to the presence or absence of (allegedly-)deniable file systems.

You are of course welcome to provide definitive references to show me wrong, and if necessary I'm happy to stand corrected; we're all here to learn aren't we.

Over to you.

ps

How is m-o-o-t coming on? Did it achieve the desired result of torpedoing the RIP Act, or was it a distraction from the real *political* issues, issues which are still live today?

http://www.theregister.co.uk/2002/05/30/cypherpunks_aim_to_torpedo_rip/

www.m-o-o-t.org

We "Discovered" this known issue nearly 5 years ago when we were looking at using an encrypted volume to save data. Hardly news