From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arno@wagner.name>
Received: from v1.tansi.org (mail.tansi.org [84.19.178.47])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Fri, 24 Jun 2016 18:58:18 +0200 (CEST)
Received: from gatewagner.dyndns.org (77-56-144-126.dclient.hispeed.ch
 [77.56.144.126]) by v1.tansi.org (Postfix) with ESMTPA id 212F6140048
 for <dm-crypt@saout.de>; Fri, 24 Jun 2016 18:58:16 +0200 (CEST)
Date: Fri, 24 Jun 2016 18:58:16 +0200
From: Arno Wagner <arno@wagner.name>
Message-ID: <20160624165816.GA27570@tansi.org>
References: <576C5689.4020200@dyne.org>
 <94146e8c-438a-85b5-0f29-ce02642af1ee@gmail.com>
 <576D03BB.9010301@dyne.org>
 <4897ac9d-a0a1-b04c-4b0c-81eab28a13b2@gmail.com>
 <576D2485.9030502@dyne.org> <20160624152856.GA26849@tansi.org>
 <576D60E1.7090805@dyne.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <576D60E1.7090805@dyne.org>
Subject: Re: [dm-crypt] cryptsetup with Python subprocess + pipes
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On Fri, Jun 24, 2016 at 18:33:37 CEST, Police Terror wrote:
> You obviously did not look at the example because the data is not hidden
> steganographically.

You obviously did not understand what I wrote, because
I never claimed that in this case it was. I only claimed that
at this time this is the only valid known way to do plausible 
deniablility.

[...] 

> About a well engineered solution: today I just found VeraCrypt which
> actually works well. I encourage people to try it. It can create hidden
> volumes.

... and that have all the problems hidden volumes come with. 
They also managed to create additional problems TrueCrypt does
not have, for example a broken password "quality" assessment
that cannot be bypassed (alternatively you get a broken 
password iteration, that can lead to minutes of unlock time).
My trust in the VeraCrypt developers is much, much lower than
in the original TrueCrypt developers.

Seriously. Bright-eyed "can do" attitudes have no place in 
IT security. They do much more harm than good and they endanger
users.
 
Regards,
Arno

> Arno Wagner:
> > What I would like to see is a plausible deniability technique
> > that is not just a worthless tech-demo, but where the 
> > "plausible" part was actually well engineered with regards
> > to how things work in the real world and that is not limited
> > to a very small amount of steganographically hidden data.
> > So far, none exists.
> > 
> > The thing is, for an incompetent attacker it is already 
> > enough to just remove a partition from the partition table 
> > and re-create it at need in the same place. For a competent
> > attacker, the things that exist today just provide probable
> > cause that you are trying to hide something and hence make
> > things worse.
> > 
> > As it is, these tools are of negative worth, as they give 
> > users a false sense of security.
> > 
> > Also refer to FAQ 5.18 for my analysis of the status-quo.
> > The paper by Schneier et. al. I reference provides an 
> > excellent in-depth analysis of the problems with the idea 
> > of plausible deniability in a real OS environment.
> > 
> > Regards,
> > Arno
> > 
> > On Fri, Jun 24, 2016 at 14:16:05 CEST, Police Terror wrote:
> >> Here's the tool:
> >>
> >> https://github.com/RojavaCrypto/hiddencrypt
> >>
> >> Mostly proof of concept for now.
> >>
> >> Would be cool in the future to work something better out by hacking
> >> cryptsetup itself. Maybe if there's headerless volumes (that just look
> >> like random data).
> >>
> >> Multiple deniable Linux installs would be a killer feature.
> >>
> >> Milan Broz:
> >>> On 06/24/2016 11:56 AM, Police Terror wrote:
> >>>> Ahhh yes! Thank you Diagon and Milan.
> >>>> I've added now the -q switch.
> >>>>
> >>>> I looked at the pycryptsetup but 2 things:
> >>>>
> >>>> 1. It's not Python 3
> >>>> 2. It's an extra dependency and not in the repos.
> >>>
> >>> Fedora has both Python3 and 2 builds but other
> >>> distros do not compile it probably.
> >>>
> >>> (It was designed for Anaconda installer mainly.)
> >>>
> >>> Milan
> >>> _______________________________________________
> >>> dm-crypt mailing list
> >>> dm-crypt@saout.de
> >>> http://www.saout.de/mailman/listinfo/dm-crypt
> >>>
> >> _______________________________________________
> >> dm-crypt mailing list
> >> dm-crypt@saout.de
> >> http://www.saout.de/mailman/listinfo/dm-crypt
> > 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier