Posted Dec 2, 2011 8:48 UTC (Fri) by gmaxwell (subscriber, #30048)
In reply to: DM-Steg by PaulWay
Parent article: DM-Steg
Random fill is the recommended behavior for anyone using any disk crypto just because it prevents someone without the key telling how much space is used. And disk crypto is super useful due to theft, hardware that fails and gets RMAed, etc.
And what ras says for the free space also applies for the software if the DM-steg becomes a stock OS component then having the software by itself would not arouse suspicion.
Leaks of the existence of additional layers could be hidden pretty well: In your second hidden aspect put the disk image of another system (perhaps a copy of the tails distro modified for persistent storage http://tails.boum.org/index.en.html). Then you just need to run "<space>dm-stegmountstuff; qemu-kvm --hda /dev/mapper/whatever" and you'll be fairly close to leak free, though some care will be needed to make sure nothing from kvm goes into syslog (and so long as you don't slip up, forget the space, and let that into your shell history we could make this better if there was a default list of "cryptographic commandlines" which were automatically excluded from the shell history).
Yes of course, someone trying to rubber-hose you could never be sure there aren't more layers to the onion. In _most_ situations this should be directly protective: It makes coercive interrogation more obviously ineffective as there is no 'fair' way to match the force to the cooperation.
In the rare other cases where the steg-hiding means the attacker will simply continue until you die, DM-Steg provides another kind of protection: It creates the ability to pre-commit to dying for your cause. If your Nth aspect contains data which will cause your friends and family to come to harm, the fact that giving the interrogators that key will still not satisfy them and prevent them from killing you may be the motivation you need in order to be successful at withholding the information when the time comes. Gruesome, and hopefully applicable to only very few people. Though again, the interrogators can think this through too, and may reconsider their approach.
More pedestrian is that encryption which protects against more situations is more valuable and the additional situation (even some far off fanciful attack like coercive interrogators, or providing 'cover' for others who face that risk) may be enough to tilt someone's cost/benefit analysis enough to overcome the learning curve get them to adopt encryption which protected them against many common and real threats.
I know many people who have installed and become familiar with Tor because they support the free speech of people in some far off land but the practice of deploying it gives them skills and builds infrastructure that protects their free speech too.