User: Password:
|
|
Subscribe / Log in / New account

ParanoidLinux: from fiction to reality

ParanoidLinux: from fiction to reality

Posted Oct 2, 2008 10:02 UTC (Thu) by __alex (subscriber, #38036)
Parent article: ParanoidLinux: from fiction to reality

"traffic bound for a TOR node would be very suspicious to any monitoring agency. Another privacy-enhancing feature would be full-disk encryption, but that would be yet another red flag for an agency that was inspecting the computer."

So are all these privacy additions going to operate as some sort of invisible rootkit or hypervisor? Certainly changing the boot logo to "Paranoid Linux" is going to be a rather large red flag to anyone doing a cursory inspection of the computer, let alone anyone with a forensic toolkit to hand.


(Log in to post comments)

ParanoidLinux: from fiction to reality

Posted Oct 2, 2008 14:20 UTC (Thu) by tmassey (guest, #52228) [Link]

My first thought was that you could hide much of the existence of such a system with a collection of a couple existing tools:

<A HREF="http://www.colinux.org/">CoLinux</A> to run a Linux distro *under* Windows. Boot the computer all you want, it's running Windows...

<A HREF="http://www.truecrypt.org/">TrueCruypt</A> has all kinds of ways of hiding the existence of an encrypted volume: outright steganography, plausible deniability, the ability to mount a file (such as a file that looks like a Debian install DVD or the latest Hollywood blockbuster), etc.

So, at this point you have a hidden, encrypted Linux operating system that you run directly under Windows, so that, from the outside, the computer looks perfectly normal. This doesn't help with the chaff, but it's a start.

Tim Massey

steg the whole os

Posted Oct 10, 2008 22:44 UTC (Fri) by surfingatwork (guest, #50868) [Link]

First step in implementation would be to hide the real partition. In vmware for example you have vmware looking partitions so it's obvious there's more. So fix that.

Then there's spy versus spy iteration that'd go on since there's plenty of ways to see if you're in a virtual machine at least for current scenarios. But the first step is hide the partition.

Use case I'm thinking of is going through US Customs. This way they wouldn't be able to ask you to decrypt your real OS without opening your laptop and attaching to your hard drive.

Or booting off their own optical disc. Hmm.

steg the whole os

Posted Oct 10, 2008 23:36 UTC (Fri) by tmassey (guest, #52228) [Link]

I think you miss the point.

The point is not to make it so that nothing about the computer is visible. That will never work, for the reasons you hint at: you need to be able to power up the computer and let others see that it's "OK". That's called plausable deniabilit (http://en.wikipedia.org/wiki/Plausible_deniability). The ability to say, "See, look: it's a Windows computer with nothing but pictures of kittens!"

When you boot, you get Windows. When you look at the partition table, there is a single NTFS partition that contains Windows. No encryption, nothing hidden. Everything is what it is.

However, somewhere on that computer, cleverly named "Kitty Pictures.ZIP" buried *deep* within a directory that contains nothing but kitty pictures, is a 1GB file. That file is a TrueCrypt-encrypted file that contains a CoLinux partition. Within that is all of the stuff that you're trying to hide.

In theory, it might even be possible to have the "Kitty Pictures.ZIP" file be an *actual* ZIP file. Or maybe it would be more practical with an ISO file: something that is properly formatted to burn an ISO, but one of the files on the ISO is actually the file used by TrueCrypt: it just uses a specific offset within the file to store data.

The beauty of this is that it is a 100% safe, normal, "OK" Windows computer. In order to find the "badness", the person will have to find the file that you're using the hide the "bad" data (the "Kitty Pictures.zip/iso"), analyze that one file and find that it contains encrypted data. Then they have to break the encryption!

TrueCrypt adds even more plausable deniability: the ability to have two (or more) layers of encryption. The first layer is designed to contain "kinda sensitive" data (say your diary). The second (or deeper) layer contains your "real sensitive" data. That way, you can be "forced" to give up your encryption key for the only kinda sensitive data, not your *most* sensitive data.

The biggest problem that I can see is that the presence of things like TrueCrypt on the computer make it more obvious that you're trying to hide things. I don't know how to hide the very existence of TrueCrypt. But as for hiding the other things, there are ways.

It's not perfect, but even a more than casual glance is going to have a hard time finding anything...


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds