Re: [Full-disclosure] ESFS - The encrypted steganography filesystem

On Thu, Jan 13, 2011 at 9:55 AM, stormrider <strmrdr42@xxxxxxxx> wrote:
this sounds like a nice idea. Especially the fact that you kinda
"overmount" one filesystem over another to access hidden data.
But - as far as I know there is actually no steganography technique that
can really *hide* the data. So you will not be able to prevent someone
from finding out that there is some information inside the images. You
might want to read

Attacks on Steganographic Systems. Andreas Pfitzmann:
Information Hiding. Third International Workshop, IH'99, Dresden, Germany

my favorite steganographic file system design used bits in inodes for
storage. the benefit of this more stealthy mechanism is offset by the
vastly expanded storage requirements. you need a *lot* of files to
have enough inodes in play to be useful.

this would not be vulnerable to the trivial unmasking that image based
storage or other similar approaches take (like mentioned in the paper
above) although it is unclear exactly how sparse and subtle the inode
modification must be across a large, populated file system to be

alas, i remember hearing about this from a certain fellow at DC13 and
never heard more...

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -