[Cryptography] Ex-CIA Joshua Schulte Describes His Data/Crypto Hiding Prowess
Henry Baker
hbaker1 at pipeline.com
Wed Mar 4 10:49:17 EST 2020
At 06:27 PM 2/28/2020, Grant Schultz wrote:
>3. Stego hides data as random or pseudorandom data, and thus is immediately suspect.
The first thing I do with every new storage disk/SDcard is: dd if=/dev/urandom of=/dev/sdX;
Among other things, it proves to me that the new medium will actually hold the amount of data that it claims to be able to.
Also, I don't want somebody in the supply chain to be inserting porn/etc. onto my media.
(Sadly, I can't check that the SDcard microcode doesn't contain malware/spyware, but that's for another discussion.)
So now *all* of my slack space contains random data.
Now what? Am I now going to be detained at the border?
(Yes, I could do: dd if=d/dev/zero of=/dev/sdX; but if the firmware was clever, it could trivially *compress* these data in order to free up space for nefarious activities.)
(Yes, I also understand that /dev/urandom gives someone a *huge* of information about the current state of my random number generator, but hopefully Linux has finally gotten their act together and fixed these issues.)
More information about the cryptography
mailing list