Merely Cloaking Data May Be Incriminating?

Merely Cloaking Data May Be Incriminating? 418

Posted by Zonk on Friday July 27, 2007 @07:39PM from the what's-mine-is-mine dept.

n0g writes "In a recent submission to Bugtraq, Larry Gill of Guidance Software refutes some bug reports for the forensic analysis product EnCase Forensic Edition. The refutation is interesting, but one comment raises an important privacy issue. When talking about users creating loops in NTFS directories to hide data, Gill says, 'The purposeful hiding of data by the subject of an investigation is in itself important evidence and there are many scenarios where intentional data cloaking provides incriminating evidence, even if the perpetrator is successful in cloaking the data itself.' That begs the question: if one cloaks data by encrypting it, exactly what incriminating evidence does that provide? And how important is that evidence compared to the absence of anything else found that was incriminating? Are we no longer allowed to have any secrets, even on our own systems?"

Merely Cloaking Data May Be Incriminating?

This discussion has been archived. No new comments can be posted.

Search 418 Comments Log In/Create an Account

Comments Filter:

But Comrade... (Score:5, Funny)

by ObsessiveMathsFreak ( 773371 ) writes: <obsessivemathsfreak AT eircom DOT net> on Friday July 27, 2007 @07:51PM (#20018151) Homepage Journal

If you have nothing to hide, then you have nothing to fear!

Re:Other types of cloaking... (Score:5, Funny)

by AuMatar ( 183847 ) writes: on Friday July 27, 2007 @08:04PM (#20018275)

No, they're just cloaking the replies.

A real cloaking device?? (Score:1, Funny)

by fonik ( 776566 ) writes: on Friday July 27, 2007 @08:21PM (#20018439)

And with how quickly my posts are being modded up/down, I could use the polarity change as a new source of clean energy!

Slashdot is truly the breeding ground of new technologies.

Encrypt random noise. Lose the keys. (Score:5, Funny)

by MikeFM ( 12491 ) writes: on Friday July 27, 2007 @08:55PM (#20018725) Homepage Journal

I encrypt everything just so if they ever investigate me, for whatever stupid reason they might decide to, they can demand the key and I can refuse. It's the principal of the thing. Why should we give up our privacy? What if I just want to encrpyt files by a random one time key and then erase the key? Maybe that constitutes digital art to me.

I encourage everyone to generate files containing nothing but random noise, encrypt those files, and throw away the key. If everyone does this then they can't tell what is a real encrypted file and what isn't. For good measure email some of these random files back and forth with suspicious subject lines.

Re:Why even ask? (Score:5, Funny)

by UbuntuDupe ( 970646 ) * writes: on Friday July 27, 2007 @09:11PM (#20018833) Journal

Hey, *I* didn't encrypt my data. I just performed a reversible transformation on it. It's not my fault if you're a fuckin' slowpoke at factoring large prime numbers!

Re:Easy solution (Score:4, Funny)

by a_nonamiss ( 743253 ) writes: on Friday July 27, 2007 @11:32PM (#20019821)

Why go to all that trouble? If my understanding of TC is correct, shouldn't you just need a hidden partition within a regular one? I thought the whole thing about the hidden partition is that it can't be mathematically proven to even exist. I mean, if you have empty space in a TC partition, it will be indistinguishable from random data. Some of that random data could feasibly be the super secret stuff you're trying to hide, and without a key, there would be no way to prove it.

Man, if that's not true, I think many slashdotters will have to rethink how they hide their porn from their wives... Ok, from their mothers.

It works like this... (Score:5, Funny)

by ignavus ( 213578 ) writes: on Saturday July 28, 2007 @12:09AM (#20020057)

It works like this...

The government, being a public institution, has to keep everything it does private. That's why you are not allowed to see their secret files.

But a citizen, being a private individual, has to keep everything they do public. That's why the government must be able to see your secret files.

Got it?

Re:Other types of cloaking... (Score:2, Funny)

by Hal_Porter ( 817932 ) writes: on Saturday July 28, 2007 @12:21AM (#20020133)

ZFS is ok IMO. But if people use ReiserFS they are probably murderous terrorists.

Re:Encrypt random noise. Lose the keys. (Score:3, Funny)

by Maniac-X ( 825402 ) writes: on Saturday July 28, 2007 @12:29AM (#20020175) Homepage

Ideas for suspicious subject lines: "Someone set up us the bomb, praise allah!" "bomb plan" "Pentagon destruction" etc

Re:Guilty until proven innocent (Score:1, Funny)

by Anonymous Coward writes: on Saturday July 28, 2007 @03:51PM (#20025497)

Pleading the fifth in front of a jury when you're the defendant is tantamount to an admission of guilt.

Heh, glad you're not my lawyer. :)

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Merely Cloaking Data May Be Incriminating? 418

Merely Cloaking Data May Be Incriminating? More Login

Merely Cloaking Data May Be Incriminating?

But Comrade... (Score:5, Funny)

Re:Other types of cloaking... (Score:5, Funny)

A real cloaking device?? (Score:1, Funny)

Encrypt random noise. Lose the keys. (Score:5, Funny)

Re:Why even ask? (Score:5, Funny)

Re:Easy solution (Score:4, Funny)

It works like this... (Score:5, Funny)

Re:Other types of cloaking... (Score:2, Funny)

Re:Encrypt random noise. Lose the keys. (Score:3, Funny)

Re:Guilty until proven innocent (Score:1, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot