Steganography

Recently I have been working on different types of encryption. Back in March
on all the Systems at TCG we complete a project to do whole drive encryption. I’ve
been happy to report that after some time of operation, these experiments have gone
incredibly well. We have been running whole drive encryption on all systems with
no loss in speed or data. The only unexpected thing we came across was doing
complete upgrades. In the past when we have needed a larger hard drive in
a system, we have done one of two things. First and easiest, we use a program
nominally called “Ghost” which copies all the data as a block. With this process
you simply do a mirror copy of the old drive, but leave free the larger space
on the new drive. We also have used this time to keep a whole image back-
up of the drive for backup proposes. If we feel that enough time has passed however,
sometimes we elect to uses another choice in drive upgrading. Microsoft
encourages Windows users to format an reinstall thier OS on a 18 month cycle,
especially if the user installs and uninstalls a lot of software, which we do. We will
take the new drive opportunely to do a fresh install of Windows. In all cases, the old
hard drives are “Quarantined” for a period of no less than 90 days in our vault, to
insure a smooth transition and no data loss. Regardless of how many times we do this,
sometimes thing to not get copied over. Better to be safe than sorry.

Most ironically, the thing we encountered when trying to Ghost with whole drive
encryption is that you have to “decrypt” the drive before using our copy tools.
Subsequently then we would have to re-encrypt the new drive and/or the old one before
sending them to either the vault, or back into production. These additional setups add
an overnight element or two to the process, but I think it’s a small price to pay for the
greatly added security.

Encryption now has a new dimension. One of the down sides to encryption is that it
is recognizable to a person who knows what they are looking at. So while your data is
absolutely secure, it is pretty obvious that you have something to hide. I think it’s a sad com-
mentary on our society that we feel as if a person with something to hide is guilty of some
type of crime, but unfortunately that is a common perception. Times are changing, there is
hope. I feel that much like the ideology racism, this perception of guilt is slowly fading.
in the mean time until such perceptions do change, the art of “hiding” data may be just as
necessary as encrypting data. I have been working on in acutely not much encryption but
kind of “hiding” messages, especially in plain sight. This is both a software problem and social
intrigue exercises. Hiding a message is only as good as both parties KNOW where to look for the
nefarious text. Of course the best way to do this would be to both encrypt and then hide, thus
greatly deceasing the odds of discovery.

Our jewel of tools, Truecrypt, has a feature of Hidden Volumes and Plausible Deniability. Un-
fortunately, this does not extend to whole drive encryption. It would be very cool with this for
you to be able to “boot” a hidden “safe” area on a laptop that would be sanitized for public
observation, but that feature is not yet in Truecrypt. In most cases of targeted data theft or
unwanted data search, the opposition does not have enough time to inspect every file.

My quest for hidden data has leaded me to look into a technology called Steganography.
Conceptually, the ideal is to “hide” data within data. Mostly in the Internet world this
has involved hiding text inside of Jpeg Images. But there are other program to hide
text inside of MP3s, move files, or my favorite, hiding clear text inside of clear text.