Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Adobe patches security flaws in Acrobat and Reader

Adobe has released a set of security updates for Adobe Acrobat and Reader for Windows and Mac, patching vulnerabilities that could allow an attacker to take control of the affected system.

Adobe patches security flaws in Acrobat and Reader

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: Making encryption stealth  (Read 81 times)

0 Members and 1 Guest are viewing this topic.

topsoftbeTopic starter

  • Senior Member
  • ***
  • Offline Offline
  • Posts: 105
Re: Making encryption stealth
« Reply #3 on: July 25, 2017, 05:39:31 PM »
Thank you for your reply.
Maybe he best option is to use hidden folders inside an encrypted container (with BestCrypt). That way you can give the password if asked for and it's up to them to prove that there is something hidden inside. At least you can prove that you are willing to cooperate.
I didn't know that there was a traveller functionality in BCVE, I will take a look at that. Thanks for the link

pepak

  • Jetico BCVE Mod
  • Administrator
  • *
  • Offline Offline
  • Posts: 571
    • WWW
Re: Making encryption stealth
« Reply #2 on: July 25, 2017, 05:26:21 PM »
And the use of BCVE in itself has become suspicious. Their reasoning goes like this: if you use encryption, it means you have something to hide. And that's enough to put you behind bars when you refuse to hand them your password, it's considered 'obstruction of justice'.


This ia a valid concern, IMHO.

Quote
1 - Develop something like Traveller, a small program that fits on a USB stick that gives you the possibility to decrypt a disk without the need to have BCVE on your PC. At least it would take away the proof that you are using encryption.


It's very hard to hide the fact that you are using encryption. The only solution that I am aware of involves hidden volumes - encrypted volumes stored in the encrypted free space of other volumes. Traveller mode wouldn't help you here at all. (Btw., BCVE does have a traveller mode functionality.)

Quote
2 - Change the encryption of disks in such a way that they completely look like an unformatted disk.


This is impossible. An encrypted disk appears to contain random data, that can never be mistaken with an unformatted drive. You might argue that a secure-deleted drive also appears as random data, but if you live in a jurisdiction which doesn't respect your rights to privacy, the burden of proof will almost certainly be borne by you.

That said, if you want to go this way, I believe VeraCrypt can encrypt the whole drive.

Quote
So my question remains: is there a way to completely hide the fact that a disk is encrypted?


About the only semi-workable solution (with the caveats above) I can think of involves a system where the entire drive is encrypted (disk encryption, as opposed to partition or volume encryption) and only contains the data; the operating system is started from a portable device (e.g. a DVD or a USB stick) and runs in a so-called Live mode (common with Linux, with Windows, look up PE); you use it to access the encrypted drive.

topsoftbeTopic starter

  • Senior Member
  • ***
  • Offline Offline
  • Posts: 105
Making encryption stealth
« Reply #1 on: July 24, 2017, 08:34:19 PM »
BCVE works great, but times have changed. While most people and companies use BCVE as a protection against theft of important or sensitive information, we now have another threat for our personal or corporate data. Indeed, governments are introducing new laws that give them more and more possibilities to investigate whatever they see as suspicious.
And the use of BCVE in itself has become suspicious. Their reasoning goes like this: if you use encryption, it means you have something to hide. And that's enough to put you behind bars when you refuse to hand them your password, it's considered 'obstruction of justice'.
The problem with BCVE is that it is SO obvious that you have encrypted disks. I know it's impossible for V 4.0, but I was wondering if for some future version, it could be possible to
1 - Develop something like Traveller, a small program that fits on a USB stick that gives you the possibility to decrypt a disk without the need to have BCVE on your PC. At least it would take away the proof that you are using encryption.
2 - Change the encryption of disks in such a way that they completely look like an unformatted disk. At this moment, when you connect a disk to a PC with BCVE, you can see directly if a disk is encrypted or just unformatted. That's all they need to consider you a suspect.
Complete encryption of a portable or PC (encryption of boot disk) may have been a good idea in the past, when the only thing you had to worry about were thieves, but if you're dealing with modern day governments, you need a completely new approach to security. With the new laws against terrorism in the UK, Germany and other European countries, completely innocent people can become the target of their governments. Far fetched? I don't think so.
So my question remains: is there a way to completely hide the fact that a disk is encrypted?
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle