Thread: What is a good Windows XP file to store encrypted volumes
View Single Post
  #9 (permalink)  
Old 01-19-2007, 09:23 PM
nemo_outis
Guest
  
Posts: n/a
Default Re: What is a good Windows XP file to store encrypted volumes
Sebastian Gottschalk <seppi@seppig.de> wrote in
news:51cmfcF1jjf5gU1@mid.dfncis.de:

> nemo_outis wrote:
>
>>> So, your saying it is OK that your security is not based on a
>>> mathematical proof or a conjecture of the computational bounds of an
>>> adversary, but rather based on the hope that the adversary is
>>> incompetent.
>>>
>>> Do you see anything wrong with that?
>>
>> Short answer: No, I see nothing wrong with that.
>
> Then I pity you for not understanding what security is, but still
> posting in a.c.s . Security requires reliability, at least to a
> certain point, which is the pure contrary of unjustified hope.
>
>> And this is exactly what my suggested use of ADS in these
>> circumstances does. It is a convenient, readily implemented method
>> that is entirely suitable and appropriate for the described threat
>> model.
>
> It isn't. Just run LADS, Streams or one of those many many other
> utilities and you'll easily see a very suspicious ADS.
>


Thank you for your response. My confidence in the accuracy of my answer
is now greatly increased.

You see, Sebastian, you are what can be characterized as an "intelligent
fool." While not actually stupid, you are nonetheless so reliably and
consistenly wrong that sensible folks treat you as an amazingly accurate
"contrary indicator" and regard your condemnation instead as rock-solid
validation of their views.

You invariably want to use a sledgehammer to crack a peanut, and this
produces solutions that are so tiresome and onerous that no one would
ever be bothered implementing and using them (assuming, that is, that
they would work at all in spite of their needless complication and
intricacy). Your grandiose and overworked "solutions" are never suitable
to the problem. No, you propose them only in a puerile - and failed! -
attempt to seem knowledgeable.

So, yes, Sebastian, of course streams can be detected! Any hiding or
mislabelling technique is only suitable against casual adversaries. But,
of course, those were precisely the type of adversaries that were
specified!

However, as a variant of the "hiding" genre, using ADS is vastly superior
to using grossly oversized mislabelled file types. It is a highly
effective technique against casual (and some not-so-casual) snoops.

Regards,



Reply With Quote