[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opiated file systems



At 03:29 PM 7/21/96 -0700, Bill Frantz wrote:
>At  9:26 PM 7/19/96 -0800, Chris Adams wrote:
>>BTW, I'd try a fiber-optic connector to the machine because 1) it's
>>waterproof and you wouldn't have to be quite as paranoid about leaks, 2)
>>it's far more secure, 3) it's faster and 4) it's probably impossible to
>>trace like a metal wire (i.e. run current through and trace magnetic
>>fields...)...
>
>Just some random advice: My high-speed networking expert friend says that
>plastic fiber is good to about 4-5 miles, and is a lot easier to work with
>than glass fiber.

What about a machine setup that has its own intrusion detection?  An
internal battery-backup system that also powers case-tampering detection
hardware could be set to trigger "Alternate Stego File System Plan A".
Replace drivers, etc., with software that does not contain the real system's
drivers at all, which you have wisely placed only in a very offsite backup
location.  

Tamper-detecting cases of this sort already exist:  look at a U.L. listed
Burglar Alarm external cabinet.  Double-walled, and the internal wall is
electrically insulated from the external wall such that any short between
the two walls, (i.e. a bad guy with a drill bit), will fire the trigger.
Certain shielding schemes used by some manufacturers today might already
provide a good design.

You could also go overboard and fill the interior with various environmental
detectors.  Photosensitive transisitors.  Tilt/tremble sensors.  Temperature
sensors.  Smoke detectors.  Accelerometers (see Scientific American a few
months ago for a circuit).  Microswitches that are held open by virtue of
having the case screws in place.  Build a double-walled case (as mentioned
above) and keep it pressurized with nitrogen, and have a pressure sensor to
detect leakage.  Lead-line the interior, and place an X-ray detector where
any attempt to X-ray the machine will result in Plan A.  And if they want to
try using MRI to see inside; well, I guess I probably wouldn't be too
surprised!  :-)

If you had absolute faith in your machine's inability to crash (i.e. not
running a Wintel operating system), the drivers could be written to copy
themselves into memory at bootup and securely wipe themselves from your hard
disk; and write themselves back to hard disk at a shutdown request.  Your
machine is then vulnerable only when properly shut down, a state in which I
would not recommend leaving it.  Leave it only in a "password required"
state, and *this* would be the place to implement the duress password.

As for seed data to encrypt to give them something to find, may I suggest
that would be an excellent choice to keep both your Netscrape cache as well
as your Winders swap files?  Lots and lots of sectors worth of data, kept as
fresh as often as you use your browser.  And as long as you don't browse
"illegal" sites (whatever that might mean in your country), you win.

And, of course, protect all external connectors so your opposition wouldn't
be able to shove a wire in your RS-232 port and short your internal battery.
The low/no battery level alarm would be used to ignite the magnesium wrapped
around the hard disk's case (also known as Alternate Stego File System Plan
B :) , or it would trigger the capacitively powered EMP coil mounted above
the platters; neither of which you would want triggered unless the
software-stego routines hadn't completed by the time the case was breached.

My point is it should be possible to build a virtually tamperproof case; and
especially if your attacker doesn't know it exists, you would stand a good
chance of being able to eliminate self-incriminating data (sometimes the 5th
amendment needs some mechanical assistance) before the bad guys would have
the ability to save an "untampered" copy.

John.
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   [email protected] (work)    [email protected] (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'33"N by 93^16'42"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+