Saturday, December 10, 2016

ULASAN 2

https://www.youtube.com/watch?v=_j1LWehywgc
Defcon 21 - ACL Steganography - Permissions to Hide Your Porn
Michael Perklin
44m48s

Steganography is technique to hide information/message in plain sight. The concept itself has already been around for centuries, examples of usage includes tattooing a message into someone’s scalp and let their hair regrow, then shaving their head to read the message. Other past techniques includes slipping morse signals into weaving/stitches on sweaters or tapestry. The important point of steganography that differs from encryption is to have a decoy message that is valid, thus throwing off unintended recipients to only see the decoy message instead of trying to find the hidden message inside it. In computer applications, there are several ways to use steganography, such as encoding data in pixel data that are unrecognisable to human eyes (such as #FF3300 and #FF3301), in audio files, or in program instructions that does not affect the normal operations of the program (such as the number of NOP or complementary operations such as ADD 1 and SUB 1).

The new technique of stenography that the speaker presents in this talk is called ACL Steganography. The name is derived from the medium that is used to store the files, which is the ACL or Access Control Lists of files in the NTFS filesystems. These ACLs are used to determine the permissions that are granted to the users for every file/directory. These ACLs have ACEs (Access Control Entries) which contains the user IDs and their permissions. Each ACEs have 68KB of space, with 8KB reserved for the header and 60KB used to store the user IDs. The algorithm consists of splitting the file into 60KB chunks that are encoded as user IDs to the ACE  of the decoy files. The files appears unchanged when opened normally, while the hidden file can only be reconstructed by compiling the ACLs of the specific files in a certain order. While the hidden file is stored in plaintext (you can search for the contents of the files using certain tools), if you hide an encrypted volume/file, the hidden file becomes noise in which differentiating them with legit ACLs impossible.

This talk is really interesting to me because hiding files in plain sight is quite a hard problem to solve. By examining the structures that are provided by the OS/File system, one could hide data in metadata of the files itself that nobody else would thought to look in. And steganography is very important when you have to relay a message through  an open channel such as the internet. Steganography is also important when you have to hide files from a peering eye such as an investigator or an adversary. These techniques could lead to saving lives or world breaking revelations in the times of increasing surveillance of the internet.

rraihansaputra
http://os162-rrrsss.blogspot.com/2016/12/ulasan-2.html
https://www.youtube.com/watch?v=_j1LWehywgc 44m48s
2016-12-10
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)