PRIVACY INFO

There is a lot of privacy info available on the Web. Here is some of it:

Steganography:

There is a process called steganography that can be used to hide a file as part of another file. For example, hiding a text file inside a picture (GIF) file. Anyone looking at the picture would not notice anything unusual, but the text file would be part of the picture file. Of course, you should encrypt the text file before hiding it inside the picture file. A determined enemy could use special methods to find out that the picture file contains additional information that is not part of the picture, but if that information is encrypted, the enemy is out of luck.

This method also allows you to claim that you know nothing about the encrypted info in the picture file. As far you are concerned, you just downloaded a GIF file because you like it. This is called "Plausible Deniability" by politicians.

There are three (3) basic attacks a determined enemy could use to obtain your encrypted information.

1) One attack is guessing your password. That is why you should choose a long difficult-to-guess passphrase, rather than a simple password. Under the 5-th amendment to the US Constitution, you cannot be forced to be a witness against yourself. Therefore, you cannot be legally compelled to reveal your passphrase.

2) A second attack is direct cryptanalysis. This method depends on the quality of encryption you use. If you use long key (128-bit) encryption, it is impractical for the enemy to use cryptanalysis. A 128-bit key IDEA encrypted file would take longer than the lifetime of the Universe to crack - even with today's Supercomputers and even with computers in the foreseeable future.

3) The third attack has been called the "rubber hose" attack. If your enemy is a large and powerful entity, like a government agency, they might not bother with trying the first two attacks. Instead, they would just come after you, and beat you with a rubber hose until you reveal either your passphrase or the information in the file.

Encryption will protect you against the first two attacks, but not against the third. As long as the enemy can find an encrypted file on your hard drive, or other storage media, he can use the third attack. If your encrypted file is inside a GIF file, the enemy will most likley not find it. And if he does find it, you can believably claim that you know nothing about it. Since the sensitive data is encrypted, the enemy will not get the information you are hiding.

Do not forget to properly delete your original, unencrypted file after you encrypt. There are some very good file shredding utilities.

There is a program called Steganos. This program has all the features needed to overcome the above problems. It is very good not only for encryption, but also for hiding your files and shredding them. The Steganos program is available here.

Go back to the Main page.