Paul S. Ziegler (Independent Network Security Researcher)

Presentation Title Steganographic AVI Filesystems for Fun and Profit
Presentation Abstract

In the days of TSA pat-downs, cryptography has one important drawback: Governments and criminals will use force until you give them the key to your encrypted files. It sounds much better to keep secure files steganographically hidden. Many solutions for creating steganographic partitions exist, but they all share the same weakness: Any space written to steganographically will be empty in your visible partition.

Once you are found carrying 10 one-terrabyte-harddrives only containing 100MB of data each, your cover is blown. The solution is to store data in legitimate files. Files that you can carry terrabytes of around without anyone finding it suspicious. Videos are a prime example of such unsuspicious files that are large enough to hide huge amounts of data. Unfortunately the classic ways to hide data in video files steganographically are cumbersome and time intensive. The files have to be extracted for reading and can’t be modified while in their container. At least up until now.

This speech covers the implementation specifics behind and practical usage of MariaFS – a FUSE filesystem that steganographically hides data within AVI files. Files can be created, read, written, moved, edited and deleted by any user or program as long as the AVI is mounted. This greatly improves the usability of steganography while removing the need to store files in plain-text for reading and editing.

About Paul S. Ziegler

Paul is a free security researcher and author for a wealth of companies and publishers. He was a speaker at defcon15, Black Hat Japan 2007, AVTokyo 2009 and Hack In The Box Kuala Lumpur 2010 and likes keeping speeches easy to follow and fun to listen to while tapping into new and unusual areas of security research.