Post by §unnyéIf I zip a file then encrypt it with PGP then delete the .pgp extension so
that the file appears to be a zipped file again can the file type be
determined by examining the file in an editor?
Of the several files I have done this with, I cannot see any specific
characters in the file that would tell me what type of file it is.
Should the file be ascii armored in addition to encryption to help in
disguising the file type?
Thx
§Rß
Most if not ALL programs the authorities (and many companies) use for
looking at files do NOT use the extension. They use the characteristics
of the file to determine the type. BWT look both ends of the file for
matches.
A simple solution is to zip, PGP and zip. That way the outer file is a
zip and password it of course.
The problem is your problem can not be solved unless we know what sort
of thing it is you want to protect from who.... ie the level of attack
you are likely to get.
The SW used by the UK police would pick up the renamed PGP file in side
a renamed zip... unless the zip was Password protected in which case it
would flag that. Then the password cracker would be run and the
resultant PGP file be seen. These days PGP is seen as "having something
to hide" and most police forces would deem it an admission of guilt if
you don't open the PGP file.
It depends what you are trying to secure and from whom.
There are several forms of security. Passwords on a file that can be
seen. ie zip, PGP word docs etc and actually hiding the data in such a
way that it is not seen as a target file.
For example (this is an example from a real case that is used on
demonstrations and I am NOT suggesting the OP or anyone else is using a
pedophile) some pedophiles embedded images in word documents with a
height and width of zero and then out another harmless image over the
top of it.
Thus the hunter who has cracked zip password, pgp pass word and the word
password finds a document full of harmless images of castles, flowers,
trains etc It is easy to miss the other "hidden in plain view" images.
Then there is hiding files inside images.
They put the file where it is not obvious even when seen. Place the file
in the temporary files area with suitable name and extension. Though the
authorities look there these days. Of course you could set it to hidden,
read only or system etc and hide it in the main OS file area.
IT all comes down to what are you hiding from whom.
The most secure is to zip, pgp, zip rename, Then build it into a DLL or
something like so the compiled file has a dl signature. Then put it in
to the OS area and delete. then mark the blocks used and "unuseable"
with different dates so they were not al done at the sometime. Then
defrag the disk.
And lastly depending on what the data is ...... use some one else's PC
:-) The only problem is comes when you find all your insider dealing
share information is on a PC of a colleague who is busted for drugs or
pedophile etc and the Police pick up his/her PC and find your data by
accident.
It all comes down to what you are hiding from whom.
--
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills Staffs England /\/\/\/\/
/\/\/ ***@phaedsys.org www.phaedsys.org \/\/\
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/