secure data export
Orna Agmon Ben-Yehuda
ladypine at gmail.com
Sun Jun 26 08:26:31 IDT 2011
On Sat, Jun 25, 2011 at 11:33 PM, Oleg Goldshmidt <pub at goldshmidt.org>wrote:
> Orna Agmon Ben-Yehuda <ladypine at gmail.com> writes:
>
> > The OCR idea is indeed nice. However, it is only good for small
> > amounts of data, or where the accuracy is not so important (English
> > texts). It is not so good for Hebrew or data (numbers), not to
> > mention binary data.
>
> I thought you said the data you wanted to export was in plain text
> files that someone could read and verify (for some definition of) that
> the information in them is what it is supposed to be. This would imply
> relatively small amounts of easy to parse data. I tried to think how
> such simple files could be used by an attacker to transmit additional
> unauthorized messages.
>
> If you go binary (e.g., images) then an attack (of steganographic
> type, at least) becomes so much easier, and I am not sure you can feel
> safe without some trusted checksums for the files you wish to
> export. I assume that, unlike AV, there will be no know signatures to
> look for even if you know in advance what the contents of leaked data
> are (the hidden message may be encrypted, etc.).
>
> --
> Oleg Goldshmidt | pub at goldshmidt.org
>
I am currently thinking about text, but If the text contains lots of
numbers, then I cannot trust the person to recognize the errors by reading
the file. Oleg - I did not consider steganographic methods in my original
mail, before you raised the issue.
--
Orna Agmon Ben-Yehuda.
http://ladypine.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110626/d804bc47/attachment.html>
More information about the Linux-il
mailing list