How to create dat files?

[dimtim]

Hey I have about 200 mb of important text documents and small audio files I want to hide. There are a lot of ways to do this, but I was having fun trying to find unique ways to do it.

Is there a way to create dummy dat files that act as kind of a shell, and some tricky way to view the files as they actually are?

Kind of a weird question, but I think you guys know what I'm saying.

Thanks
Tim

[TJohns]

Check out TrueCrypt - it allows you to create an encrypted volume (sort of like an ISO) which you can "mount" as a normal drive letter (with the correct password, of course) and then copy/paste/rename etc. like a normal drive. But when unmounted, a hex dump of the volume just looks like random data.

You can even "hide" a secret sub-volume inside it that is invisible, so you can even "mount" the volume to show "others" that it contains nothing really interesting at all!

Trev

[dimtim]

Sweet idea. Is there anyway you could put this random data on a dvd, then insert the dvd, mount it and use it???

That would be exactly what I'm looking for.

Thanks
Tim

[jimmalenko]

I guess the main question I have is "Why ???"

I certainly don't think there's a need to reinvent the wheel. Isn't a password-protected ZIP or RAR file good enough security ???

[IKnowNothing]

dimtim
Yes once you have created the volume you can burn it to DVD and mount it from there (or a networked drive or anywhere you care to store it). Only limitation is that it becomes read only (obviously). TrueCrypt is very strong anduser friendly - so far I've not heard of a brute force attack succeding but it's only a matter of time.
You can increase the security by changing the file extension so windows "thinks" it's an Access Database or a video clip.

jimmalenko
Last time I trried it took me 10 minutes to decrypt a Zip file! There are quite a few crackers out there aimed at zip ranging from word lists to brute force. You can make it harder by including spaces, changing case etc but intrinsically Zip encryption is weak.

[jimmalenko]

Well, I disagree - All the ZIP and RAR crackers I've seen are only really worthwhile (and/or free) if the password is < 6 characters or so, and relatively "simple" in terms of complexity. By the time you use different cases and symbols, every character you add to the password length makes it that much harder to crack due to the number of possibilities increasing greatly. And ~200MB wouldn't take too long to decompress.

Again I guess the "best" solution is a question of whether the effort taken to protect the data is justified by the nature of the data itself and its need to be protected.

[IKnowNothing]

Like many people you confuse strength on encryption with complexity of the passphrase.

ZIP, RAR etc use a weak encryption algorithm and are there "easy" to decrypt using crypto analysis. Most free crackers use brute force (try every possible passphrase until you find one that works) and therefore take a long time. Others use analysis and therefore the are quicker and the passphrase is irrelevent.

It alldepends on how secure you want your data to be. An encrypted zip/rar file will disuade mose people from trying to get at your data. Using something like True Crypt or PGP file encryption makes it almost impossible for the average user to get at your data. However no encryption system is unbreakable give time, processor power and the desire/need.

[AlanHK]

ZIP, RAR etc use a weak encryption algorithm and are there "easy" to decrypt using crypto analysis.

No.

For Rar's 128-bit AES encryption there is no successful decryption method. All available so-called Rar decryptors simply use a brute force or dictionary attack.

I believe WinZip can use AES in Zip archives as well, though standard zip encryption is weaker.

[jimmalenko]

Like many people you confuse strength on encryption with complexity of the passphrase.

No ... I equate complexity of the passphrase with time and effort taken to crack it.

I equate strength of encryption with the nature of the data and its need to be protected.

After all, I hardly think we're talking about "NASA-esque" security levels here - moreso the "I don't want my brother discovering my porn stash" kind