This page is concerned with one subject - your privacy. The ability to keep secret that which you do not choose to reveal.
As I am a technician and not an artist, writer, philosopher or politician I will keep it simple. Here are a few goodies which will help you. They are not by any means a complete solution but rather building blocks for a secure safe house.
If you download any of these items please check the associated signature. Each item on the server has a pgp signature file either included in a composite zip file or downloadable separately. The reason for this is that there may be errors in transmission or there may be deliberate attempts to falsify these products. Either way you should convince yourself that what you got is what I sent.
Here is my pgp key: alatham pgp key
The chances are that you don't know me so you should also get my public key from one of the many public key servers: keyserver
If you find any signature failures please alert me immediately. Here is my address: Allan Latham
If you don't know about pgp and encrypting e-mail and electronic signatures please start here: pgp or pgp international
PPDD is a device driver for Linux. It allows you to create a device which looks like a disc partition. You can then create an ext2 filesystem on this device. The data is in reality written to and read from a real disc - either a partition or a file on a normal filesystem. Everything on the disc is encrypted. The encryption algorithm is blowfish. Clearly more than just a device driver is involved in this and I have tried to make the overall system secure and foolproof.
All versions to date are beta releases - that means that there is a risk that undiscovered bugs will erase all your data and that there may well be security holes.
So far only an Intel-86 version has been produced - mainly because the the encryption engine is in assembler to ensure optimal performance.
All the revisions below include the ability to encrypt the root filesystem and swap files so that the chances of accidentally leaving secret material on disc are very small indeed. At the current stage of development this feature requires a reasonable knowledge of Linux - particularly the boot process - on the part of the sysadmin who implements it.
Revision 0.6 has been available for some time for the late 2.0 series kernels. It is very stable but there is a known weakness in the face of an attacker who has access to many copies of the backups or if he can see the encrypted file many times over a period of time where changes take place. He can learn a lot about the extent of the changes although he cannot use this to decrypt the data.
Revision 0.7 overcomes this problem. It is also the first revision available for the 2.2 as well as the 2.0 series of kernels. There are also improvements in the area of handling read-only filesystems and filesystems with various blocksizes. It is unfortunately incompatible with revision 0.6 (and earlier). This revision has been widely used and has a reputation for stability.
Revision 0.8 provides extra utilities for en/decrypting without kernel support. These are also very useful for making backups. The major improvement is in the makefile. It is now much easier to use and it checks much more thoroughly. Such tasks as patching the kernel and testing the newly compiled programs have been largely automated. The basic cryptography remains the same as 0.7 and the data on disc is in exactly the same format - the two revisions are fully compatible. It does not have the number of users as the earlier 0.7 but current feedback indicates that it should prove to be a reliable release.
Warning: Do not use this or earlier revisions for filesystems larger than 2Gb.
A pre-release of 0.9 is now available (June 12, 1999). Please try it but do come back to this page later in the year to see if there has been an update. As promised the documentation has been improved. There are now "man" pages at long last. Several bugs were reported with 0.8 which have been fixed in this release. The most serious concerns filesystem corruptions on filesystems larger than 2Gb. A further step forward is that ppdd is now SMP safe.
If you have retrieved a pre-release of 0.9 earlier than the June 12 1999 you may want to download the current version (0.94) as it contains a fix for some problems concerning compiling ppdd as a module.
Earlier revisions than 0.7 are not recommended. The goal is a 1.0 version which can be installed and used by an "average user". The target date for that is the end of the twentieth century (not long to wait).
JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. There are lots of versions of similar programs available on the internet but JPHIDE and JPSEEK are rather special. The design objective was not simply to hide a file but rather to do this in such a way that it is impossible to prove that the host file contains a hidden file. Given a typical visual image, a low insertion rate (under 5%) and the absence of the original file, it is not possible to conclude with any worthwhile certainty that the host file contains inserted data. As the insertion percentage increases the statistical nature of the jpeg coefficients differs from "normal" to the extent that it raises suspicion. Above 15% the effects begin to become visible to the naked eye. Of course some images are much better than others when used a host file - plenty of fine detail is good. A cloudless blue sky over a snow covered ski paradise is bad. A waterfall in a forest is probably ideal.
This is available as a Linux version for interested parties to experiment with: jphs-0.3.tgz - compressed tar signature
It is also available as a Windows and DOS version ready to run. This is not because I am a Windows/DOS fan but rather that the products need to reach a wider audience. My main concern over Windows/DOS is not that they are making a few people very very rich but rather that the source code is not available for scrutiny and there may well be built in trojan horses. Be that as it may they are a fact of life and in any case it was fun learning visual C++.
JPHS for Windowsftp://ftp.gwdg.de/pub/linux/misc/ppdd/jphs_05.zip
Here's the rest - it's mostly quite old and/or obscure but I needed it at the time and it may help you too.
A variation on cipe-0.6 which improves performance for small packets on interactive sessions:
You don't know about cipe? Then please look here - it's one of the best secrecy/privacy products on the net: cipe - virtual private network
Finally nothing to do with privacy or secrecy but .... A telnet for Data General MV computers which runs on Linux and behaves more or less like something between a D-210 and a D-460 (If you don't know what these are then it's not for you!):
tel210-0.16.tgz compressed tar signature
DISCLAIMER
The contents of this page are personal and absolutely nothing to do with my employer. I have written my own contributions to the items you find here in my own personal time. I hope you find these items useful but I can offer you no warranty or guarantee. They are available free of charge but you use them at your own risk. If something good happens I will smile with you. If something bad happens then you cry alone.
June 1999 - Allan Latham alatham@flexsys-group.com