Hide Your Hard Drive’s Secrets in Plain Sight

  • Share
  • Read Later

Encrypting data on your hard drive can be such nuisance, what with all the special apps and public/private keys, and the whole thing might as well be a pound of slag if you forget the passcode.

What if you could just hide everything in plain sight?

Turns out you can. It’s called steganography, from the Greek steganos, “covered” and graphia, “writing,” and according to New Scientist, it’s all about fiddling the whereabouts of fragmented data.

(More on TIME.com: Toshiba: This Hard Drive Will Self Destruct (if Stolen))

Typical encryption methods involve scrambling data, while typical steganography methods involve embedding data in a picture’s pixels. Trouble is, both methods are easily detected–fine if you’re just trying to secure the data itself, but something of a problem if you want to prevent others knowing you’re hiding something (or, you know, you’re a spy).

Enter scientist Hassan Khan and colleagues at the National University of Science and Technology in Islamabad, Pakistan, who’ve come up with a method for using the file system on your hard drive to store secret messages.

You know how a hard drive stores data anywhere it can find free space? Operating system’s start fresh building contiguous clusters of data, but as you delete and move data around, they backfill the newly freed up space, leading to what we call “fragmentation.”

Imagine if–instead of sorting data according to free space–the drive controller chip etched data onto your hard drive’s platters (or in the case of solid state drives, non-volatile memory chips) in the form of a code. That code works like this: If sequential files are adjacent on the disc, you get a binary 1. If they’re not, you get a binary 0. Add those ones and zeros up and you get the message. And the only way to tell if there’s a message is with special software–there’s no way to detect it otherwise, since the hard drive looks like any other moderately fragmented hard drive.

So okay, James (or Jane) Bond, say you’re checking out of repressive country X, steganographically encoded hard drive in tow, and the checkpoint authorities opt to search it. After looking it over, they find nothing obvious, but just to be sure, they opt to “defragment” it as a matter of, shall we say, procedure. Defragmentation harms none of your visible data, but if I understand the technique above correctly, it’s death to a fragment-based encoding system.

While I don’t see TSA adding “hard drive defragmenting” to its already overburdened list of security checkpoint to-dos, someone in the know could still mess with you. If you’re suspected of being a spy, how much trouble would it be for the authorities to take your drive, pop it into a virus-shielded computer, pull up a defragmention utility, and tap “start”?

Then again, if you’re suspected of being an international snoop, you’re already in a much bigger pickle.