                          FakeFiles Manual - Contents
                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~


                                                 Version 1.03 (25th Dec 2007) 
  ----------------------------------------------------------------------------
                FakeFiles is *Freeware*: please read the Licence

                                       FakeFiles
                                        Purpose
                                      Requirements
                                    Using !FakeFiles
                                     Hints 'n' Tips
                                  Copyright & Licence
                                 Contacting the author
                                       Disclaimer
                                            
  ----------------------------------------------------------------------------
   If you have any comments about FakeFiles, or would like to report any bugs
   you may find, please email me at the address below.

   Updates to FakeFiles and more applications for RISC OS computers can be
   found on my website at http://www.vigay.com/software/.

                 2007 Paul Vigay (nospam@vigay.com) | Disclaimer
  ============================================================================

                                FakeFiles Licence
                                ~~~~~~~~~~~~~~~~~

     Licence of Use

         *FakeFiles* is *FREEWARE*

         However, those who send a 'donation' will be eligible for technical
         support and advice/help on using FakeFiles and gaining the most from
         it.
         Please read the disclaimer first though.

         A recommended registration donation is 5 (UK pounds), which you can
         send to:-

         *Digital Phenomena Limited*
         PO Box 813,
         Portsmouth,
         Hampshire,
         PO1 9EY.

         Please make cheques payable to *Digital Phenomena Limited*

         Digital Phenomena is the trading name for my RISC OS Software
         Development company.

    --------------------------------------------------------------------------
       Previous: Hints 'n' Tips  Next: Contacting the author
    ==========================================================================

                                     Purpose
                                     ~~~~~~~

     Purpose of FakeFiles

         The purpose of *FakeFiles* is to generate PGP encrypted files using

                                                                        Page 1
         a random passphrase or 'key' which you never know. The files are
         random gibberish which merely *look* like PGP encrypted files.

         This gives you the excuse of plausible deniability if the police
         seize your computer and discover so-called 'encrypted' files on it.
         You cannot provide decryption keys because there aren't any!

         Article 12 of the United Nations Declaration of Human Rights states
         that;

            "No one shall be subjected to arbitrary interference with his
         privacy, family, home or correspondence..."
                
                See http://www.un.org/Overview/rights.html

         Also see http://news.bbc.co.uk/1/hi/technology/7102180.stm for the
         article which inspired me to write !FakeFiles

    --------------------------------------------------------------------------
       Previous: Contents   Next: Requirements
    ==========================================================================

                              FakeFiles Requirements
                              ~~~~~~~~~~~~~~~~~~~~~~

     Requirements

         To use FakeFiles, you need GnuPG (GPG) installed on your machine.
         This can be downloaded from Stefan Bellon's website at
         http://www.sbellon.de/gnupg.html

         You should read Stefan's own instructions on installing GnuPG.

         The CryptRandom module is also required, which can be downloaded
         from http://www.chiark.greenend.org.uk/~theom/riscos/crypto/

    --------------------------------------------------------------------------
       Previous: Purpose    Next: Using !FakeFiles
    ==========================================================================

                                 Using FakeFiles
                                 ~~~~~~~~~~~~~~~

     Using FakeFiles

         Double-click on !FakeFiles to run the application. The main window
         will appear (fig.1)

                                           fig.1

         The *Directory* icon allows you to specify a directory to create,
         which will contain all the random files produced by FakeFiles.
         Simply, enter a suitable name and then drag the directory icon to a
         suitable filer window. This will set the full filepath in the
         writable icon.

         The *number of random files to create* is self-explanatory and
         allows you to enter a suitable number. The default is 20

         *Random date* will set a random date stamp to the files produced.
         It's advisable to turn this option on (ticked) so that there's no
         way of telling how old the produced files are. They'll each have
         random datestamps between approx 1980 and 2008.

                                                                        Page 2
         For more info, see the Hints 'n' Tips section.

         The *maximum filesize* allows you to extend the length of the files
         produced. By default random files are created, containing between 50
         and 5000 lines (of between 60 and 80 characters), which will produce
         files approximately between 20K and 500K in length. To extend this,
         simply enter a value in this icon. It will recognise K (for 1024
         bytes) and M (for 1024000 bytes), so for instance if you wish to
         create files up to 5MB in length, enter 5M.

         The filenames produced will all have random names based upon a text
         file of suitable names stored within !FakeFiles itself. This file
         can be edited by clicking on the *Edit filenames* button, which will
         launch it into a text editor for you.
         Simply add any extra filenames you require, with each one on a new
         line. !FakeFiles will then choose any name at random, adding a
         number or letter as a suffix to avoid duplicate filenames.

         *Cancel* will cancel any operations and Quit FakeFiles.

         *Create* will go ahead and create the random files. This will take a
         little while depending upon the maximum filesize. By default it will
         take around a minute. An hourglass will show the percentage done so
         far.
         The hourglass will momentarily change colour whilst GnuPG is
         actually encrypting the current message. The computer will
         single-task during this time, but should return to multi-tasking
         when the next random file is being generated.

         View the Hints 'n' Tips section for more details on usage and ways
         to aid 'Plausible Denial'.

     Actually Encrypting

         By clicking on the ?? padlock icon in the bottom left hand corner,
         you can put FakeFiles into 'genuine' mode, for additional
         functionality and privacy. In this mode you can encrypt *actual*
         files using exactly the same process as encrypting the random ones.
         Click here to view instructions for this mode.

    --------------------------------------------------------------------------
       Previous: Requirements    Next: Hints 'n' Tips
    ==========================================================================

                                  Hints 'n' Tips
                                  ~~~~~~~~~~~~~~

     Hints 'n' Tips

         *Plausible Denial*
         Because there is no way of telling the difference between randomly
         encrypted files for which you don't have the passphrase, and thus
         can't provide it on demand, and those files genuinely encrypted
         there is no evidence of which are dummies and which are real.

         Thus, a user could adopt the strategy of encrypting any genuine
         files using passphrase (or seed file) A for files he/she is willing
         to decrypt under duress, whilst reserving a different (very strong)
         passphrase B for more important files that must never be revealed.
         With a selection of randomly created files that the user doesn't
         have the passphrase for, there is no way of distinguishing which
         files are random and which have been genuinely encrypted using
         passphrase A or B.

                                                                        Page 3

         *Combining Passphrases*
         You can improve security by using multiple encryptions.
         For example, you could encrypt a file using a standard passphrase.
         This will produce an encrypted file, but you can additionally
         encrypt this again, perhaps using a random 'seed file'. As long as
         you remember the order in which you've encrypted things, you can
         decrypt them using the reverse order.
         However, because !FakeFiles currently detects the "-----BEGIN
         PGP..." text at the beginning of an encrypted file and gives you a
         'decrypt' option, you would need to manually add an additional line
         (could be random) before it. For example:

         1.  Encrypt a real file with a passphrase.
         2.  Modify the encrypted file in some simple way, so that !FakeFiles
             doesn't recognise it as encrypted, e.g. by adding a line (even
             blank!) before the "-----BEGIN PGP..." line.
         3.  Encrypt the resulting file using a seed file.

         The process can be reversed (in reverse order) to decrypt the
         original file.

         *Random datestamps*
         When thinking security, there are a number of things you need to
         consider. Much security is more a state of mind than actual software
         or technology. When safeguarding your privacy, you should begin to
         'think' security and consider things from all aspects.

         For example, if you generate 50 random files and the 'spooks'
         discover them on your hard disc, ttheir suspicion may be aroused if
         they discover that all 50 files are dated within a few seconds of
         each other. Thus simply adding a random datestamp to each file can
         add extra confusion and not allow forensics to determine when the
         file was actually created.

         Conversely, if all your fake files have random datestamps (quite
         possibly pre-dating the release of FakeFiles), but your genuine
         files all have recent dates, it may yield a clue as to which files
         are which. Therefore you may consider randomly datestamping
         genuinely encrypted files.

         At the end of the day, if there is no way of guaranteeing which date
         your files were actually created, this removes yet another clue as
         to identifying which is a genuine file and which is a random decoy.
         A simple policy which can improve security and thus plausible
         deniability.

         *Destroying data*
         Another feature of !FakeFiles is that of irretrievably deleting and
         destroying data without warning and without giving a second chance.
         Although potentially dangerous, this feature can be used to destroy
         data if you wish to securely delete files. Of course, use of this
         facility is at the users own risk, as there is no way of recovering
         files thus deleted.

         To deliberately destroy a file, simply drag an encrypted file to the
         genuine encryption panel, enter an incorrect passphase and click
         'Decrypt. The file will be wiped without further warning.

    --------------------------------------------------------------------------
       Previous: Using !FakeFiles     Next: Copyright & Licence
    ==========================================================================


                                                                        Page 4
                              Contacting the Author
                              ~~~~~~~~~~~~~~~~~~~~~

     Contacting the Author

         *FakeFiles* is written and developed by *Paul Vigay*

         You can contact Paul via;

         Email:   mailto:nospam@vigay.com
         Web:     http://www.vigay.com/
         or
         Post to:
             *Digital Phenomena Limited*
             PO Box 813,
             Portsmouth,
             Hampshire,
             PO1 9EY.

    --------------------------------------------------------------------------
       Previous: Copyright & Licence  Next: Disclaimer
    ==========================================================================

                               FakeFiles Disclaimer
                               ~~~~~~~~~~~~~~~~~~~~

     Disclaimer

         FakeFiles is used primarily for creating a batch of GnuPG encrypted
         files with random passphrases. The original passphrases are securely
         wiped after creation, so you are provided with plausible deniability
         if you are ever asked to produce the decryption keys - there aren't
         any for you to produce.

         However, FakeFiles is also capable of genuinely encrypting files
         using the same techniques as the random files - so analysis is
         unable to distinguish between genuine and random files. Therefore no
         responsibility will be accepted for use, either correct or incorrect
         and absolutely no responsibility will be accepted for any loss,
         corruption or deletion of data, howsoever caused.
         Whilst all due care has been taken to ensure that FakeFiles doesn't
         do anything untoward without your knowledge or input, use of
         FakeFiles is entirely at the user's own risk.

         Registered users can contact me for additional support or advice on
         the use of FakeFiles and any confusing or unexplained errors or
         messages.

    --------------------------------------------------------------------------
       Previous: Contacting the author     Next: Contents
    ==========================================================================

                         Encrypting files using FakeFiles
                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     Really Encrypting files

         Clicking on the ?? padlock icon in the bottom left corner of the
         main window will open the *encrypt* window (fig.2).

                                           fig.2
         If you wish to genuinely encrypt one of your own files, you can drag
         a file of your choice to the *Filename* icon.

                                                                        Page 5
         Enter a passphrase into the *Passphrase* icon. You can also drag a
         file into the passphase icon, to use data within the file as a
         passphrase. For more information, read the advanced notes on how it
         works.

         Clicking on the *Random datestamp* button will optionally reset the
         datestamp of the final encrypted file to a random time/date between
         approx 1980 and 2008.

         If you now click on the *Encrypt* button, the file will be securely
         encrypted using the passphrase provided.
         To decrypt the file, drag the encrypted file into the *Filename*
         icon and the 'Encrypt' button should change to 'Decrypt'. Decrypting
         is thus a reversal of encryption.

         *WARNING* If you get the passphrase incorrect, you will not be able
         to decrypt the file and the original will be deleted. No warning is
         given before deleting the original. This is intentional because it
         provides a way of self-destructing the original without giving the
         spooks any warning....

         *Edit filenames* works as per the instructions for the main window.

         *Cancel* will close the window and quit FakeFiles.

     Back to Randomness

         Click on the padlock icon to return to the normal mode of generating
         fake files.

    --------------------------------------------------------------------------
       Previous: Using !FakeFiles     Next: Hints 'n' Tips
    ==========================================================================

                          Advanced notes on how it works
                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     Advanced notes on how it works

         When encrypting a real file there are two ways of entering a
         passphrase; Either you can type a line of text in the conventional
         sense, or you can drag a 'seed file' to the passphrase icon.

         If you drag a file to the icon, FakeFiles will use data bytes within
         the file to construct a passphrase of between 100 and 200 characters
         in length (actually 100 + [lengthofseedfile MOD 100]). Rather than
         just read bytes sequentially from the beginning of the seed file,
         FakeFiles calculates the best distribution of bytes evenly
         throughout the entire seed file and steps through the whole file
         picking bytes. This gives a more even, pseudo random sequence of
         data.

         Once FakeFiles has extracted a byte from the seed file, it then
         performs a lookup of valid passphrase characters (performed via x =
         b MOD l where b is the byte read from the seed file, l is the length
         of the valid characters string and x is the offset within the valid
         characters string) in order to compose a passphrase. The characters
         allowed are defined within the !FakeFiles.Messages file, after the
         chars: declaration. You can edit these if you wish, but the default
         setting provides a good balance of letters.

         *Important Note*
         When selecting a 'seed file' to use as the basis of a passphase, you

                                                                        Page 6
         should find a file which has a good entropy of pseudo random bytes
         in it. Files which have large sections of similar bytes or repeated
         data will yield less secure passphrases, even though FakeFiles will
         step evenly throughout the entire file.
         You can check the entropy of files by using my !Ent application,
         available from http://www.vigay.com/software/ent.html
    --------------------------------------------------------------------------
       Previous: Requirements    Next: Copyright & Licence
    ==========================================================================























































                                                                        Page 7
                                C o n t e n t s
                                ~~~~~~~~~~~~~~~


                     FakeFiles Manual - Contents          1

                     FakeFiles Licence                    1

                     Purpose                              1

                     FakeFiles Requirements               2

                     Using FakeFiles                      2

                     Hints 'n' Tips                       3

                     Contacting the Author                5

                     FakeFiles Disclaimer                 5

                     Encrypting files using FakeFiles     5

                     Advanced notes on how it works       6





























    +----------------------------------------------------------------------+
    |                                                                      |
    | This text file was converted from a StrongHelp manual on 26 Dec 2007 |
    |                                                                      |
    |             using !StHlp2Txt version 1.10 (8 June 2001)              |
    |                           by Chris Morison                           |
    |                                                                      |
    |               email: organizer@morison.net                           |
    |                 web: http://www.organizer.morison.net/               |
    |                                                                      |
    +----------------------------------------------------------------------+

                                                                        Page 8
