[Noisebridge-discuss] Freespace / slackspace file system

Sai Emrys noisebridge at saizai.com
Thu Sep 24 06:48:56 UTC 2009 

I'm curious whether this is possible and/or already done.

The idea: have a file system that lives entirely in the free space
and/or slack space of another file system.

It is totally OK for it to be lossy - files won't be dependably
persistent - but it should at least try to minimize that. In any case,
consistency is more important (corrupt data is bad) and being
transparent to the main file system is mandatory.

Ideally, this system should:
* work simultaneously with the main filesystem being mounted and operating
- i.e. if the main file system wants something, it gets it - no locking allowed
* have separate modules for leeching off various other filesystems
- e.g. finding free space, etc are probably filesystem-specific
operations, but the rest should be filesystem-agnostic
* be at least a bit encrypted
- e.g. so the indexes & files can't be told apart from randomness
without the key, and are not feasibly brute forced
* in no way interfere with the main filesystem, other than increased
disk activity when interacting with it
- e.g. no taking up space, breaking hibernation, breaking backups, etc
* be robust against losing and gaining blocks all the time
- e.g. better to lose a few files rather than corrupting a whole bunch more
- probably requires very redundant storage and lots of checksumming
* be hard to detect or interact with at all without the key
- other than of course one can wipe it by wiping "free" space
* be at least reasonable speed etc

It should monopolize as little as possible, and in as hidden a way as
possible. For instance, if it's really necessary, it'd be okay to find
a sector that's entirely free space, mark it as damaged, and use it
(eg for encrypted indexes?); that'd make almost everything not even
realize it's there, at a fairly small cost.

Bonus points if it can actually find and take advantage of slack space
in certain files (like Windows executables), though I think this
oughtn't be necessary, as I expect it to be much less space than
regular free space in most cases.

Anyone know of something like this?

The closest I can think of is Truecrypt, but it doesn't really do this
at all (except the crypto, which it does quite well); it requires
outright ownership of its file / partition / psuedo-partition. I want
this to live within the gaps of a preexisting one.

- Sai

More information about the Noisebridge-discuss mailing list