North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How do you stop outgoing spam?
On Tue, Sep 10, 2002 at 12:45:01PM -0700, Al Rowland wrote: > Steganography looked great in that hollywood movie Along Came a Spider > with Morgan Freeman (or at least the 'screen friendly' version they > portrayed) but a recent study of millions of graphics across USENET > found zero steganographic images. Great theory, no examples found in the > wild, other than in Hollywood scripts and some folk trading porn of the > type not usually posted to the public Internet. I was going to stay out of this one, but then this came along. It is trivially easy to encrypt, transpose, or otherwise bury the message inside an image, or what have you. If I use a PRNG, prearrangement, or some other selection method to decide which bytes, or which files, or some combination of both will receive a chunk of the data to be hidden, and then encrypt it with a decent enough algorithm, it will not be easy to determine there is something there at all, particularly in a medium like USENET where lots and lots of large binary postings are common. Just because someone ran through a pile of images using jpegv4 with the jsteg patches, or some similar commercial application, does not mean it wasn't there -- it just means it wasn't obviously there. I myself have encrypted my PGP key's revocation certificates and buried them in some images on a website as a fallback storage method. Is it widely used? Probably not. Is it safe to say it's not being used on the basis of a quick check with an off the shelf utility or two? No. --msa
|