Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

First Steganographic Image Found In The Wild

timothy posted about 13 years ago | from the monkeying-with-images dept.

News 306

Niels Provos writes: "After months of searching for steganographic content on eBay and elsewhere -- downloading millions of images, we were finally able to find an image with a stegangraphic message hidden in it. Stegdetect and Stegbreak made short process with it. It took less than a second to compute the secret key necessary to extract the hidden message. Two commands at the prompt, and we found the hidden message to be an image of B-52 scrapyard. Right off Terraserver."

Sorry! There are no comments related to the filter you selected.

Oh Yeah (-1, Troll)

LinuxIsForAssholes (527253) | about 13 years ago | (#2432021)

First MF Post!!!

Re:Oh Yeah (-1)

Dead Fart Warrior (525970) | about 13 years ago | (#2432053)

Maaaaad propz to you. And your name rings true!

ta fucking da (-1, Troll)

DivineOb (256115) | about 13 years ago | (#2432022)

losers

What you deserve (-1, Troll)

Anonymous Coward | about 13 years ago | (#2432182)

Your mother should have emasculated you with a miniature guillotine.

Re:What you deserve (0)

Anonymous Coward | about 13 years ago | (#2432234)

why?

frist ps0t? (-1, Troll)

Anonymous Coward | about 13 years ago | (#2432027)

je croix que oui. high point of my day.

Stupid 2 minute wait... (-1)

Dead Fart Warrior (525970) | about 13 years ago | (#2432029)

... is gonna prevent me from a first toast [drtoast.com]

Son of a bitch!

Yeah, except for... (5, Informative)

Anonymous Coward | about 13 years ago | (#2432031)

What about the Evil Bert picture? We didn't seem to have the flood of Anthrax here in the U.S. until after that poster came out.

Hidden message?

Hidden like a fox!

Re:Yeah, except for... (3, Offtopic)

stilwebm (129567) | about 13 years ago | (#2432113)

While the above post was meant to be humorous, it brings up an important point. The Taliban doesn't always utilize the most high tech tools, and for good reasons - they are often easy to track and/or detect. Instead, they are likely to use low tech mothods to hide their messages. Certain phrases, for example, in bin Laden's statements quite possible are intended to send an additional pre-defined meaning. This is something that only human reconnaissance can effectively decode.

Re:Yeah, except for... (4, Insightful)

Gallowglass (22346) | about 13 years ago | (#2432207)

"Certain phrases, for example, in bin Laden's statements quite possible are intended to send an additional pre-defined meaning."

My only exception to stwilwebm's comment above is the phrase "quite possibly". IMNSHO, "not bloody likely" is the correct adverbial phrase.

Let's all stop and think about this for a meaning. I wish to send an important secret message to my evil henchmen on another continent. Do I send an encrypted letter? Do I send a human messenger by plane to carry the message? Do I phone them and use secret phrases with hidden meanings to convey the message to them?

Apparently not, if we are to believe the Security Experts who don't want us to hear Bin-Laden. Apparently the best way to send secret messages, is to tape yourself and hope that the corporate minions of the Great Satan will transmit your message, complete, clear (no poorly translated voice-overs, if you please) and in a timely fashion.

Am I the only one who thinks that if Bin-Laden really is that stupid, that we have little to worry about?

Re:Yeah, except for... (0)

Anonymous Coward | about 13 years ago | (#2432277)

The Taliban doesn't always utilize the most high tech tools, and for good reasons - they are often easy to track and/or detect. Instead, they are likely to use low tech mothods to hide their messages

Okay, so the Taleban is the terrorist organization headed by ibn Laden, and Al-Qaeda is the regime heading Afghanistan. Perhaps you meant to say Al-Qaeda?

Don't forget: the Taleban has repeatedly offered to turn over ibn Laden in exchange for irrefutable evidence. We can not provide irrefutable evidence because we have none. The organizers died on the planes. Of course, this fact won't prevent Bush from bombing the shit out of Afghanistan to make way for a puppet government and the coming Uzbekistan-Indian Ocean pipeline which will further fatten his inheritance.

History will properly judge America as the world's most hideous tyrannical state--once our empire completes its collapse and the Big Five media companies stop writing the history books.

First Stegasaurus? (-1)

TrollMan 5000 (454685) | about 13 years ago | (#2432032)

When I saw this I thought This is incredible!! since the stegasaurus has been extinct since the end of the Jurassic period.

Then I saw it was another article on steganography.

Not exactly "in the wild" (5, Informative)

wiredog (43288) | about 13 years ago | (#2432033)

It was shown on ABC news during a discussion of, guess what, steganography. The key was "abc". The person who created it said that it had a message hidden in it. An image "in the wild" would be one that was found at images. [slashdot.org] that wasn't known beforehand to have steganographic content.

Preview is my friend (3, Informative)

wiredog (43288) | about 13 years ago | (#2432048)

images. [google.com]

Re:Preview is my friend (2, Funny)

srvivn21 (410280) | about 13 years ago | (#2432074)

I think you mean:


Preview is
now my friend
images. [slashdot.org]


;o)

Re:Preview is my friend (0)

Anonymous Coward | about 13 years ago | (#2432209)

I don't get it.

[OT] Hunter Thompson... Why? (-1, Offtopic)

The Intrepid Travell (528524) | about 13 years ago | (#2432104)

Your sig is a famous Hunter Thompson quote, which got me thinking...

Why do people respect this drug crazy retard. It's not like he's a good writer, and most of his stuff he admits to making up. What is the draw?

Is it some sort of MTV-esque "Look at how bad I am, I like Thompson!' thing?

Seriously, this isn't a flame. Just curious.

--

Fear and Loathing (0, Offtopic)

wiredog (43288) | about 13 years ago | (#2432117)

I think I read that back in 79? 80? Anyway, it was before everyone tried to be "gonzo". Back in the days when Rolling Stone was actually worth reading. Besides, that line in my sig describes much of my life...

Hunter Thompson: EXPLAINED (1)

SethJohnson (112166) | about 13 years ago | (#2432204)



Sometimes you'll come across writing that just won't make sense to you. That doesn't mean the writer or her readers are retards. Re-read what you don't understand and look for double-meanins. This is also called 'metaphor'.


When Hunter Thompson writes about travelling to Las Vegas and consuming an unhealthy (inhuman) amount of illicit drugs, he's commenting on the excessive consumerism that was running rampant in the 1970s.

Because you're comparing Thompson to MTV, I'll assume that you are also writing in some kind of metaphor, because I just don't understand that comparison and I'd otherwise have to think you are a retard.

Re:[OT] Hunter Thompson... Why? (2, Offtopic)

revscat (35618) | about 13 years ago | (#2432210)

Is it some sort of MTV-esque "Look at how bad I am, I like Thompson!' thing?

Perhaps partially. I admire and respect Thompson because gonzo journalism was, at its onset, a new and refreshing change from more traditional reporting styles. It was a partially successful experiment, and worthy of trying.

But perhaps more importantly I admire anyone who is able to flagrantly flout society's conventions and morality and be successful doing so. Since the mainstream media continues to hound upon the virtues of leading a pure and chaste life, it is refreshing to have someone show that extreme debauchery does not necessarily lead to a life of tragedy, if you are smart about it. I don't consider him a "drug crazy retard", but a journalist who has pursued (and abandoned) some interesting styles and who is a better-than-average writer.

What have you read by him?

Re:Not exactly "in the wild" (-1)

Dead Fart Warrior (525970) | about 13 years ago | (#2432072)

I see you spent a good 14 seconds on the actual article to find that out. I think it was the 5th sentence that says that...

And the whoring commences!

Re:Not exactly "in the wild" (3, Interesting)

Quizme2000 (323961) | about 13 years ago | (#2432086)

What about images attached to emails? I can see it now:
new abc worm scans users hard drive for images with secret messages, sends email to FBI

Re:Not exactly "in the wild" (3, Informative)

sulli (195030) | about 13 years ago | (#2432091)

Right, but it was a good demonstration that their steganography detection tools work.

at the risk of sounding stupid. (1, Offtopic)

Brigadier (12956) | about 13 years ago | (#2432034)



what exactly is the purpose of this. After perusing the site i'm not exactly sure what the purpose of this is. at first i thought it was related to terrorist hiding information in images on the internet. can someone shed some light of this situation.

Re:at the risk of sounding stupid. (5, Interesting)

sphealey (2855) | about 13 years ago | (#2432096)

what exactly is the purpose of this. After perusing the site i'm not exactly sure what the purpose of this is. at first i thought it was related to terrorist hiding information in images on the internet. can someone shed some light of this situation.
Based on my pre-9/11 reading, bin Laden's bunch pass messages via the spoken word, face-to-face, using messengers who are personally known to them and who usually have some sort of family tie.

Therefore, we are going to get very worried about, and pass lots of laws concerning, ultra-sophisticated encryption technology that no evil-doer would ever touch due to (a) complexity (b) potential to stand out like a sore thumb.

Clear now?

sPh

I found the message! (5, Funny)

garcia (6573) | about 13 years ago | (#2432035)

It says "host cannot be reached, click OK to continue"

yay. It only took me 10s w/Netscape to find the message :)

wow (1, Funny)

part!cle (473500) | about 13 years ago | (#2432036)

downloading millions of images? you think they would want to find something better than a pic off of terraserver with that kind of investment.

Oh great... (4, Funny)

RedOregon (161027) | about 13 years ago | (#2432037)

...now we're going to need federal registration to download images off the web... all for the greater cause of fighting terrorism, of course!

Re:Oh great... (0, Funny)

Anonymous Coward | about 13 years ago | (#2432132)

we're going to need federal registration to download images off the web...


I'll give up my images when they pry my hot, sticky fingers...


On second thoughts, forget it.

Re:Oh great... (-1)

Trollificus (253741) | about 13 years ago | (#2432143)

And to do otherwise would be un-patriotic. Well, according to Mr. Ashcroft anyways. ;)

Re:Oh great... (5, Funny)

ackthpt (218170) | about 13 years ago | (#2432156)

now we're going to need federal registration to download images off the web... all for the greater cause of fighting terrorism, of course!

Now I'm beginning to see how evil and subversive those Find the Hidden Picture's were in Highlights Magazine I read as a child! See what diabolical effect it's had on my effort to draw a picture of a simple emoticon!

cccccccccccccccccccc
cccccc/ccccccccEcccc
ccccc/ccc====ccAcJcc
cccc|ccccccccccTcOcc
cccc|cccc====ccccEcc
ccccc\cccccccccAc'cc
cccccc\ccccccccTcScc
cccccccccccccccccccc

The horror, the horror!

Pathetic (-1)

Ralph JewHater Nader (450769) | about 13 years ago | (#2432038)

Slashdot posts such irrelevant crap even the Jewish World Review has more unbiased news.

can this really be considered "wild"? (0, Redundant)

mberman (93546) | about 13 years ago | (#2432040)

it was fabricated and discussed on national television. it's a bit of a stretch to claim it was "found in the wild".

first post? (-1, Offtopic)

caballero19 (244199) | about 13 years ago | (#2432044)

bkw oooohhhhh

Government pushes for ban on Pictures! (0, Redundant)

Oracle of Bandwidth (528405) | about 13 years ago | (#2432045)

I can see now that the government will try very hard to ban pictures or picture reading devices so no one puts copywrited quotes in pictures. Quick someone shut-down picture serch engines for distributing encrypted work!

This lends weight to... (1, Funny)

Anonymous Coward | about 13 years ago | (#2432047)

...the theory that no-one's using this technique!

If I told you.... (1, Interesting)

Russ Nelson (33911) | about 13 years ago | (#2432050)

If I told you that one of the images on my website had stegagnographic content, would that count as "in the wild"?
-russ

Your sig... (-1)

TrollMan 5000 (454685) | about 13 years ago | (#2432121)

Indicates that you're a fag and in denial.

Thank you.

Nothing to see here.... move along (2, Funny)

smnolde (209197) | about 13 years ago | (#2432051)

This wasn't on EBay. This was a published demonstration of how steganography works.

But if you look at the Slashdot image: http://images.slashdot.org/title.gif you'll see cmdrtaco and cowboyneal with pasty white bodies on the well tanned French Riviera.

Re:Nothing to see here.... move along (0)

Anonymous Coward | about 13 years ago | (#2432186)

Can't do.

I have the entry:

127.0.0.1 images.slashdot.org

in my host file. It helps eliminate a lot of the spew this site dumps on my screen. I *like* having all those broken-image icons on the page.

Also worth having in your /etc/host file (or C:\winnt\system32\drivers\etc file on NT):

127.0.0.1 goatse.cx www.goatse.cx
127.0.0.1 comp-u-geek.net www.comp-u-geek.net
127.0.0.1 doubleclick doubleclick.net
127.0.0.1 noodle.port5.com
127.0.0.1 images.slashdot.org
127.0.0.1 sd-images.osdn.com
127.0.0.1 a8.g.akamaitech.net
127.0.0.1 akamaitech.net

I am sure there are plenty more, too.

Mirrors of Image Anyone? (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432052)

The image is being slashdotted it seems.

Super Troll (4, Redundant)

Outland Traveller (12138) | about 13 years ago | (#2432054)

The linked page says that the steg. image found "in the wild" was intentionally done as a demo of steganography and publicized on TV.

Someone please take this article out. It's an embarassment.

Re:Super Troll (-1, Offtopic)

The Intrepid Travell (528524) | about 13 years ago | (#2432126)

It's an embarassment.

No kidding! I clicked the link as was like, "Err... am I missing something?"

Good to see I wasn't totally nuts-o. Wonder if any of the editors _read_ the page?

Oh well, at least there were no spelling errors, right? At least?

Ahh... who am I kidding?

--

No suprise (5, Insightful)

Lumpy (12016) | about 13 years ago | (#2432055)

That it was the planted image from ABC. This is not what I would call a real detection of "in the wild" Show me an image that wasn't part of a media company stunt, or other reporter activity on the very technology of stenaography. Any of the supposed bin-laden images? How about a simple script-kiddie or cracker/thief communication?

In the wild denotes actual use by thrid parties.. A virus in the wild means it's out there looking to do damage and infect, This image is the equilivant of a hello world program on a how to program website.

It's not in the wild, It's an example placed by ABC news.

show me the monkey (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432166)

Ummm. instead of bitching about people not showing you anything, why not go find one yourself or at least help others find these things before it's too late to do anything about them?

What was It..the Message was /.'ed (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432056)

What was It..the Message was /.'ed

the $$$ you want (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432060)

So, did you fund this? Did I?

hmm (2, Offtopic)

ByteHog (247706) | about 13 years ago | (#2432061)

"of course we needed to visit all these pr0n sites! that's where 70% of all the images on the web are!"

yeah! (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432062)

you go girl!

wasn't this on ABC already? (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432063)

FP!

what does it all mean basil? (-1, Offtopic)

cfadam (220860) | about 13 years ago | (#2432064)

C'mon, this all seems a bit paranoid..

Even psychics are right every now and then (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432066)

Even a psychic can be right ONCE in a million!

slashdotted already? (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432067)

Man, how is this already slashdotted?

:\

And the secret message was... (2)

Matt2000 (29624) | about 13 years ago | (#2432069)


...a sure fire way to crash your webserver.

Is this really in the wild? (2, Informative)

Araneas (175181) | about 13 years ago | (#2432071)

So what we have, is an image prepare by ABC as a demonstation of how this type of steganography works. This strikes me more as an image found in the lab rather than the wild.

What I would like to see is a truly wild image culled from the net. Unfortunately, it probably would be kiddie porn.....

Still, the test is interesting.

If I ever meet Tom Daschle (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432073)

I will kick his goat!!!

Fucking stupid americans (-1, Troll)

Anonymous Coward | about 13 years ago | (#2432076)

Do you really think that a backward nation and anti-tech people like Taliban would resort to internet communication?

If any such evidence is found it has been fabricated by the hawks in the Bush cabinet.

Just watch how they'll "find" evidence to "justify" attacks on Iraq in the next few days...

I imagine the next couple images found in the wild (1)

gulped (21680) | about 13 years ago | (#2432078)

... will be the ones in the DECSS gallery [cmu.edu] .

It took months? (0)

Anonymous Coward | about 13 years ago | (#2432080)

It took them months to get someone to put a secret message in a file so they could decode it? If they had just asked me I would have done it in a couple of minutes.

Heh heh. (2)

Scoria (264473) | about 13 years ago | (#2432081)

Now wait for Terraserver to e-mail you about your violation of the DMCA.

Heh heh heh.

Not a very good algorithm / implementation (5, Insightful)

Tassach (137772) | about 13 years ago | (#2432093)

If it only took "a couple of seconds" to find the secret key, it couldn't be very good. There's a big difference between "hide a message in the low bits of an image" grade stego and cryptographically secure stego. If you "encrypt" a message by XORing it with 0xDEADBEEF, don't be suprised when your super-secret encryption is broken.


Good stego should be undetectable -- first off, the hidden message should be encrypted, and therefore nearly indistinguishable from any other set of random numbers. Also, the message needs to be several orders of magnitude smaller than the carrier image -- if you want to hide a 1K message, you ideally want a ~1M image to put it in. Isolating 1K of signal out of 1M of noise would be very computationally difficult.

Re:Not a very good algorithm / implementation (5, Interesting)

Lumpy (12016) | about 13 years ago | (#2432135)

Exactly, a 1st year C programming student could re-write a cheezt stego program to hide that 1 to 2 K message at a Certian byte offset or at a repeating offset.

Stego detection software makes me laugh, it will only detect morons and idiots, and if you really worry about detection increast the Signal to noise ratio. stego EVERY image you come across with the contents of /dev/random. If you saturate the detectors then you can slide what you want through un-noticed.

I dont care what they develop for detection or interception, anyone with 1/2 a brain can get past them without effort. The difference between a madman and a genius is that a genius won't use his/her knowlege to kill people for sport (or any other reason) The madman looks for any excuse to use his/her knowlege to kill maim or destroy.

Re:Not a very good algorithm / implementation (1)

Knunov (158076) | about 13 years ago | (#2432270)

"The difference between a madman and a genius is that a genius won't use his/her knowlege to kill people for sport (or any other reason)"

I guess Oppenheimer was a madman...

Re:Not a very good algorithm / implementation (5, Informative)

cs668 (89484) | about 13 years ago | (#2432190)

That is the problem. Sometimes stego can be detected because it is more random than the surrounding data.

If you have an image and you store the encrypted message in the low order bits of the image then they will look too random when compared to typical images.

Dont use naive implementations (5, Informative)

Anonymous Coward | about 13 years ago | (#2432346)

You can use spread spectrum techniques, you dont have to use the LSB. If an image has any uncorrelated noise at all you can always make sure the signal strength of your encrypted message is below the level of that noise ... and if the encryption algorithm can produce a sequence indistuingishable from noise if you dont know the key ...

Even if... (1)

ShdwStkr (454413) | about 13 years ago | (#2432095)

it were a real, honest-to-goodness, in the wild picture, would it really be that exciting? I mean, the picture is available to the public anyways, so what _would_ be the big deal??

-Jon

Matter of opinion of course, (5, Insightful)

trilucid (515316) | about 13 years ago | (#2432097)


but I'm kinda bothered by this sort of thing, not in the way some might think. I don't have any problem at all with the research being conducted (actually I support it, good stuff!), but I hate that gobs of bandwidth are wasted by this sort of thing.

I mean, how much bandwidth is taken from companies with large numbes of images on their sites (EBay for example) as a results of stuff like this? It's not exactly something you can say adheres to purely ethical use of their bandwidth.

There's got be lots of projects out there attempting this stuff, especially given recent press coverage on the topic. Who's picking up the tab for the network usage?

Perhaps a permission-based scheme would be better, or better yet a volunteer-supported test server pool dedicated to hosting images. That way, people could test out steganography techniques by posting their images to the pool for the community at large to take a crack at. Thoughts? Flames? Oranges?

Re:Matter of opinion of course, (2)

Spankophile (78098) | about 13 years ago | (#2432131)

I'm sure the steg detection site scraper was adhering to the web server "robot" policy.

_cough_

Re:Matter of opinion of course, (3, Insightful)

saridder (103936) | about 13 years ago | (#2432157)

It's a PUBLIC internet and a PUBLIC web site. There is a "risk-analysis" companies make in doing business on and being connected to the Internet, whether it's virii, hackers and script kiddies, just plain web browses.

I admit there may be a huge glut bandwidth being used in the research, but it's just a fact of life on the internet.

MOD PARENT UP! (3, Informative)

fmaxwell (249001) | about 13 years ago | (#2432208)

I am sorry to see the above post modded down as "troll". The poster makes some very good points. Here's eBay's own 'acceptable use policy' excerpt that covers this:

Access and Interference.
Our web site contains robot exclusion headers and you agree that you will not use any robot, spider, other automatic device, or manual process to monitor or copy our web pages or the content contained herein without our prior expressed written permission. You agree that you will not use any device, software or routine to bypass our robot exclusion headers, or to interfere or attempt to interfere with the proper working of the eBay site or any auction being conducted on our site. You agree that you will not take any action that imposes an unreasonable or disproportionately large load on our infrastructure. Much of the information on our site is updated on a real time basis and is proprietary or is licensed to eBay by our users or third parties. You agree that you will not copy, reproduce, alter, modify, create derivative works, or publicly display any content (except for Your Information) from our website without the prior expressed written permission of eBay or the appropriate third party.


I think that this very clearly shows that eBay does take a dim view of these things and that such abuses of their network are prohibited. Whether it would stand up in a court of law is another matter, but trying to predict the court system in the U.S. is about as easy as winning at roulette.

Re:MOD PARENT UP! (4, Funny)

ethereal (13958) | about 13 years ago | (#2432265)

But, eBay did grant permission for the download. Somebody's client said "GET http://www.ebay.com/image/something", and eBay said "OK, here it is, catch!". If they didn't want to spend the bandwidth to send it to you, they shouldn't have done so. At no point did eBay not have a choice.

You may think I'm being needlessly literal here (and in a sense I am), but really this points out the fact that HTTP isn't a suitable protocol to use if you want to shape and/or limit your traffic in certain non-basic ways like eBay does. Not that I'm in favor of traffic limitations, though - anyone who can type a /. comment in less than 20 seconds will agree with me there :)

Publicity from first search salted the earth (4, Insightful)

DrXym (126579) | about 13 years ago | (#2432101)

Given the publicity that the first stego search got, I wouldn't be surprised if you ran the test again that it would find thousands of stego messages out there.


No doubt a fair proportion of them contain spook words too.

Re:Publicity from first search salted the earth (1, Interesting)

Anonymous Coward | about 13 years ago | (#2432227)

Given the publicity that the first stego search got, I wouldn't be surprised if you ran the test again that it would find thousands of stego messages out there.

[admittedly OT, but the poster should be corrected, lest people think him silly in the future]

You use the phrase "salted the earth", which means the opposite of what you seem to think it means.
Think about it -- did the Romans salt the earth around the ruins of their long-time enemy Carthage to make things grow?

Perhaps you were looking for some phrase containing "seeded" or "sowed," which would more accurately suggest fertility.

It cannot wok in general. (1, Interesting)

kptBlaha (522498) | about 13 years ago | (#2432108)

I do not know anything about steganography but I think that there is no general method to find a message hidden in a picture. If the length of the message is small enough compared to the length of the picture and the picture has some random noise in it (like every photography has). A typical GIF contains tens of thousands pixels. Assume that I want to hide a short message (50 chars 5.5 bits per char ie 275 bits in total) it means that I must add a single bit of noise to one of 40 bites of data. How can anyone find that? And what if I add the noise myself? I mean somethig like one-time pad cipher.

Re:It cannot wok in general. (1, Troll)

uradu (10768) | about 13 years ago | (#2432140)

> I must add a single bit of noise to one of 40 bites of data

How many bytes are there in one of your bites though?

Re:It cannot wok in general. (1)

kptBlaha (522498) | about 13 years ago | (#2432200)

I won't pretend that I can do Arithmetics. Image has 10000 bytes (8bits each). I suppose that I cannot afford to change more than 1 bit per byte, otherwise the image gets spoiled. (I know nothing about steganography). Thus I have capacity 1bit per 1 byte. Then 10000 / 275 is about 40. I have to change one of 40 bytes / bites.

How do I create Steganographic Files? (1)

justanyone (308934) | about 13 years ago | (#2432110)

Has anyone done this personally? I'd love to do this - has anyone out there tried it?

Do the tools cost money? Are they easy to use?

Any experienced people, please respond...?

Re:How do I create Steganographic Files? (2, Informative)

kptBlaha (522498) | about 13 years ago | (#2432141)

Just type "steganography" to Google or Altavista.

Re:How do I create Steganographic Files? (0)

Anonymous Coward | about 13 years ago | (#2432145)

Well, you could try typing "Steganography" into Google and seeing what came up ...

In the wild... (1, Funny)

Anonymous Coward | about 13 years ago | (#2432123)

I'm trying to picture this image leaping about the Serengeti, grazing amongst the gazelle, and fleeing from lions...

DMCA (5, Funny)

Spankophile (78098) | about 13 years ago | (#2432124)

For you 'merkins out there, as long as you own the copyright on the information you "hide" in pictures, wouldn't it be illegal for people to circumvent the protection you used to hide it (i.e. steganography etc)..


Unless of course they have a warrant, or the US government implements some more 1984 laws.

where did they find teh image ? (1)

hack0rama (253610) | about 13 years ago | (#2432139)

Reading the links , I was not able to figure out whether they found the image during their search of random images on the web ?

Or did they use the known image from the ABC show and decoded it ?

Its less interesting if they already knew about the image, than to have found one out of millions of random images.

hidden messages (0)

GreenBugsBunny (160180) | about 13 years ago | (#2432149)

The problem with looking for hidden messages is taht you can apply some algorithm to any set of bits to generate any message. It's all about how the bits are interpreted.

Slashdotted... (-1, Troll)

Anonymous Coward | about 13 years ago | (#2432154)

but Google snarfed it up pretty quick. You can see it here [google.com] .

bleh (-1)

teknopurge (199509) | about 13 years ago | (#2432158)

it is I! the TROLL!!!

My Prediction (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2432164)

Next someone will find some of the fictional "Super Heroin" that ibn Laden was planning to unleash on America. This despite the facts:

  • Potency can never be greater than 100%
  • The drugs are smuggled from the country of origin in their purest form. This minimizes volume and should decrease the likelihood of getting busted. This is according to our D.E.A. So, how could potency be further increased?
  • Afghanistan was the largest producer of opium until the most recent drought started four years ago. Now it is Columbia (according to the Cocaine Import Agency)
  • The unanimous consensus of all gov/non-gov watchdogs (even our D.E.A.) is that the Taleban has virtually eliminated opium production
  • Opium is planted during late fall and harvested during late spring. Keep in mind the worsening drought and lack of irrigation systems. There is no opium in Afghanistan from which to produce heroin. The Major Media® seems to not have a clue
  • The largest opium-producing country in the region is Uzbekistan (sic), which has become a base for American troops. During the VietNam war, we used Laos and Cambodia for our troop bases and smuggled opium all over the place. History has a way of repeating itself
  • All experts (medical and non-medical) I have consulted see the whole "Super Heroin" scare as the most preposterous drug scare to date

My Aunts were confused by the ABC news coverage (2, Interesting)

Dr. Manhattan (29720) | about 13 years ago | (#2432169)

I was over at my parents' house on Oct. 6th and, of course, Sept. 11th came up. I tried to explain how stupid the notion of encryption with backdoors was, and how there had never been any verified case of messages hidden in images on the Internet.

Two of my aunts mentioned the coverage on ABC [go.com] . They thought that the demonstration images shown had actually been found and related to the terrorist strikes. I didn't actually see the broadcast, but the two ladies involved aren't stupid. It must have been pretty misleading coverage to give them that impression.

Did anyone actually see the story when it was broadcast and can comment on it?

Right after I heard about this... (0, Redundant)

Cap'n Crax (313292) | about 13 years ago | (#2432172)

I thought about putting stego images in all of my pictures in eBay auctions. You know, something like:

"BID!! Bid Higher!! You know you want to!! Don't let that other guy win!!!!"

Easynews (1)

Tru7h533K3R (528534) | about 13 years ago | (#2432178)

I wonder if they have tried subscribing to a service such as Easynews.com that catalogs every image file found in most newsgroups and saves them for usually ten days. I would imagine that would be a good place to look. If they dont find anything at least they'll have the start of a great pr0n site

And this proves what, precisely? (5, Insightful)

Simon Brooke (45012) | about 13 years ago | (#2432180)

They search for steganographic images on eBay and have found none. Quel surprise.

Eventually they get told that yes, there is a steganographic image on ABC, and they look at it, and guess what? They prove that it is a steganographic image and they can really desteg it. Quel surprise!

Of course, this particular image was very simply constructed as an example for a mass entertainment news channel intended for a general, non-specialist, audience. It was not constructed by someone concerned about secrecy or desperate to conceal a secret message. On the contrary it was constructed using handy, freely available steganographic image tools, not special purpose custom written ones.

Great!

This doesn't prove that there aren't staganographic images on eBay which their software can't detect. It doesn't prove there aren't steganographic images on alt.sex.binaries.fluffy-bunnies. It doesn't prove there aren't steganographic images on your favourite pr0n site.

It doesn't even prove that some spook agency somewhere can't detect all these steganographic messages, desteg them, and read the payload. All it proves is that these two academics can only detect a steganographic image it they're told where it is and what it is, and even then only if it's produced with a small range of well known, freely available tools.

Incidentally, there is a steganographic payload in this post. Care to scan all Slashdot posts for steganographic payload? All Usenet? No, thought not.

Why Steganography? (1)

Ferrule (82308) | about 13 years ago | (#2432181)

Why bother with all this crap? If terrorists wanted to communicate, they would just browse to a webserver which could be anywhere, get the info they need and get out.

They would likely have a code, maybe use wiki, or forum software, even a java irc client..

Do this from an internet cafe and they're laughing..

What am I missing?

Distributed Computing Project? (3, Interesting)

idonotexist (450877) | about 13 years ago | (#2432193)

Recently, I have been frustrated by 1) not really doing something (other than donating) related to the recent events, and 2) the government's accusations that technology is actively utilized for terrorism without providing an example.

Considering the importance of this project and the number of images provided on the web, would it be possible for this project, or maybe another, to go to a distributed computing model (@home) ?

Computing power (3, Interesting)

Anonymous Coward | about 13 years ago | (#2432223)

How much computing power does this type of decryption/investigation take? How much would it take to examine the large (ie > 1M) pictures? If it takes a non-trivial amount of computing power, it sounds like an excellent candidate for a seti-at-home or similar project: "Help us fight terrorism: download this program and help us crack images"...

Wow! That is amazing (4, Funny)

ellem (147712) | about 13 years ago | (#2432228)

I looked at that picture for hours and I couldn't see those B-52s

I just kept staring at it and staring at it....

News!: #@ +4 ; Interesting @# (0)

Anonymous Coward | about 13 years ago | (#2432238)

Iraq.

If they're searching... (1)

Mu*puppy (464254) | about 13 years ago | (#2432269)

...maybe I should make my own stegangraphic message.

Just imagine: you find a pr0n pic with a stegangraphic message. You decode it and find......
a picture of Janet Reno! ARRRRGGGHH!!

Information *hiding* (2, Interesting)

tmdybvik (70460) | about 13 years ago | (#2432300)

Just one little thing that seems to be easily forgotten...
The purpose of steganography is information hiding . An information hiding method that reveals more than random noise to an observer is broken. The only thing that can be deducted from a properly encoded steganographic message is the presence of (seemingly) random noise modulated on top of an information carrier. Claim: Encryption is a requirement in order to properly implement information hiding, otherwise one simply ends up with two images/message on top of each other.
There is no way anybody that is serious about information hiding (and we all know who that could be...) will resort to simply mixing two picture sources using [choose your favourite modulation scheme here].
This is also why it is so easy to detect and remove a known watermark from documents. (And certain unknown ones as well, as demonstrated by Felten & Co)
So, while scanning the net can be useful for detecting broken applications of steganography, it will hardly reveal interesting information. (note: "Application" here refers to "method" or "usage" and not necessarily to the software performing the modulation.)

Hey dorks! (0)

Anonymous Coward | about 13 years ago | (#2432335)

Why don't you try POSTING LINKS THAT WORK!

Well.. (3, Insightful)

mindstrm (20013) | about 13 years ago | (#2432337)

the reason they 'cracked' the key was obviously because it wasn't really encrypted.

Any real stego you wanted to hide would also be encrypted. Strongly. So all you would find is noise.

If there were a hidden message in every image.... (1)

vtechpilot (468543) | about 13 years ago | (#2432355)

Makes me want to write a script that periodically scans my drives and drops some stego garbage into each file that doesn't already have some. Would Spy Agency X really find it worth while to crack every jpeg out there when 99.9999% of them contain useless garbage? Whoopee! lets feed Carnivore to death!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?