Friday, February 5, 2016

An introduction to Steganography

Answers to Reader Questions: Steganography
"Can you explain steganography in an way that makes sense to someone who doesn't understand cryptography?" 

Well, we'll do our best!

Steganography is one "old school" method of transmitting messages. It means “hidden writing”. Steganography in the digital age involves hiding a message within the data of a picture or other file. Consider if you will the 256 color palette (for simplicity's sake). If each pixel is definable as one of those colors, one can alter the color of individual pixels to “write” a message. The intended reader needs a means then of comparing an incoming picture (for sake of argument, let's say of a cat) to an original. The difference is the message.

Modern day steganographers have a plethora of programs to combine messages with pictures. Steg hide is a free repository of programs for Linux and Windows machines. Drupal Gardens is an additional place where one can explore steganography. I do not warrant or make any recommendations, nor carry any responsibility for what you do with steganography. You can send cat pictures, or clever anagrams to one another. The way to understand the limitations and mechanisms is by actually getting into the heart of the matter yourself. It is not terribly difficult to do, at any rate.

If you are on the other side of the equation, and you can try here to seek out what steganographers are hiding. Stegdetect is an automated tool for detecting steganographic content in images.

(example auf Deutsch, but the video gives you an idea how this works)

After all, nothing is perfect and what can be hidden can be (usually) found. Through the use of algorithms, one can winnow out files that likely contain examples of steganography. Other tools that may interest the steg-curious.

The mass of data online regarding steganography is truly staggering. It appears to me that much that is out there is by people who are not native speakers of American English. This is not that hard a hurdle to deal with. I suggest this youtube link, as it is more of an undergraduate level discussion that covers history and mechanics of steganography by someone with native fluency in American English:

Steganography is not limited to embedding text in images. Any combination where data is hidden within other data can be used. In this youtube clip, a fellow (again, non-Western, non-native English speaker, sounds Eastern European) embeds text in audio files: This is very clever, indeed.

Steganography is problematic in that if you are not the intended recipient, you are pretty much then going to have to screen ALL files, triage them and spend your valuable, limited time on the most promising. It is akin to hiding a few grains of sand on the beach, but you have to look at all of them to be sure you did not miss one.

Steganography is made even more problematic if file subjects are popular, like “cats”.

It is obvious after a little pondering that steganography can exist in pretty much any file type. It can even be analog, if you use some imagination.

The topic of steganography is an interesting one and deserving of your time and bandwidth. If for no other reason than to understand just how it works, to expand your technical knowledge... but mainly, to de-mystify what may be presented in the news by the talking heads as something scary. It is said that fear is the mind killer, I hope that in writing this very brief article that I have provided enough information to get you started on your own program of self-education on this topic.

Thanks for visiting, reading and hopefully sharing with others.  Purchasing books or completing other shopping needs through our Amazon portal is greatly appreciated and helps us get our message out to educate more people!  You can follow us on Twitter @stopshoutblog or email us or donate through PayPal.  Questions, comments and concerns always welcome! All comments are moderated, but will post when we have time to review and release them.


Arkindole said...

Oddly, the movie "Contact", from Sagan's novel, popped into my mind; for people to watch and get a roundabout notion of the concept.

And, I miss Sagan (and what he would do to global warming "scientific thought").

Anonymous said...

Two things if you don't want your message detected simply by someone trolling:
1. keep it short relative to the image file (so you are hiding less needles among more hay)
2. use an image file that has never before been seen on the internet (so they can't compare your image to another copy of it). In other words take a picture and use it.

Pictures also have metadata that go with them - date and time, place if GPS, or kind of camera used. Your camera deposits these things on the file, and there is a way to scrub them from the file with software. If someone is looking for photos taken by you because they are already onto you, ditch the metadata.

Audio files with stego messages tend to sound a little grainy. It's easier to fool the eye than the ear. So I would imagine an audio file that already sounds kind of noisy or "grainy" like rain or a recording of a truck dumping gravel might work better than, say, Mozart, for this application.

Anonymous said...

Sagan lied about nuclear winter: the European cities burning during WWII was not too different from a nuke attack, yet there was no cooling effect. If he lied about that, who knows if he would have also lied about global warming because he liked the political results.

Fidel said...

Sagan invented the entire nonsense of 'nuclear winter' so he'd be onboard with AGW in a big way....

Unknown said...

Amen my commy named brotha, Sagan made up Nuke WINTER, HE ADMITTED IT, YOU CAN KEEP SAINT SAGAN....