Slashdot Mirror
The Rise of Steganography
The engineers and nerds who still run the Tech Nation generally keep their noses to the grindstone. They're disinclined to ponder the long view when it comes to developing new technology, preparing for the many public-policy issues surrounding the things they create.
And policy and technology collide all the time, from the building of the Interstate Highway to the space program to the Net. Three particular hot points emerge, when it comes to civics and technology: security, privacy and intellectual property. Naturally, there's very little rational public or media discussion of any of them, beyond hysteria about violence, cracking, theft and porn.
Steganography is the means by which two or more parties may communicate using invisible communications -- even the act of communicating is disguised. This sort of Information hiding -- as opposed to traditional cryptography -- could upend conventional wisdom about copyright, intellectual property and control of data online. The very idea of digital information hiding is almost bitterly ironic: The Net is the most open information culture ever, yet encroachments by corporatism and government are spawning an entire movement and discipline devoted to new techniques for hiding rather than opening data.
Some parties already understand the import of this struggle. Several weeks ago, academic SDMI (Secure Digital Music Initiative) researchers canceled a presentation they'd planned at the Fourth Information Hiding Workshop in Pittsburgh. The reason: pressure from the Recording Industry of America (RIAA), concerned that the release of data about advances in watermarking would undermine its long, expensive and still largely unsuccessful efforts to shut down free music on the Net.
Last week, Declan McCullagh of Wired News reported from the conference that Microsoft has developed a prototype system that limits unauthorized music playback by embedding a watermark that remains permanently attached to audio files. (Note: A conventional watermark is a normally invisible pressure mark in expensive paper which can be seen only when the paper is held up to a strong light. Digital watermarks are embedded in computer files as a pattern of bits which appear to be part of the file and are not noticeable to the user. These patterns can be used to detect unauthorized copies.)
During a security panel, reported McCullagh, a Microsoft research scientist demonstrated how the hidden copyright infringement fingerprint is so securely affixed to the audio that it remains intact even if a song is played aloud on speakers in a noisy room, then re-recorded. If the recording industry begins to include watermarks in its song files, Windows would refuse to play copyrighted music that was obtained illegally (as defined by the Digital Millenium Copyright Act, written by corporate lobbyists, enthusiastically passed by a Congress besotted with corporate money, and signed by a pliant President Clinton two years ago).
Every few years, the war over control of information online seems to escalate. Cryptography suddenly became critical when businesses started to buy and build networked computer systems and people began exchanging money online. Viruses and other epidemics gained widespread national attention once substantial numbers of computer users began trading programs. When the Net exploded, manufacturing firewalls became an industry.
Now the digerati are making a lot of noise about collaborative filtering and blocking and discussions systems, from weblogs to blogs to other peer-to-peer systems, but steganography is a vastly more significant development. Information Hiding, driven by the most significant policy issues of the Digital Age -- privacy, copyright protection and state surveillance -- is the battleground. It comes as the stakes rise in the conflict between proprietary and open information systems.
This week, according to the New York Times, Microsoft will unveil a broad campaign to counter the open source and free software movements, arguing that it undermines the intellectual property of nations and businesses. The campaign, says John Markoff in the Times, is part of Microsoft's new effort to raise questions about the limits of innovation in open-source approach, to advance the idea that companies who embrace open source are putting their intellectual property at risk. In this context, as the battle lines around content and property become clear, the role of Information Hiding grows more critical.
During much of its growth, the Net escaped the attention of government and politics. That's hardly the case now. Federal law enforcement agencies want the right to track information online. Businesses are terrified about the rise in free and shared data. In the Corporate Republic, business and government both grasp the essence of copyright, security and privacy issues. The war over free music has, almost from the first, been the aspect of this Information Age conflict most visible to the public, a testing ground for new technologies and applications that bring new threats and spark the reinvention of new protection philosophies and mechanisms.
Corporate lobbyists have successfully advanced the idea -- via an expensive, sophisticated media and political campaign -- that new laws and initiatives (from the SDMI to the Sonny Bono Copyright Act to the Digital Millenium Copyright Act) -- are necessary to protect intellectual property from pirates online. It's not so simple. These laws, some horrific in their impact on free speech and the fluid movements of creative works, primarily protect corporate revenues, not intellectual freedom or the rights of creators and artists.
Hiding information in modern media, sometimes in plain sight, has cropped up in music and DVD battles, especially regarding DeCSS, the program developed to allow the descrambling of DVD movies. (The writers of the program reverse-engineered the CSS scrambling methods that the Motion Picture Association of America uses to prevent DVD's from playing on unlicensed player.)
There's little published material about steganography, and what has been written costs a fortune. Information Hiding: Techniques for Steganography and Digital Watermarking edited by Stefan Katzenbeisse and Fabien A.P. Petitcolas, published by Artech House, costs nearly $100. But for anyone whose future work in the future involves information, privacy, security or copyright, you couldn't spend the money more wisely. Steganography manuals may be essential tools of the hacker nation in the coming years, as they fend off corporate and government regulations and intrusions.
The book provides an authorative overview of steganography and digital watermarking. Steganography, the book explains, studies ways to make communication invisible by hiding secrets in innocuous messages, whereas watermarking originates from the perceived need for copyright protection of digital media.
Until recently, traditional cryptography received much more attention in the tech world, but that's changing quickly. The first academic conference on stenography took place in l996, driven by concern over copyright and the growing corporate panic over the ease of making perfect digital copies of audio, video and other works. Katzenbeisse and Petitcolas have assembled reports that describe the new field of information hiding and its many possible applications, and describes watermarking systems and digital fingerprinting. The book also talks about the increasingly complex legal implications of copyright.
Anyone interested in the future of open media, or in issues related to privacy, copyright or security, will be particularly mesmerized by the chapter "Fingerprinting," written by John-Hyeon Lee. In this context, "fingerprints" are characteristics of an object that tend to distinguish it from similiar objects. The primary application of digital fingerprints is copyright protection. The techniques Lee describes don't prevent users from copying data or works, but they enable owners to track down users distributing them illegally.
Since corporate lobbyists have re-defined what is and isn't legal when it comes to copyright in the 21st Century, this kind of fingerprinting has stunning civil liberties implications. This technology goes well beyond the software programs tracking Web use and pages; it gives governments, lawyers and corporations a way to follow and identify, thus control, almost every kind of digitally transmitted information. Fingerprints can also be used for high speed searching.
"Fingerprinting," writes Lee, "is not designed to reveal the exact relationship between the copyrighted product and the product owner unless he or she violates its legal use. Compared with cryptography, this property may look incomplete and imprecise, but it may appeal to users and markets." It sure will.
Fingerprinting may not be designed to reveal relationships between copyrighted products and owners, but there's no reason it wouldn't be used for that purpose. That seems inevitable given the high priority billion dollar media and entertainment conglomerates have put on enforcing copyright online.
Information hiding arises against a backdrop of growing confusion and confrontation about security and copyright, which has no global standard. In China, intellectual property is owned by the state. In the United States, copyright is being redefined by corporatists to grant businesses total contol over ideas in perpetuity, a perversion of the original American idea, which was to give creators and the public both acess to intellectual property, never intended to fall exclusively and in perpetuity into private hands. How can these legal and technical applicatiions be handled rationally, let alone democratically, when every country that hosts the Net sets different standards for privacy and security?
Different cultures not only have radically different notions about copyright, but view culture itself very differently. What the United States considers pornographic might be perfectly acceptable in saner countries like Holland or Finland. Conversely, what is protected as free speech here isn't protected at all in much of the world.
So Information Hiding becomes politically important, as well as technologically central. Steganographers may ultimately decide whether movements like open source and free software can prosper and grow in the face of well-funded and organized attacks by corporations like Microsoft and industries like the record companies. They may give music lovers a way to defy powerful corporations and retain the right of access to the culture they've experienced freely for years. They may preserve the idea of security against state surveillance, intrusive educational systems, or even the private businesses forever collecting personal data.
It's not a huge stretch to say that steganographers may determine whether the Net -- and much of the data that moves through it -- stays free or not. All the more important to understand what they do.
Have you notice that the funding for public libraries has been decreasing? And that licenses are being written that make it illegal to lend works of art? And that textbooks are including essential components on an included CD (so that they'll be covered by the DMCA)? And that there is talk of putting an expiration date on new media, so that you won't be able to play it after it's pull date?
This is no minor issue. At all. My suspicion is that it will be some country that doesn't fall into this morass that becomes the next world power, if anybody manages to escape.
I have some 7-track 200 BPI tapes on 10.5 inch reels. Can you read them? What about my 6250 STP encoded tapes? If you can't copy something to new media, it DIES!
Caution: Now approaching the (technological) singularity.
I think we've pushed this "anyone can grow up to be president" thing too far.
Full doc
Want Root?
For those wanting more information on stego check out the following link which I found to be one of the most informative. Outguess is probably the top of the line Nix stego program I've found (FYI) and you could see its output here (Statue of Liberty pics)
Personally I think this will piss off Big Brother more than it would Corporations, since it'd be extremely hard on a system to encipher a 700mb video clip into a picture so the stego comment seems off the mark to me where Napster or SDMI is concerned Watermarking yes stego a music file... Sure and $AUTHORITY_FIGURES will believe that pr0n picture is supposed to be 500mb in file size.
As for digital watermarking... Please see this prior post on this subject.
Want Root?
We need to use this to OUR advantage to make sure that we, the citizens of the world, keep control instead of the Corporations and Governments.
--Mike--
The problem with this and many of Katz's other editorials is that while they profess "insight" they usually offer nothing more than spun spin that lacks depth and insight.
This is a perfect example. The *rise* of steganography?
Come on. Just because it's new to Katz doesn't mean that it's *new*.
Steganography is a fundamental part of encryption. There's neither nothing "new" about it nor anything that indicates -- BANG! out of nowhere! -- that it's on the "rise."
SDMI watermarking in particular may be new but the general concept is not.
Moreover, most of Katz's essays feel like they're the result of getting a "review copy" in the mail. Katz gets a free book -- maybe reads the whole thing, skims it, or just reads the last few chapters -- and then writes an essay.
For Katz, everything is new, earth-shattering, revolutionary, and dangerous. We're always all living at the beginning of a revolution.
The web revolution.
The computer revolution.
The napster revolution.
The corporate revolution.
The democratic revolution.
I could go on, but you get the point. Katz's vision often lacks coherence from one essay to another. In essay #1 the web is revolutionary. In essay #2 napster is revolutionary.
Well, which is it? I mean, is every new piece of software revolutionary? Is every new technological advancement revolutionary? (And who's to say what qualifies as an "advancement?") And if *everything* is revolutionary then doesn't that mean that nothing, really, is revolutionary?
The final point is Katz's arrogance. He will not respond to posts. Period. Katz's uses Slashdot as a mouthpiece but doesn't join in the chorus of voices. It's an arrogance that I find quite stunning -- and something that I'm surprised more people don't find offensive.
Maybe this is flame-bait. I don't know. Moderate me down. Go ahead. It's a troll. It's a flame. It's just, er, not nice. The idea of arrogance, yes, borders on an ad hominem attack and is probably not in the spirit of Slashdot.
But I can't close my eyes to the irony. Katz sees himself as a critic -- spokesperson, perhaps -- of the revolution. Of all the revolutions, you name it.
But in essence -- and I think this is a fair assessment -- he's a un-revolutionary as they come. His editorial distance is as distant as stand-offish as anyone in the mainstream press. He won't participate in the Slashdot community except to offer his "critiques" ex cathedra.
And then what? They waft off into the ether. He sees his mission as an instigator. I'm sure he prides himself on his ability to get his Slashdot audience to "talk." For this he is paid and patted on the back.
But if he wants to be a revolutionary -- if he wants to join in a real revolution -- then he should communicate with his readers. Be the author who responds. Not the traditional author divorced from his/her "voice".
This is the revolution, Katz -- the ability to utilize technology to subvert the cultural hegemonies of traditional authorship.
I wish people would stop spending their time on Slashdot trying to prove others wrong, and instead perhaps try and give their own insight about a certain topic. It would definitely make for a much better experience.
I think it's great that Jon Katz organizes his thoughts and the facts on various topics that are extremely relevant and interesting, and then publishes them for us to read and think about. Unfortunately, too many readers of Slashdot have such low self-esteem that they feel it's necessary to put others down out of sheer envy of their intelligence, knowledge, or wit.
Well, that's the end of my thought. Here ya go trolls and flamers, have fun replying to this one.
: - (
If you celebrate Xmas, befriend me (538
"Back in the day," there really wasn't much in the way of corporate participation on the net. The Internet (and later, the web), made it possible for me to freely distribute information. It also made it possible to consume information that other people were producing and freely distributing. Even operating systems can be passed around. Hooray!
Okay, now there is a large commercial presence on the web, and these people don't really want to distribute things for free. They want to maintain control over the content that they spent ass-loads of money creating and promoting. So they use things like watermarking and encription. Boo!
Now, how much does the presense of these companies ruin my ability to use the web the way I always did before they arrived? Zero.
Sure, I can't steal their content from their distribution systems... but I couldn't do that before their distribution systems arrived on the net, either.
As long as I don't want their music, pictures, software, etc. What they do to control that content means nothing to me. (And if I do want it, I should either pay the price they are asking. If I think it is overpriced, I should produce something just as good on my own.)
All those academic and philanthropic sites that we remember from the "good ol days" of the web are still there, still free, and still useful. The addition of less-free sites does not make us less free.
Information wants to be anthropomorphized.
If you're hiding information in a picture of a giraffe that you pass back and forth with your co-conspirator, you'd better have a good reason to be passing pictures of giraffes back and forth or it will be just as conspicuous as if you were sending a random-looking stream of encrypted bits.
Further, you'd better have a good stash of source materials, rather than just some ol' picture you got off the net - otherwise, it would be easy to use an image search tool to find the original source image, diff the two, and get out the "secret" bits.
OK,
- B
--
http://www.bradheintz.com/
- updated
"During a security panel, reported McCullagh, a Microsoft research scientist demonstrated how the hidden copyright infringement fingerprint is so securely affixed to the audio that it remains intact even if a song is played aloud on speakers in a noisy room, then re-recorded. " I've now read this in three or four different places, and I'm sorry, there's a raucous technical problem in there. While this might be feasible as a lab stunt, a watermark that's usuable even after several A/D and D/A conversions cannot help but be apparent to the listener, and if it's that apparent, the content will be rejected by the listener regardless of the technical advantage to the content creator. This isn't a situation like those shareware PrintShop clones that stick their logo in the background to remind the user they're just "evaluating" the content or the tool, they're going to try to embed this in content they expect people to pay for. Think about this, based on your experience with MP3 and Napster. Lemme guess, those of you with dialup connections gravitated toward the 96kbps or 112kbps rips initially because they're small, right? Then you found out that they sounded (mostly) like crap, so you went for the 128s and then the 160s, and if you're hardcore the 192s and 256es. If the listeners can hear ANY artifact in recordings that interferes with listening, they'll reject it eventually. And any watermark obvious enough to survive a trip through speaker cones, air and microphones would have to be obvious enough to be heard by consumers. And of course, if it's THAT obvious, it'll be a cinch to write tools to identify and obliterate it. This is a loser all the way around. Turtle
---------------------------------------
---------------------------------------
Rotate the pod, please, HAL....