Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Finds Low Use Of Steganography On Internet

Posted by timothy on from the maybe-it's-just-not-on-ebay dept.

schnippy writes: "New Scientist reports on new study from the University of Michigan that argues that steganography (the science of obfuscating communications) is not in wide use, or at least not on the 2 million images they scanned on eBay. Earlier this year, USA Today reported that Bin Laden was using steganography to disguise his communications. Full study is available here. Wonder how long before someone sets up a distributed computing client to help search for Bin Laden's secret communications? :p" Niels Provos' research was mentioned in Slashback not long ago, and this article is based on the same research.

3 of 291 comments (clear)

  1. How do they know? by andy@petdance.com · · Score: 5, Insightful
    How can they know that the 2E+09 images on eBay don't contain hidden messages? They might not have detected them, but that doesn't mean they're not there. Perhaps these damn terrorists (gasp!) made their own software!

    And who says that you have to post images to send a message? Maybe posting a baseball card for sale means that a cell is to attack on the day that the auction closes. A Sammy Sosa card means we fly into the Sears Tower; a Thurman Munson card means the WTC. The starting bid is the price is the time at which it's to happen.

    The whole point of steganography is that the outside world doesn't even know what your encoding system is, much less be able to decipher it.

  2. e-Bay? by gus+goose · · Score: 5, Insightful

    Apart from the fact that by default, good steganography should be undetectable, it appears that e-bay is a poor site to use. By default, the user posting a sale has to exist in some manner, unless a new identity is created for each item to be sold - which makes sense, but the bottom line is that it is a pain to keep creating e-bay accounts, and making up e-mail addresses.

    Something on the newsgroups would be a much better place to look. the alt.binaries.pictures.* areas. Almost total anonymity.

    If I were to want to communicate this way, I would avoid e-bay.

    gus

    --
    .. if only.
  3. Re:is it just me, or... by Erasmus+Darwin · · Score: 5, Insightful
    "With so many other more effective and simple methods of encryption (read: PGP), why would anyone go to all the trouble?"

    You're comparing apples and oranges. Steganography isn't encryption -- it's concealment. If I send a PGP-encrypted message, regardless of whether or not they can break it, every eavesdropper knows that I just sent a PGP-encrypted message. If I use stenography to hide a message, an eavesdropper might miss the message, but would be able to decode it if it's discovered. If I use both, it's a win-win situation.