Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Finds Low Use Of Steganography On Internet

Posted by timothy on from the maybe-it's-just-not-on-ebay dept.

schnippy writes: "New Scientist reports on new study from the University of Michigan that argues that steganography (the science of obfuscating communications) is not in wide use, or at least not on the 2 million images they scanned on eBay. Earlier this year, USA Today reported that Bin Laden was using steganography to disguise his communications. Full study is available here. Wonder how long before someone sets up a distributed computing client to help search for Bin Laden's secret communications? :p" Niels Provos' research was mentioned in Slashback not long ago, and this article is based on the same research.

18 of 291 comments (clear)

  1. Isn't that the point? by datawar · · Score: 4, Redundant

    The whole point of stenography is that people CAN'T spot the fact that you're using it!

    1. Re:Isn't that the point? by dachshund · · Score: 5, Interesting
      The whole point of stenography is that people CAN'T spot the fact that you're using it!

      To elaborate... The whole point of good steganography is that people can't easily spot the fact that you're using it. If you use some common freeware steg. programs, people'll have no problem detecting it-- these programs make very little attempt to hide their trail if the files are carefully examined. In any case, except for the nefarious use by criminals, or a few people having fun, there's no reason to use steganography very much. The hope is not to be detected when you do use it.

      As an aside, one imagines that with the hundreds of millions of dollars Bin Laden has access to, he can afford to create some half-decent steganography procedures... Perhaps using one-time-pads to conceal the data as noise.

    2. Re:Isn't that the point? by Jburkholder · · Score: 4, Funny
      >...stenography ... people CAN'T spot the fact that you're using it!

      but doesn't that wierd little typewriter usually tip everyone off?

    3. Re:Isn't that the point? by 4of12 · · Score: 4, Insightful

      There hasn't been much need for steganography so far.

      But if encryption is outlawed, then steganography will enjoy considerable growth as people find that the only way to secure their data is to hide the fact that they are doing so.

      With regards to Bin Laden, I continue to maintain that his use of high tech is overstated. (But making such statements is probably a great way to get government funding for fun stuff, make it look like "we're doing something", etc.)

      Low-tech means of infrequent verbal communications, not in Western language and frequently not conducted over electronic means, are more than sufficient to hide covert activities.

      Yeah, I can just see ObL and his gang firing up the diesel generators in their rural Afghan camp, setting up their satellite cell phones to upload and download complicated set of instructions that have been steganographically encoded. Give me a break. There are easier ways for him to communicate that are far less risky.

      --
      "Provided by the management for your protection."
  2. steganography or stegnography? by Anonymous Coward · · Score: 4, Flamebait

    i think the extinction of the dinosaurs wiped out steganography; the mysteries of how the stegasaurus learned to write with its' tail will never be known to any of us...

    1. Re:steganography or stegnography? by Jburkholder · · Score: 4, Funny

      You know, I read that as stenography and wondered just how bin Laden could possibly use court reporters to hide his communications.

      I learnt a new wurd tuhday!

  3. How do they know? by andy@petdance.com · · Score: 5, Insightful
    How can they know that the 2E+09 images on eBay don't contain hidden messages? They might not have detected them, but that doesn't mean they're not there. Perhaps these damn terrorists (gasp!) made their own software!

    And who says that you have to post images to send a message? Maybe posting a baseball card for sale means that a cell is to attack on the day that the auction closes. A Sammy Sosa card means we fly into the Sears Tower; a Thurman Munson card means the WTC. The starting bid is the price is the time at which it's to happen.

    The whole point of steganography is that the outside world doesn't even know what your encoding system is, much less be able to decipher it.

  4. This is naive by scorbett · · Score: 5, Flamebait
    According to the details of their study, they took images from Ebay and scanned them for steganographic content using statistical analysis. Out of the two million images they scanned from Ebay, they determined that about 17000 seemed to have steganographic content. They then used a dictionary attack to try and extract any encrypted messages that may be contained within. They failed on all 17000 images. Their report indicates one of three possible explanations for this:
    1. There is no significant use of steganography on the Internet.
    2. Nobody uses steganographic systems that we can find.
    3. All users of steganographic systems carefully choose passwords that are not susceptible to dictionary attacks. (emphasis mine)
    In response to number 3, I'd like to say, "well, duh". Anyone clever enough to transmit messages via steganography is not going to be stupid enough to potentially compromise themselves by choosing a simple password.

    But beyond that, this search is limited to one small part (Ebay) of the entire Internet. There are certainly many other places where images can be transmitted inconspicuously (certain usenet groups come to mind).

    To me, this seems like a "feel good" story designed to put people at ease. It has little actual merit.

    --
    www.scorbett.ca
  5. Why Ebay? by jandrese · · Score: 5, Interesting

    Ebay seems like a poor choice for stenography. First off, you have to actually sell something to get a picture on Ebay (IIRC), and I doubt the terrorists are going to want to bother with having buyers on their back all the time.

    It seems to me like it would be much easier just to set up some random Geocities site with text like:
    Hi, I'm Lisa Smith and this is my site about me and my 10 cats!
    Then include several pictures of 10 different cats, including some with covert information. If you need new information you can reencode some of the pictures and reupload them. Other messages can be sent by subtly changing the HTML (adding and deleting extra spaces for instance).

    I still can't figure out why they thought the images would be one Ebay.

    --

    I read the internet for the articles.
  6. e-Bay? by gus+goose · · Score: 5, Insightful

    Apart from the fact that by default, good steganography should be undetectable, it appears that e-bay is a poor site to use. By default, the user posting a sale has to exist in some manner, unless a new identity is created for each item to be sold - which makes sense, but the bottom line is that it is a pain to keep creating e-bay accounts, and making up e-mail addresses.

    Something on the newsgroups would be a much better place to look. the alt.binaries.pictures.* areas. Almost total anonymity.

    If I were to want to communicate this way, I would avoid e-bay.

    gus

    --
    .. if only.
  7. Re:is it just me, or... by Erasmus+Darwin · · Score: 5, Insightful
    "With so many other more effective and simple methods of encryption (read: PGP), why would anyone go to all the trouble?"

    You're comparing apples and oranges. Steganography isn't encryption -- it's concealment. If I send a PGP-encrypted message, regardless of whether or not they can break it, every eavesdropper knows that I just sent a PGP-encrypted message. If I use stenography to hide a message, an eavesdropper might miss the message, but would be able to decode it if it's discovered. If I use both, it's a win-win situation.

  8. I can help by ellem · · Score: 5, Funny

    there has been speculation that Osama Bin Laden has hidden messages in pornographic images posted and swapped on Usenet

    If they posted in alt.binaries.erotica.veils or alt.binaries.erotica.bondage.camels between 1990 and 2001 I have every .jpg, .mpg, .avi, .bmp, .pcx, .mov and .html file ever posted. Also I have every .txt, .doc file from alt.stories.erotica.camel.

    --
    This .sig is fake but accurate.
  9. Re:Face it by Jerf · · Score: 5, Funny
    'Half of slashdot posts are encrypted evil plots for mass destruction.'

    Moderators, beware! That post decrypts to "fr15t p0st!!!" It's not a funny post, it's off-topic! Don't let your points be spent carelessly!

  10. Re:It's not always so easy to detect! by MadCow42 · · Score: 4, Informative

    I don't agree with you, actually...

    If binary "1"s are encoded as "different than original image, and 0's are "same as original image", you could change the pixel value by +/- 1 to suit the general area of the image.

    If you look closely at any scanned or digitally captured image, there's always a "noise factor", from sensor gain, etc. A value change of 1 would not be detectable due to a noise level of at least 1 pixel value.

    You could also triple your data density by encoding the R, G, and B channels separately. This could potentially be a little more noticable, but not by much. You could also encode them in different orders (rgbrgb... rrrrggggbbbb, whatever order you want) to further encrypt it.

    The only images that do not have noise are digitally created images (i.e. rendered, or drawn in a computer). Just JPEG compressing an image causes noise of more than 1 value.

    I could write a program to encrypt/decrypt like this in less than 5 minutes... the only problem I can see is distributing the "key images", which would be susceptible to being intercepted. You could always distribute them on a hard medium (CD), and trust that noone is a spy in your group. I'd probably distribute a few hundered "refrence images".

    MadCow.

    --
    I used to have a sig, but I set it free and it never came back.
  11. Hmm...research as excuse for gaming? by clary · · Score: 4, Funny
    The thought occurred to me that conspirers could meet on a FPS server (Quake, Unreal, whatever), and communicate using gestures. Perhaps shooting a rocket into the third tower from the left means let's meet at the usual place. (Note that you wouldn't want to use the chat feature of the game, since that is probably coded pretty clearly in the game's client/server protocol.) This would be an extremely low-bandwidth approach, but fiendishly difficult to detect.

    Well, now it is my patriotic duty to spend time checking out UT servers for potential terrorists!

    --

    "Rub her feet." -- L.L.

  12. another warped news story by trb · · Score: 4, Insightful
    The paper describes a system for gathering and analyzing steganography data. The researchers are smart enough to know that their methods don't find all methods of hiding text, but their framework can be used to apply whatever analytical tools you like to the images it collects.


    The point isn't "there is no steganography on the web." The point is "here is a system to look for steganography."


    In typical mass media fashion, both New Scientist and Slashdot go for the flashy story rather than the more interesting point of the research.

  13. ebay not the place to look by Captain_Frisk · · Score: 4, Insightful

    Why would you put the images on ebay? There are plenty of forums that aren't as public, and don't require as much information to register, and best of all, don't cost money.

    There is absolutely no relationship between there being no stenographic images on Ebay, and the use of stenography by Bin Laden or other terrorist groups.

    Seriously, think about where you would put your images? I would say porno boards would be the best place, possibly newsgroups. Tons of people look at porn, so the traffic wouldn't seem strange, and theres so much out there, you wouldn't even know where to look if you were looking for said stenographic images.

    As for distributed clients... I'd love to see a distributed client that started searching all the pr0n sites out there, checking them for secret messages. Could you see that popping up as your screen saver?

    Its just not going to happen.

    Captain_Frisk

  14. Jihad != terrorism by yerricde · · Score: 4, Informative

    if I was conducting a Jihad, I wouldn't trust the internet either.

    Jihad is not terrorism. In fact, the Qur'an prohibits terrorism against innocent civilians. Islam is a religion of peace, and jihad does not refer to a "holy war" but merely "struggle ... such as an internal struggle to follow Islam, a struggle against oppression, or a struggle for peace" (source:).

    --
    Will I retire or break 10K?