Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Steganographic Image Found In The Wild

Posted by timothy on from the monkeying-with-images dept.

Niels Provos writes: "After months of searching for steganographic content on eBay and elsewhere -- downloading millions of images, we were finally able to find an image with a stegangraphic message hidden in it. Stegdetect and Stegbreak made short process with it. It took less than a second to compute the secret key necessary to extract the hidden message. Two commands at the prompt, and we found the hidden message to be an image of B-52 scrapyard. Right off Terraserver."

13 of 306 comments (clear)

  1. Yeah, except for... by Anonymous Coward · · Score: 5, Informative

    What about the Evil Bert picture? We didn't seem to have the flood of Anthrax here in the U.S. until after that poster came out.

    Hidden message?

    Hidden like a fox!

    1. Re:Yeah, except for... by Anonymous Coward · · Score: 1, Informative

      thankyou.

      did anyone see the channel 4 news (UK) the other day, after the images of a flattened village?
      robin cook was interviewed, and when asked about civilian casualties replied "we have to remember that 7000 innocent civilians were killed by the terrorists".

      Think about it. The people in that village weren't terrorists. I'm glad to say that john snow (the interviewer) picked up on this and asked him "so what are the plans when the civillian casualties in afganistan reaches 7000", to which made mr cook squirm..

      On another note, if you can, i advise watching the "langdon behind the lines" (i think that was what it was called) series on afganistan which was shown on bbc 2 - made well before the sept 11 events, and very interesting indeed. it gave a real insight into the lives of people living in afganistan.

      jeffcapeshop

  2. Not exactly "in the wild" by wiredog · · Score: 5, Informative

    It was shown on ABC news during a discussion of, guess what, steganography. The key was "abc". The person who created it said that it had a message hidden in it. An image "in the wild" would be one that was found at images. that wasn't known beforehand to have steganographic content.

    --

    Best Slashdot Co
    1. Re:Not exactly "in the wild" by sulli · · Score: 3, Informative

      Right, but it was a good demonstration that their steganography detection tools work.

      --

      sulli
      RTFJ.
  3. Preview is my friend by wiredog · · Score: 3, Informative

    images.

    --

    Best Slashdot Co
  4. Is this really in the wild? by Araneas · · Score: 2, Informative
    So what we have, is an image prepare by ABC as a demonstation of how this type of steganography works. This strikes me more as an image found in the lab rather than the wild.

    What I would like to see is a truly wild image culled from the net. Unfortunately, it probably would be kiddie porn.....

    Still, the test is interesting.

  5. Re:How do I create Steganographic Files? by kptBlaha · · Score: 2, Informative

    Just type "steganography" to Google or Altavista.

  6. Re:Not a very good algorithm / implementation by cs668 · · Score: 5, Informative

    That is the problem. Sometimes stego can be detected because it is more random than the surrounding data.

    If you have an image and you store the encrypted message in the low order bits of the image then they will look too random when compared to typical images.

  7. MOD PARENT UP! by fmaxwell · · Score: 3, Informative

    I am sorry to see the above post modded down as "troll". The poster makes some very good points. Here's eBay's own 'acceptable use policy' excerpt that covers this:

    Access and Interference.
    Our web site contains robot exclusion headers and you agree that you will not use any robot, spider, other automatic device, or manual process to monitor or copy our web pages or the content contained herein without our prior expressed written permission. You agree that you will not use any device, software or routine to bypass our robot exclusion headers, or to interfere or attempt to interfere with the proper working of the eBay site or any auction being conducted on our site. You agree that you will not take any action that imposes an unreasonable or disproportionately large load on our infrastructure. Much of the information on our site is updated on a real time basis and is proprietary or is licensed to eBay by our users or third parties. You agree that you will not copy, reproduce, alter, modify, create derivative works, or publicly display any content (except for Your Information) from our website without the prior expressed written permission of eBay or the appropriate third party.

    I think that this very clearly shows that eBay does take a dim view of these things and that such abuses of their network are prohibited. Whether it would stand up in a court of law is another matter, but trying to predict the court system in the U.S. is about as easy as winning at roulette.

  8. Dont use naive implementations by Anonymous Coward · · Score: 5, Informative

    You can use spread spectrum techniques, you dont have to use the LSB. If an image has any uncorrelated noise at all you can always make sure the signal strength of your encrypted message is below the level of that noise ... and if the encryption algorithm can produce a sequence indistuingishable from noise if you dont know the key ...

  9. Detection Methods by Keeper+ofthe+Keys · · Score: 3, Informative

    Many are beginning to discredit the detection of steganographic images in the wild without learning the actual methods of detection!

    While it is very easy to change an algorithm by byte offset, this is NOT the method of detection being used.

    The method of detection exploits the characteristics of the JPEG compression algorithm to detect non-naturally occuring deviations in the image file. An example of this would be the gamma balance which is averaged over a certain number of pixels. In order to "hide" a change to a single bit, another bit would need to be inversely modified such that the balance of the image remains within or close to natural balance.

  10. Re:Not a very good algorithm / implementation by Tom7 · · Score: 3, Informative

    I think it takes more than half a brain. Some of those statistical stega ("stego"?) detectors are pretty clever, and I would imagine that my first try would be caught. I think you'd need to at least sit down and do statistical analysis in order to write a successful tool.

    Before you berate the clueless programmers, let's see your solution...

  11. Re:Matter of opinion of course, by almightyjustin · · Score: 2, Informative

    Umm...I don't think eBay actually hosts any images other than basic layout stuff. All the auction images are linked from other providers.

    --

    Omnes arx vestrum sunt adiuncta nobis.