Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacktivismo to Release Steganography Tool

Posted by ryuzaki0 on from the say-cheese-in-pig-latin dept.

Anonymonkey writes: "According to this story at , a group called Hacktivismo will release a steganographic tool called Camera/Shy at H2K2 this year. Apparently, it will make it easy for persecuted political groups to hide messages in images. The group has links to the Cult of the Dead Cow, which is, of course, working on Peek-a-Booty."

9 of 201 comments (clear)

  1. It's not the first wheel. by AftanGustur · · Score: 3, Interesting

    Will it do anything differently than the rock-solid and famous OutGuess" ?

    --
    echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
  2. Traffic analysis by AgTiger · · Score: 5, Insightful

    Sometimes it isn't the content that gives you away, it's the fact that you're sending traffic between point A and point B, and B talks to C, D, and E.

    That can be enough to tip off the wrong someone.

    Likewise, if you start sending graphic files back and forth where you USED to be sending other types of traffic, whatever entity might be watching those transmissions is likely to catch on. Let's not even go INTO how you're sending MORE data rather than less. Me, I'd be shooting for a method that breaks the communication up, sends it in with a bunch of other garbage to multi-pointed destinations at random times, strongly encrypted en-route so sender and receiver are masked...

    Oh wait, that sounds a lot like a mixmaster remailer.

    And yes, I know, mixmaster and PGP are not an option for environments where the very use of same is enough to get you drawn and quartered.

  3. Dumb, DUMB idea by splorf · · Score: 5, Insightful
    Steganography is a lot harder than it sounds. It's easy to hide a message in an image file and have the image still look normal on the screen to a casual observer. It's a hell of a lot harder to keep an opponent from detecting the message by analyzing the file knowing how your program works.

    I am afraid unless Hacktivismo is really careful and knows what they're doing, their program may get some human rights workers tortured and killed. By careful, I mean don't even mess with embedding messages in jpg images. It might be reasonably safe to embed them in audio or video streams at very low bit rates, like one bit per several seconds of 44 khz 16 bit PCM audio or mini-DV video. And even that would take sophisticated encoding to keep detection difficult.

    Reference: Security Engineering by Ross Anderson, reviewed on Slashdot a few months ago.

    1. Re:Dumb, DUMB idea by splorf · · Score: 3, Insightful
      Even if the government could detect that images or audio files were being used as a covert channel, they would be unable to break the underlying encryption. It would be vastly easier for them to just imprison and torture people into revealing their activities than to assume a technological attack.
      That's the point. In order to imprison and torture people you have to know who to imprison and torture (unless you do it to everyone). You torture people if they do things that attract your suspicion. So the idea of steganography is to avoid attracting suspicion. If the opponent figures out you're using it, you are toast.

      Cryptography is broken if the attacker can read a message, but steganography is broken if the attacker can detect the message. The consequences of either type of break are just as bad. So using detectable steganography is as bad as using weak cryptography.

      There are lots of strong cryptography programs like PGP out there, and well-informed users also know that there's a lot of cryptographic snake oil and understand what snake oil is. But many of the same people think they can blatantly mess around with GIF color tables (etc.) and not get noticed. They are wrong and they are asking for trouble. I haven't seen a steganography program yet whose use in messages isn't pretty easy to detect if you know how the program works. Steganography programs are almost all snake oil. I'd want to see very convincing evidence that the Hacktivision program isn't snake oil before letting anyone trust their life to it.

  4. You're absolutely right! by brooks_talley · · Score: 5, Insightful

    You're absolutely right. I find it dispicable that people would release programs that terrorists could possibly use, with the weak excuse that there might be other legitimate uses! I mean, if we got rid of Steganography, PGP, Linux, MS Word, AutoCAD, MS Project, Bablefish, Oracle, OpenOffice, Squid, Rogue Spear, Mathmatica, Apache, Cu-Seeme, and KSH... why, the world would surely be a safer place!

    Cheers
    -b

    1. Re:You're absolutely right! by Anonymous Coward · · Score: 4, Informative
      There's a fairly comprehensive list here.

      In summary:

      • Silencing Political Dissent
        Section 802 of the USA PATRIOT Act creates a federal crime of "domestic terrorism" that broadly extends to "acts dangerous to human life that are a violation of the criminal laws" if they "appear to be intended...to influence the policy of a government by intimidation or coercion," and if they "occur primarily within the territorial jurisdiction of the United States."

        Read: Politicial protestors who block traffic are terrorists.

      • Enhanced Surveillance Powers
        By and large, Congress granted the Administration its longstanding wish list of enhanced surveillance tools, coupled with the ability to use these tools with only minimal judicial and Congressional oversight. In its rush to pass an anti-terrorism bill, Congress failed to exact in exchange a showing that these highly intrusive new tools are actually needed to combat terrorism and that the Administration can be trusted not to abuse them.

        Read: Now we can spy on our citizens with minimal accountability.

      • Sneak and Peek Searches
        Section 213 of the Act authorizes federal agents to conduct "sneak and peek searches," or covert searches of a person's home or office that are conducted without notifying the person of the execution [within a "reasonable period", ie 90 days] of the search warrant until after the search has been completed.

        Read: Oh, by the way, we searched your apartment a few months ago while you and your family were at work/school. We were just checking to see if you were terrorists, but you werent! Just thought you would wanted to know. By the way those tapes of you and your wife were very kinky.

      • Access to Records in International Investigations
        Under Section 215, the Director of the FBI or a designee as low in rank as an Assistant Special Agent in Charge may apply for a court order requiring the production of "any tangible things (including books, records, papers, documents, and other items)" upon his written statement that these items are being sought for an investigation "to protect against international terrorism or clandestine intelligence activities."

        Read: Sorry we had to take all of your computer equipment; we just wanted to see if you were a terrorist. After scanning everything, we've decided that you're not. But don't worry... you'll get all of it back after all the red tape clears, in about 12-18 months.

      • Tracking Internet Usage
        Under Section 216 of the Act, courts are required to order the installation of a pen register and a trap and trace device31 to track both telephone and Internet "dialing, routing, addressing and signaling information"32 anywhere within the United States when a government attorney has certified that the information to be obtained is "relevant to an ongoing criminal investigation."

        Read: Oh, we found out that one of your neighbors is smoking pot, so we had to spy on everyone in the apartment complex for a few years to make sure nobody else was working in connection with this "terrorist".

      • Allowing Law Enforcement Agencies to Evade the Fourth Amendment's Probable Cause Requirement
        Perhaps the most radical provision of the USA PATRIOT Act is Section 218, which amends FISA's wiretap and physical search provisions. Under FISA, court orders permitting the executive to conduct surreptitious foreign intelligence wiretaps and physical searches may be obtained without the showing of probable cause required for wiretaps and physical searches in criminal investigations.

        Read: We don't need the 4th amendment anymore.

      • Sharing of Sensitive Criminal and Foreign Intelligence Information
        While some additional sharing of information between agencies is undoubtedly appropriate given the nature of the terrorist threats we face, the Act fails to protect us from the dangers posed to our political freedoms and our privacy when sensitive personal information is widely shared without court supervision.

        Read: Political dissidents (now called "benign domestic terrorists" by the media) have no rights to privacy.

      • Stripping Immigrants of Constitutional Protections
        The USA PATRIOT Act deprives immigrants of their due process and First Amendment rights through two mechanisms that operate in tandem. First, Section 411 vastly expands the class of immigrants who are subject to removal on terrorism grounds through its broad definitions of the terms "terrorist activity," "engage in terrorist activity," and "terrorist organization." Second, Section 412 vastly expands the authority of the Attorney General to place immigrants he suspects are engaged in terrorist activities in detention while their removal proceedings are pending.

        Read: If you've ever even send medical supplies or a care package to an innocent citizen in a middle eastern country while islamic extremists were in power, you and your family will be immediately jailed without explanation upon trying to immigrate to the USA.

      So basically, if you don't particularly want the rights given to you by the First and Fourth Amendments to the Constitution, then the Patriot Act is a Good Thing(TM)(R)(C)

  5. Don't use this with E-mail by DeadVulcan · · Score: 3, Interesting

    Some people are talking about traffic analysis, but it seems to me that the best way to use this would be to post images on the web (ideally, with no HTML files linking to them).

    In each message, you'd give a URL to the location of your next transmission. Maybe also a date and time period when it will be available.

    And, if you used public web access points like internet cafes to transmit and receive your images, your activity would probably be pretty darned hidden.

    Just a thought off the top of my head.

    --
    Accountability on the heads of the powerful.
    Power in the hands of the accountable.
  6. LSB Steganographic Techniques = Easy Detection by DigitalDaedalus · · Score: 3, Informative

    According to their press release they use "LSB steganographic techniques".
    In the stego world this is roughly equivalent to using ROT13. If you try and hide any sizeable amount it's a joke to detect. There are many better methods- F5, SSIS, etc...

  7. Weapon of Choice by mike_lynn · · Score: 3, Interesting

    In reading about the software mentioned, I was more impressed with Peek-a-Booty than Camera/Shy. The ability to make use of 'https' connections to not only get access to prohibited/filtered materials but encrypt them as well (with standards currently accepted as 'unsnoopable' by the business community) makes Peek-a-Booty the posterchild for the Right to Learn and Know. I hope it adds in Freedom of Speech by allowing POST/cgi interaction along those connections.

    But that doesn't mean I hate Camera/Shy. It's all about giving people more options to talk to each other. If someone's country has decided to filter what you know, restrict what you say and jail you for just thinking different, I'll give praise to any software, hardware, wetware, lotek or notek method for getting people talking to each other, even if it's just a ROT13 plugin for Eudora.