Peekabooty, Camera/Shy Released

An anonymous (how appropriate) writer sends "Peek-a-Booty, a program designed to circumvent mechanisms (such as China's Great Firewall) limiting access to websites, has been open-sourced. It's listed as a "Beta" on SourceForge, but the Peek-a-booty website seems to encourage people to start using it." And Doug writes "PC World reports about a new tool to encrypt text with a click of the mouse and bury the text in an image. After posting an embedded image on a Web site, someone can notify intended recipients by e-mail with code words such as 'Go to this URL to see pictures from my birthday party.'"

Birthday pics?

[ocbwilg]

After posting an embedded image on a Web site, someone can notify intended recipients by e-mail with code words such as 'Go to this URL to see pictures from my birthday party.'"

This product must have already been released since I've been getting emails like that for months now. "I just turned 18! Click here for hot pictures from my 18th birthday party! You won't believe how wild my barely 18 year old friends and I got that night!"

Am I missing something?

[FreeLinux]

From the description at the Peek-a-Booty site it seems to me that it is nothing more than open proxies running SSL. While I understand their stated goals, the whole project seems redundant.

First, the project assumes that the governments are using a NOT list. This is a big assumtion. I would think that control freaks like the Chinese government would more likely use an ALLOW list. A small list of governmet sanctioned sites. This would, of course, negate Peek-A-Booty.

If the government is in fact, using a NOT list, there are already countless open proxies continually popping up all over the place. This makes me think that the whole project is redundant.

Re:Am I missing something?

[helarno]

Last time I checked, they used a NOT list and it was a very small list. For mainstream use, you could pretty much access anything you wanted with the exception of a couple of news sites like CNN and sometimes, NYT. The blocking was erratic though ... some months the sites were reachable, other days, they were perfectly fine. Of course, I'm sure a few dissident sites are blocked, but since I don't view those on a daily basis, I wouldn't know.

But it's really a non-issue. Even 4 years ago, all the internet cafes I visited by default went through a proxy that pretty much allowed you to view whatever you wanted. Knowledge of how to circumvent the blocks were very common among the younger audience. I'm sure it's even more prevalent today. For China, at least, this project isn't really relevant.

Snake Oil

[cperciva]

This "steganography tool" is no more than snake oil.

Rather than using a more advanced method of steganography, this tool packs data into the least significant bits of the image. Simple, easy, and incredibly obvious. This is to steganography what ROT13 is to encryption -- if you use it for anything important, people will laugh at you.

In fact, this is the worst kind of snake oil, because it is not only ineffective, but also dangerous. The administrators of the Great Firewall Of China (for example) could very easily detect files encoded with this software; using it would then be akin to waving a red flag and shouting "hey, I'm doing something I don't want you to know about". Bad steganography is worse than no steganography, because it highlights the fact that you're trying to hide something.