Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hiding Secrets With Steganography On FreeBSD

Posted by Hemos on from the hiding-it-together dept.

BSD Forums writes "Bad guys in the movies all keep their wall safes hidden behind paintings. Is there a metaphor in there for your sensitive files? OnLamp's Dru Lavigne explores steganography, or hiding secret messages in images or sounds, with the outguess and steghide utilities on FreeBSD."

22 of 424 comments (clear)

  1. GOATSE LINK MOD PARENT DOWN by Anonymous Coward · · Score: 0, Informative

    fuck you.

  2. Re:Example: by herrvinny · · Score: 2, Informative

    Don't click on it! It's an animated GIF... and the second pic has serious problems...

  3. Re:Is this limited to FreeBSD only? by akaina · · Score: 3, Informative

    There used to be a program called Steganosis in the win95 days. I'm sure there's a modern equivalent, if not an updated version.

    --
    Remembering that you are going to die is the best way I know to avoid the trap of thinking you have something to lose.
  4. Not so good.. by tr0llx0r · · Score: 5, Informative
    Stegdetect is an automated tool for detecting steganographic content in images. It is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Currently, the detectable schemes are
    • jsteg,
    • jphide (unix and windows),
    • invisible secrets,
    • outguess 01.3b,
    • F5 (header analysis),
    • appendX and camouflage.
    Stegbreak is used to launch dictionary attacks against JSteg-Shell, JPHide and OutGuess 0.13b.
  5. Re:Steg is fairly useful, but it is crackable by Anonymous Coward · · Score: 0, Informative
    MIT proved that stenographic files can be detected nearly 100%

    then you have to crack them

  6. Re:Is this limited to FreeBSD only? by mlk · · Score: 5, Informative

    Win, Linux

    --
    Wow, I should not post when knackered.
  7. Re:Is this limited to FreeBSD only? by SkyMunky · · Score: 4, Informative

    also check out http://camouflage.unfiction.com

  8. Re:I wonder . . . by The+Darkness · · Score: 5, Informative
    What happens if you edit the file in a graphic utility? Does it alter the hidden info? Destroy it? Do different actions (hue shift, paining-on-top) affect the outcomes?

    Of course.

    These utilities usually use bits that will not make a change apparent to a human observing the data with our normal senses (ie. the last bit in each color field) so obviously doing anything to change the bit pattern will destroy the message.

    --
    There are two kinds of people: 1) those that need closure
  9. Re:Is this limited to FreeBSD only? by criquet · · Score: 5, Informative

    I just compiled the source on Linux and it appears to work just fine.

  10. Re:Is this limited to FreeBSD only? by Enigma+Deadsouls · · Score: 2, Informative

    JPHS for Linux and Windows.

  11. MOre stuff on Peter Wayner's website by Anonymous Coward · · Score: 1, Informative

    YOu might want to check out Peter Wayner's website for his book, Disappearing Cryptography . There are several applets that let you hide information in a list of disco songs or even in the order of letters in a word.

  12. pfah. by pb · · Score: 2, Informative

    Hiding secrets with steganography on Windows, Red Hat, SuSE, and... oh yeah, FreeBSD...

    --
    pb Reply or e-mail; don't vaguely moderate.
  13. Here's a link to a whole steg. file system: by Courageous · · Score: 4, Informative

    Any discussion of steganography is incomplete without this:

    http://www.mcdonald.org.uk/StegFS/

  14. Better compression = more difficult to hide... by Kjella · · Score: 5, Informative

    ...ironically, the better algorithms we get for compressing stuff, the more difficult it is to hide something. It gets really obvious if you start sending around BMPs or WAVs.

    Steganography detection is doing rather well - it simply realizes when the compression is "wrong", that is, if it would have been compressed better if there wasn't hidden info in the image.

    By the way, for legal purposes it might be just as efficient to use something like Bestcrypt's hidden container - it's a very smart, yet "dumb" form of steganography. You create an encrypted container, which has a key. Then you create a hidden container inside the encrypted container, with a different key. There's no way to detect the presence of a hidden container - it looks like random data in a container full of random data.

    If required by law to provide a key, provide the key to the outer container. When asked about a hidden container, go "What hidden container?" Even if it is very likely that there is one, there's no proof of that. Even the wackiest RIP bill doesn't require you to provide decryption keys to things that doesn't provably exist.

    Kjella

    --
    Live today, because you never know what tomorrow brings
  15. Re:Good stuff, but... by lysander · · Score: 4, Informative

    a) you can always strip these headers.
    b) you don't have to output to ascii armor. (although I'm certain that the resulting files still have a recognizable, openpgp compliant structure.)

    --
    GET YOUR WEAPONS READY! --DR.LIGHT
  16. Re:Is this limited to FreeBSD only? by orthogonal · · Score: 2, Informative

    John Walker's eclectic site, fourmilab.org (fourmilab.ch) has a JavaScript (ECMAScript) stenography app.

    He also offers a public domain stenography app in portable C.

    Those looking for really random numbers, of course, will know about his HotBits.

    --
    Opinions on the Twiddler2 hand-held keyboard?
  17. Re:How? by Anonymous Coward · · Score: 2, Informative

    You're taking (what looks like) random noise and hiding it in the least significant bits. The least significant bits are not normally random noise.
    You ask:

    "What distinguishes the [pseudo]randomly-distributed [psuedo]random-bits of the encrypted message from the background noise of the image?"

    The thing that distinguishes them is the fact that the background noise in a file rarely resembles random noise. This depends greatly on the file format, but is arguably true in all cases. In your example, a simple entropy check should be sufficient to determine that all is not as it should be. Even with a small message, even the most basic steg detection tool will find this when comparing against statistics gathered when analyzing similar files. The trick with effective steg isn't with emulating randomness, it's making the message look as close as possible to the data that SHOULD be in the file. That's much much harder than simply emulating randomness. For a much better (more detailed) discussion of this topic, check the home page for Outguess and the links from that site.

  18. Done properly... by wirelessbuzzers · · Score: 3, Informative

    ... the real advantage is that if done properly, nobody can even prove you sent a message.

    While this is true, in fact it is the definition of good steganography, I'm not aware of any steg that actually achieves this. For a while, there were no public methods that break Outguess, but that was broken over a year ago, and I don't think there are any stego schemes still standing. The problem is that the last bit of your WAV file or GIF isn't very random in a real picture, not nearly as random as you might guess. This makes it quite difficult to make a scheme which hides there effectively.

    --
    I hereby place the above post in the public domain.
  19. Re:Good stuff, but... by plover · · Score: 2, Informative

    You are correct in understanding that steganography is different than cryptography. It is possibly the purest example of "security through obscurity" that exists. To address your concerns, read to the bottom of the article where you can see where he experiments with a program called steghide which performs both encryption (using your choice of modern, high strength algorithms) PLUS steganographic hiding.

    --
    John
  20. Re:Is this limited to FreeBSD only? by andyrut · · Score: 3, Informative
    A securely encrypted message, hidden in a file with ostensibly another purpose, such that there is no way to prove the existence of the hidden message...

    You make an excellent point. However, if the Department of Homeland Security suspected that you were hiding data within your own obscure files, they could search the files themselves for "extra" data. They can prove such a message exists, even if they can't discover what the message is.

    Heck, within the steghide program itself you can see if a file contains embedded data (from the article):
    The steghide info command is quite useful. It will tell me if a file contains hidden data (however, only from steghide-created files, as far as I know)


    So if they suspect that your cute puppies are really plans for world domination, they could find out.
  21. Re:Yes, except by fyonn · · Score: 2, Informative

    that latter case is great britain, for those who are unaware

    *sigh*

    dave

  22. Re:Commercial for BSD! by t0ny · · Score: 2, Informative
    Nah, its got its little niche 'market'. These open source things are like gods- they only die when they run out of worshippers.

    Now if we were going just by technical merits (or even moral merits) something like Apple should have died its righteous death a long time ago. But, I guess people need to worship on the altar of 'alternative', even if they are getting robbed blind for it. IMO, Apple is the worst monopolist ever (well, aside from someone truly attrocious like DeBeers).

    --

    Manipulate the moderator system! Mod someone as "overrated" today.