Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hiding Secrets With Steganography On FreeBSD

Posted by Hemos on from the hiding-it-together dept.

BSD Forums writes "Bad guys in the movies all keep their wall safes hidden behind paintings. Is there a metaphor in there for your sensitive files? OnLamp's Dru Lavigne explores steganography, or hiding secret messages in images or sounds, with the outguess and steghide utilities on FreeBSD."

8 of 424 comments (clear)

  1. Not so good.. by tr0llx0r · · Score: 5, Informative
    Stegdetect is an automated tool for detecting steganographic content in images. It is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Currently, the detectable schemes are
    • jsteg,
    • jphide (unix and windows),
    • invisible secrets,
    • outguess 01.3b,
    • F5 (header analysis),
    • appendX and camouflage.
    Stegbreak is used to launch dictionary attacks against JSteg-Shell, JPHide and OutGuess 0.13b.
  2. Re:Is this limited to FreeBSD only? by mlk · · Score: 5, Informative

    Win, Linux

    --
    Wow, I should not post when knackered.
  3. Re:Is this limited to FreeBSD only? by SkyMunky · · Score: 4, Informative

    also check out http://camouflage.unfiction.com

  4. Re:I wonder . . . by The+Darkness · · Score: 5, Informative
    What happens if you edit the file in a graphic utility? Does it alter the hidden info? Destroy it? Do different actions (hue shift, paining-on-top) affect the outcomes?

    Of course.

    These utilities usually use bits that will not make a change apparent to a human observing the data with our normal senses (ie. the last bit in each color field) so obviously doing anything to change the bit pattern will destroy the message.

    --
    There are two kinds of people: 1) those that need closure
  5. Re:Is this limited to FreeBSD only? by criquet · · Score: 5, Informative

    I just compiled the source on Linux and it appears to work just fine.

  6. Here's a link to a whole steg. file system: by Courageous · · Score: 4, Informative

    Any discussion of steganography is incomplete without this:

    http://www.mcdonald.org.uk/StegFS/

  7. Better compression = more difficult to hide... by Kjella · · Score: 5, Informative

    ...ironically, the better algorithms we get for compressing stuff, the more difficult it is to hide something. It gets really obvious if you start sending around BMPs or WAVs.

    Steganography detection is doing rather well - it simply realizes when the compression is "wrong", that is, if it would have been compressed better if there wasn't hidden info in the image.

    By the way, for legal purposes it might be just as efficient to use something like Bestcrypt's hidden container - it's a very smart, yet "dumb" form of steganography. You create an encrypted container, which has a key. Then you create a hidden container inside the encrypted container, with a different key. There's no way to detect the presence of a hidden container - it looks like random data in a container full of random data.

    If required by law to provide a key, provide the key to the outer container. When asked about a hidden container, go "What hidden container?" Even if it is very likely that there is one, there's no proof of that. Even the wackiest RIP bill doesn't require you to provide decryption keys to things that doesn't provably exist.

    Kjella

    --
    Live today, because you never know what tomorrow brings
  8. Re:Good stuff, but... by lysander · · Score: 4, Informative

    a) you can always strip these headers.
    b) you don't have to output to ascii armor. (although I'm certain that the resulting files still have a recognizable, openpgp compliant structure.)

    --
    GET YOUR WEAPONS READY! --DR.LIGHT