Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hiding Secrets With Steganography On FreeBSD

Posted by Hemos on from the hiding-it-together dept.

BSD Forums writes "Bad guys in the movies all keep their wall safes hidden behind paintings. Is there a metaphor in there for your sensitive files? OnLamp's Dru Lavigne explores steganography, or hiding secret messages in images or sounds, with the outguess and steghide utilities on FreeBSD."

12 of 424 comments (clear)

  1. Steg is fairly useful, but it is crackable by j0keralpha · · Score: 4, Insightful

    I use steg sometimes to pass messages i dont want out in plaintext or overtly encrypted, but it has to be passed in such a way that it isnt apparent that a message is there (i.e. email to brother 'See these pics of grandma!'). It is not a foolproof method, but its very useful when you realize you cant trust the encryption itself to hide the message.

  2. Steganographers Need To Hide Their Tools Too by Anonymous Coward · · Score: 3, Insightful

    I have yet to see a good treatment of the necessity of hiding the fact that one may have knowledge of or tools capable of implementing steganography. While hiding data is a nifty thing, it's not of much practical use unless you can also hide the code - the tools that you use to embed and deembed your steganographically hidden files.

    Adding hooks to libraries and hiding executable code in data areas and coming up with slick ways of calling into that code when you actually do some stega processing is an area ripe for exploration. It may be more challenging than data hiding as well, especially when you consider the huge libraries of md5sums for all known executables and libraries that are maintained and distributed by computer forensics people.

  3. And how is that different than... by Anonymous Coward · · Score: 3, Insightful

    Posts/books/whatever that say "My webserver is Linux" (No it is not. It is Apache) "How to use LInux to serve Windows files" (No, you are using SAMBA and LDAP.) "Robot runs on Linux" (No, its some custom code that runs ON the GNU/Linux environment)

    Where have YOU posted objecting to abuses like the above?

    Well?

  4. Re:The great thing about being disorganized... by Lumpy · · Score: 4, Insightful

    you got modeed funny but this is a very useable and strong way of hiding. Not only files but attacks and most anything else.

    If I upload 500 photos a month to the net Each of them contain something in the photo (results of /dev/random in random lengths) and then I fire off one photo in a group of others that has real information, the chances of it being found or even noticed is lower than having a encrypted file cracked.

    I've seen this used many times and is used in nature by birds and fish...

    a school of 500 fish makes it impossible for a predator to single out one specific fish.

    --
    Do not look at laser with remaining good eye.
  5. Re:No... by johndiii · · Score: 5, Insightful

    The analogy isn't security through obscurity, it's finding a better place than behind the painting to hide the safe. Or, perhaps more accurately, securing one's valuables in something that is not recognizable as a safe. If the burglar had to look at a thousand books to determine if even one of them had a secret compartment, it would be a much more effective security measure than a safe behind a painting.

    If you are using stegged files (they do not have to be images) to communicate with others, then you are hiding the channel. This is a potentially very useful mechanism against automated monitoring tools, particularly if the data is first encrypted. Isolated information in high-volume channels can be very hard to detect. Another use would be to help defeat traffic analysis.

    This is not to say that steganography is a magic means of information hiding. But it is one of the useful tools.

    --
    Floating face-down in a river of regret...and thoughts of you...
  6. Yes, except by Moderation+abuser · · Score: 4, Insightful

    In some countries you can go to prison for using cryptography, in other more enlightened countries you can go to prison for not handing over the keys when asked by the guys in jack boots or for talking about the fact that you've been raided.

    --
    Government of the people, by corporate executives, for corporate profits.
  7. Re:Good stuff, but... by jmv · · Score: 4, Insightful

    Not exactly. As someone suggested, it's possible to encrypt first, but the real advantage is that if done properly, nobody can even prove you sent a message. Even if the interceptor knows the steganography method, unless they have the key, they can't prove the last bits of your wav file is a secret message and not just normal noise from your microphone.

    --
    Opus: the Swiss army knife of audio codec
  8. Re:No... by Ayaress · · Score: 5, Insightful

    Keep in mind that the article said that hiding messages in images is NOT a great way to hide important stuff by itself, but that it could be used as a second layer of security. Lets have four people, shall we? They all run servers, and they all have an important file on there they don't want other people to find. Johnny keeps his file unencrypted and unhidden. Billy keeps his encrypted, but unhidden. Mike hides his in an mp3, but unencrypted. Joe hides his in a jpeg after encrypting it. Johnny's most likely to have his stolen, obviously. But Billy's file is more likely to be found than either Mike or Joe's, even though Mike's has no encryption on the file itself. Even though the person who took Billy's file doesn't have the information in it, finding it it one step closer to stealing it. Now, Mike and Joe are both considerably less likely to have this file found, unless the data theif expects them to hide it in a media file like this. On the off chance that the hacker DOES find the file, though, Mike's is as good as stolen, just like Johnny's. However, Joe is the most secure of the bunch. Not only is his file encrypted, but it's also hidden, meaning it's unlikely that the hacker will even get the encrypted version. They can't crack what they can't find. Even after what Johnny did, he can go furthur. Encrypt his password, hide the text in an image, rename the image to a .dll or .o and hide it in a system directory. Sure, it's not 100% secure, but it's better than leaving even the most secure file laying around.

  9. Re:Is this limited to FreeBSD only? by Rebar · · Score: 5, Insightful

    One facet of data security is deniability. Which would you rather the Department of Homeland Security find on your hard drive:
    /documents/plan_for_world_domination.pgp
    or
    /wallpaper/cute_puppies.png?

    A securely encrypted message, hidden in a file with ostensibly another purpose, such that there is no way to prove the existence of the hidden message would keep anyone from telling you: "Reveal the secret key to this obviously encrypted file, or face contempt of court and an automatic prison sentence."

  10. Main reason to use steganography: by jeduthun · · Score: 3, Insightful

    You're missing the point.

    The main reason to use steganography is that it hides the fact that you are hiding something. If you use straight encryption, it is obvious that you have something sensitive that you want to encrypt (most people don't go to the trouble of encrypting things otherwise). Steganography helps you fly under the radar and send encrypted data without people knowing that you are sending encrypted data in the first place.

    If someone is already suspicious of you, then of course they can analyze your communications and perhaps notice any steganographic attempts. But if not, you may be able to escape notice longer by exchanging seemingly innocuous data than by exchanging industrial-strengh encrypted data.

  11. Re:Commercial for BSD! by sremick · · Score: 3, Insightful

    Ok, so you're a law-abiding citizen. And you have no need. So obviously, no one else who is law-abiding has a need, and the only the Bad Guys do? C'mon.

    You say you "fail to see legitimate uses". Very well. Would you have a legitimate use for a safe? I will assume "yes"... we all have valuables. So let me ask you this: does it make more sense to put the safe in the middle of a wide open room, standing out, maybe even with a sign that says "The safe is here!" Or maybe instead, hide it somewhere. At least in the closet. Or behind a fake wall panel. Buried in the basement? Recessed in the wall behind a dresser?

    Steganography is the equivalent of hiding the safe somewhere where it wouldn't be located or expected. If I have passwords on my computer... even if I encrypt them, does it makes sense to store them in /home/scott/topsecret/passwords.tgz or instead in /home/scott/junk/pics/mycat.jpg ? If someone somehow accessed my account, they'd know exactly what file to grab and could then make a concentrated effort to crack into it. While if I disguise the file as something it isn't, they'll pass over it. Why isn't this a legitimate use?

    Steganography is neither in itself good or bad. It's a tool which can be used for good or bad. Like a steak knife. Don't condemn it just because all you can think of are the bad uses.

  12. What I'd like to see by phr1 · · Score: 3, Insightful

    is for the standard version of mkfs to fill empty disk blocks with random data (from /dev/urandom) BY DEFAULT instead of zeroing them. That way you can run a stego file system in the unused blocks and it will be indistinguishable from ordinary randomized free blocks. If every BSD (and ideally every GNU/Linux) distro shipped with that feature turned on, there would be no way to tell a stego user from a non-user.