Slashdot Mirror

← Back to Stories (view on slashdot.org)

Steganography with Flickr

Posted by CmdrTaco on from the you'll-just-have-to-look-harder dept.

yiangocy writes "Steganography is not something new, there have been techniques and available programs for hiding data in pictures/audio files for a long time now. However, one step further is using popular online photo sharing sites, such as Flickr in hiding your data, successfully."

10 of 126 comments (clear)

  1. again? by thegoogler · · Score: 3, Informative
    you guys linked another wikipedia article on the front page without notifying them so that it could be locked

    owell, its probably goatse now, you guys should just put (NSFW) after all wikipedia links.

  2. Re:Gmail? by Gudlyf · · Score: 2, Informative

    Easier? Sure, but a Flickr Pro account has unlimited storage.

    --
    Trolls lurk everywhere. Mod them down.
  3. Re:Probably won't work by FS · · Score: 2, Informative

    You should probably try out Flickr then. They allow you to download the original size images.

    http://www.flickr.com/help/photos/#89

  4. Re:Gmail? by TheRaven64 · · Score: 2, Informative

    No. Sending to a gmail account is directed. If the receiver or sender is compromised then they can quite intercept the message. It may take them a while to decrypt it, but since they already know it's there then it's possible. Even if an attacker does not understand message, they gain information from the timing of it and the recipient. Posting to a flickr account means that it is impossible to track the recipient. Posting a random picture every day, eventually including a message, means that it is very difficult for an attacker to get any information.

    --
    I am TheRaven on Soylent News
  5. Re:I'm against this by Ckwop · · Score: 5, Informative

    Rather than worry about trying to detect stegnography, any image posting service could just arbitrarily set all of the least significant bits of jpgs to "1" as part of the image posting process. It might slightly degrade the image, but it would also erase any potential encoded messages.

    Not really, the best stego packages use error correcting codes to help mitigate this kind of attack. Some stego packages don't work by using the LSB but by swapping adjacent pixels. The cleaning of the LSB would have no real impact on this type of stego.

    Simon

  6. Re:I'm against this by Anonymous Coward · · Score: 1, Informative
    Instead of speculating, why not actually read the terms of service? It reads like it they picked up a lawyer from the $3.99 bin, which is not entirely surprising since terms of service are rarely enforceable anyway.

    The only real "term of service" worth reading is "We reserve the right to refuse service to anyone for any reason at any time." Everything else in that document is just preamble, really.

    My guess is it comes down to how much they care.

  7. Re:Shifting types & saving content to a remote by Penguin+Follower · · Score: 2, Informative

    Yes, but would you want to upload pictures (stego or not) that are going to be modified by Flickr? If you are using Flickr as a backup and they modify the files, it is not exactly a great backup idea. I like my files to stay the away I uploaded them, and I am sure you would, too.

  8. Re:I'm against this by chronicon · · Score: 2, Informative
    So basically they're showing you how to use a photo storage service to store private data. I think this is immoral and is probably against the terms of service.

    Why would this be immoral? There has been a lot of noise about possibly violating the TOS but has anyone actually bothered reading them? (There are two, one for pre-Yahoo! accounts and one for Flickr after aquisition by Yahoo!--which everyone will be required to abide in 2006.)

    Both TOS say pretty much the same thing. You are responsible for your images, and don't upload destructive code. Don't help terrorists. Don't break copyright law (or other laws)...

    As a 'digital artist' wouldn't you expect to be allowed to manipulate your work in whatever ways you saw fit before uploading--obvious, subtly, or non-obviously?

    I don't have any strong opinion on the matter. The only thing I might be interested in is GPG encrypting my password list and then embedding it in an image with steganography, in case I ever lost it. Mass data storage? No.

    Immoral? No, not in general. Not IMO. But, if you are using it to break the law or harm society, then yes.

    ...you, and not Yahoo!, are entirely responsible for all Content that you upload, post, email, transmit or otherwise make available via the Service. Yahoo! does not control the Content posted via the Service and, as such, does not guarantee the accuracy, integrity or quality of such Content.
  9. Re:Shifting types & saving content to a remote by timeOday · · Score: 3, Informative

    Not necessarily. The flipside of stegonography is "digital watermarking," which is the same thing, except used for copyright enforcement. There has been a lot of work done in creating watermarks which aren't too noticeable, but which are resistant to resampling etc.

  10. Re:Shifting types & saving content to a remote by Gudlyf · · Score: 2, Informative
    No, simply changing the extention does not work:

    New Text Document.txt.jpg was not uploaded: File was not a recognised type or was unable to be decoded (we only support JPEG, PNG, non-animated GIF, BMP and TIFF)

    --
    Trolls lurk everywhere. Mod them down.