Steganography with Flickr

yiangocy writes "Steganography is not something new, there have been techniques and available programs for hiding data in pictures/audio files for a long time now. However, one step further is using popular online photo sharing sites, such as Flickr in hiding your data, successfully."

not very groundbreaking

[towaz]

Not exactly a new idea, goverments have been paranoid of "Terrorists" using stego on places like ebay for triggers.

More interesting projects, though off topic slightly; a method of obscuring your network communications and resolving key issues with stego (though I think the project stopped)
  http://www.m-o-o-t.org/

They is also much more interesting uses for stego. in files, hdd slack space and this nice little project 4c.

http://dione.ids.pl/~shykta/

4c (or fourcrypt) is a multiple-file steganography program inspired by Michal Zalewski's twocrypt (2c) program, designed to be "subpoena-proof". It supports mixing between one and eight files with independent keys. The files are architecture-independant (tested on x86 and UltraSparc).

Re:not very groundbreaking

[Pig+Hogger]

Not exactly a new idea, goverments have been paranoid of "Terrorists" using stego on places like ebay for triggers.

It was even before e-bay... During WW-II, there were whole squadrons of knitters who tried knitting patterns submitted to newspaper knitting columns to check if the to-be-printed coded patterns were legitimate and were not coded messages...

How many messages to dormant agents were sent though classified ads like "purple sofa, $145"???

Re:not very groundbreaking

[towaz]

Actually even before that :)

using wax tablets in greece.

http://www.jjtc.com/stegdoc/sec202.html

"In ancient Greece, text was written on wax covered tablets. In one story Demeratus wanted to notify Sparta that Xerxes intended to invade Greece. To avoid capture, he scraped the wax off of the tablets and wrote a message on the underlying wood. He then covered the tablets with wax again. The tablets appeared to be blank and unused so they passed inspection by sentries without question."

Shifting types & saving content to a remote se

[turnstyle]

Seems the blog post is partly about saving one file type within other, which reminds me of Baudio, a goofy script I made that converts any file to a .WAV

Also, if part of the point is simply to save non-image file types into a seemingly unlimited Flickr storage space, what happens if you simply change the file extension to something like filename.pdf.jpg and upload that? Does Flickr actually validate file contents?

Steganography in recent fiction

[sidles]

Steganography is central to Carter Scholz's recent novel Radiance. In brief, complete engineering descriptions of all US nuclear weapons tests are smuggled out of the US national labs, steganographically conceiled in pornographic *.gif files.

Warning: this novel is a demanding read. It is a higher-brow---and markedly dystopian---treatment of the same themes as Neil Stephensen's Cryptonomicon. In writing it, Mr. Scholz seems to have received considerable help from insiders at the national laboratories.

With luck, the following link to Google Print will show you a sample page that is reasonably representative of the entire book.

http://print.google.com/print?id=kVP7pIA9TYUC&pg=P A382&lpg=PA382&dq=steganography&prev=http://www.go ogle.com/search%3Fclient%3Dsafari%26rls%3Den-us%26 q%3DRadiance%26ie%3DUTF-8%26oe%3DUTF-8&sig=-uyML9j p9G4JsUZOCa59fPI6YpM

Stegdetect

[BCTECH]

I ran the image through stegdetect and it came up with a "false possitive". This utility detects images encoded with jsteg, jphide, invisible secrets, outguess, F5(header analysis), AppendX, and Camouflage. Although, steghide is not listed, I have found that false possitives are shown with images that I know to have an embeded file.

I played around with steganography at one time and setup a script to create embed images via the web using Outguess