Hiding Packets in VoIP Chat

holy_calamity writes "Two Polish researchers say they have developed a system to hide secret steganographic messages in the packets of a VOIP connection. It exploits the fact that VoIP uses UDP, not TCP; it is designed to tolerate some packets going missing -- so hijacking a few to transmit a hidden message is not a problem." You may also be interested in reading the original paper.

Pay for 388 words?

[CogDissident]

To continue reading this article, subscribe to New Scientist. Get 4 issues of New Scientist magazine and instant access to all online content for only USD $5.95

Thanks Slashdot, because I really want to go to Slashdot to get links to a story that I have to pay to read.

Well...

[Vectronic]

It's not a sectret anymore now is it?

Re:Well...

[Vectronic]

You are abolutely right, however, you forgot that I may have multiple accounts, and may be sending messages across more than just Slashdot.

You would have to know all my accounts, on all forums, plus know the method to decipher the data.

Muahaha.

Re:Well...

Said engineer compared their copy of a manual with another engineer's copy and discovered that each manual had a different set of spelling errors. Apparently Dell was generating documents with unique sets of typos in order to be able to track down the identify of the person who leaked a document.

That's crude. There are other schemes that encode the identity of a document in the microspacing between the letters.

Re:UDP Only...

[k_187]

If somebody's looking for something encrypted data is something. With this method, there isn't anything to find, unless I'm totally misunderstanding it.

Re:UDP Only...

[Vectronic]

Yeah thats what I got from it aswell.

If someone is using an encrypted connection/transfer, then its obvious they are doing something, and also trying to keep it hidden, whereas, if they were to carry out a normal transmition, but have the "secret" part of it hidden in this, someone looking, would see a normal interaction and possibly skip over the noise.

You could also have an encrypted message, that also requires data from the steganographic 'noise' and vice versa to become usable data, that way if one is "caught" its still useless data unless both are "caught"...

"VoIP" is not exclusively UDP

[Alarash]

VoIP doesn't "use UDP instead of TCP". VoIP (which is usually SIP+RTP, but there are other protocols out there used to carry voice over IP networks) can use UDP over TCP, and that configuration is the most common one. But not the only one possible as the article suggests.

Also, the article in the /. article kind of suggests that VoIP (which is a concept, not a protocol) can use only UDP, which is not true. It's like saying Internet is used only for HTTP.

Viruses will be the next safe transmitters

[suitepotato]

I think the future will see the use of trojan/virus techniques to send data. It's already been fairly well proven that stopping botnets is next to impossible given current technologies, attitudes and ideas on the part of administrators and engineers, and most importantly that AI bears not a candle compared to Natural Stupidity.

Forget just VoIP. In the future we'll hide communications networks under multiple layers of encryption inside trojan'd everything that is awfully hard to tell innocent user data from something else. We'll probably also host websites and files that way in a coalescence and then expansion of BT/P2P and anonymous remailer methods but not so much with identifiable clients but instead viral ware that people choose to allow on their machines so as to prevent privacy invasion by government and business.