NSA, Pentagon, police fund research into steganography detection

Sunder sunder at sunder.net
Tue Feb 20 09:32:32 PST 2001 

Declan McCullagh wrote:
> 
>    The surprising news, according to Johnson and other researchers:
>    Current stego programs don't work well at all. Nearly all leave behind
>    fingerprints that tip off a careful observer that something unusual is
>    going on.

So now the question becomes which stego programs don't leave fingerprints.

Should they wish to block stego they might have in mind setting up gateways
that twiddle with the low level bits to prevent the message getting through,
but that opens up lots of cans of worms for them.

This is exceedingly difficult because your router now has to try and detect,
recognize, and edit images, sounds, movies and other media on the fly.  Of
course it will set off signatures if they're used.  A user might create a
bullshit hotmail account and send a picture to himself then compare the
two, etc... so it would have to be done at the legal level, which for us
USA folks would bring in freedom of speech issues.  For China or Singapore
where there's the big firewall, it's not an issue.

That leaves only detection open.  Which doesn't provide the actual info
stored in the stegoed message.  Just flags it as "hey this guy is hiding
something."  Might be enough in some countries to cause the death of the
sender and/or receiver.  Here, I suppose it's a reason to have them
watched closer.

>From their point of view, I suspect they'd be worried about stegoed
messages leaving from .mil addresses as this would likely indicate the
sender is a traitor.  i.e. like the Fed that got caught recently spying
for the Russians.

-- 
----------------------Kaos-Keraunos-Kybernetos---------------------------
 + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\
  \|/  :aren't security.  A |share them, you don't hang them on your/\|/\
<--*-->:camera won't stop a |monitor, or under your keyboard, you   \/|\/
  /|\  :masked killer, but  |don't email them, or put them on a web  \|/
 + v + :will violate privacy|site, and you must change them very often.
--------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------

More information about the cypherpunks-legacy mailing list