and bypassing firewalls is an excellent way to get into BIG trouble with
whomever is running the firewall. It is irrelevant how ignorant that
person might be about the traffic which passes through their firewall.
I'm sure if they were only slightly less ignorant they'd run a strict
HTTP gateway on port 80 of their firewall and then you'd be stuck
wrappging everything up to look like proper HTTP in order to bypass
their firewall. It is better that you learn to negotiate the access you
need than to have to resort to using covert channels which could get you
busted.
Steno is a great thing, so it wont get anyone busted.
Alex
Steganography looked great in that hollywood movie Along Came a Spider
with Morgan Freeman (or at least the 'screen friendly' version they
portrayed) but a recent study of millions of graphics across USENET
found zero steganographic images. Great theory, no examples found in the
wild, other than in Hollywood scripts and some folk trading porn of the
type not usually posted to the public Internet.
Anyone interested my try:
http://www.earthweb.com/article/0,,10456_624101,00.html
Just my 2�.
Best regards,
Steganography looked great in that hollywood movie Along Came a Spider
with Morgan Freeman (or at least the 'screen friendly' version they
portrayed) but a recent study of millions of graphics across USENET
found zero steganographic images. Great theory, no examples found in the
wild, other than in Hollywood scripts and some folk trading porn of the
type not usually posted to the public Internet.
Steno principals are alive and well. Covert channel transmissions are alive
and well. Both were used to bypass compartmentalization on a certain secure
OS. If anyone needs to encode data in valid HTML to tunnel it through a
firewall, it *will* be done. Several years ago, we had implementations of
telnet over email, I am sure modifying it to do telnet over HTML would be a
rather trivial task.
Alex
I was going to stay out of this one, but then this came
along. It is trivially easy to encrypt, transpose, or otherwise
bury the message inside an image, or what have you.
If I use a PRNG, prearrangement, or some other selection method
to decide which bytes, or which files, or some combination of both will
receive a chunk of the data to be hidden, and then encrypt it with
a decent enough algorithm, it will not be easy to determine there is
something there at all, particularly in a medium like USENET where lots
and lots of large binary postings are common.
Just because someone ran through a pile of images using jpegv4
with the jsteg patches, or some similar commercial application, does
not mean it wasn't there -- it just means it wasn't obviously there.
I myself have encrypted my PGP key's revocation certificates
and buried them in some images on a website as a fallback storage
method.
Is it widely used? Probably not. Is it safe to say it's not
being used on the basis of a quick check with an off the shelf
utility or two? No.
--msa
Well, I wouldn't say that.
There is an EXTENSIVE trade of some unknown data going to and from Asia
(primarily Japan and China) through various forms of steganography in jpg
png and gif images on free web hosting services. I can personally account
for over 5Gbps (every day) of this traffic just from people I know, which
I would hardly consider to be "everyone".
I've managed to reconstruct the data from pieces of scripts they have
accidentally left behind, and come up with encrypted .zip files. Left a
zip cracker running on a 1GHz machine for a couple months and came up with
no results.
I'm not gonna take any guesses as to the content, but I can tell you that
they are very diversified, very persistant (you filter one route or
transit path and they'll have moved to another within hours), and very
innovative in hiding the data so that you can't detect what they're doing
short of looking at every picture.