Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Thu 12/09/2004 View Wed 12/08/2004 View Tue 12/07/2004 View Mon 12/06/2004 View Sun 12/05/2004 View Sat 12/04/2004 View Fri 12/03/2004
1
2004-12-09 Great White North
Mounties warn al-Qaeda hiding messages in digital files
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by Dan Darling 2004-12-09 3:32:40 AM|| || Front Page|| [2 views since 2007-05-07]  Top

#1 "The threat, however, is SO serious, that the RCMP feels it necessary to examine every pornographic digital image on the Internet for hidden messages."
Posted by Anonymoose 2004-12-09 9:38:39 AM||   2004-12-09 9:38:39 AM|| Front Page Top

#2 Steganography is a real technique, really being used by Bad Guys.
Posted by too true 2004-12-09 9:47:15 AM||   2004-12-09 9:47:15 AM|| Front Page Top

#3 Not clear to me why they would bother considering the quality of standard encryption methods that are readily available.
Posted by Tom 2004-12-09 9:51:18 AM||   2004-12-09 9:51:18 AM|| Front Page Top

#4 There are many ways to do this. A simple-minded method would use two files, one a 24 color BMP, the other a 2 color BMP of equal dimensions where the message is typed in using the text tool of Windows Paint (or drawn if it is a schematic). You can use Imagemagick tools to zero out the least significant bit in the red value of every pixel of the 24 color BMP. You then go pixel by pixel in the 2 color BMP, and where it is black, you set the least significant bit in the red value of the corresponding pixel in the 24 color BMP. The change in color intensity is so slight, one wouldn't normally notice.

To reproduce the message, start off with a blank 2 color BMP of the same size as the 24 color BMP, go pixel by pixel in the 24 color bmp, and if the red value of the pixel's color is odd, set the corresponding pixel in the 2 color BMP.

The use of the BMP (or TIFF) file is a giveaway, since the lossy compression in JPEG or PNG files would add noise, if not destroy, the embedded message. There may be ways around this, such as using all three colors instead of just red, and using a majority vote algorithm for each pixel.
Posted by Ptah  2004-12-09 10:00:20 AM|| [http://www.crusaderwarcollege.org]  2004-12-09 10:00:20 AM|| Front Page Top

#5 Tom, the idea is to not convey the impression that a message is being sent: If they send an encrypted message, then our guys may not know what the message is or be able to crack it, but traffic analysis will tell our gyys whether something big is coming up. a couple of the last orange alerts were partly due to detecting elevated levels of message traffic. Messages hidden in porn pics would be lost in the vast traffic in them in the internet.
Posted by Ptah  2004-12-09 10:04:59 AM|| [http://www.crusaderwarcollege.org]  2004-12-09 10:04:59 AM|| Front Page Top

#6 Simpler ways to get around traffic issues too. I can put an encrypted file on my web site and anyone who knows it's there can call it up from any library, Internet cafe, or other public Internet access point. It can be self-decrypting with a password and I can change the contents anytime I please. I could also slip the same file onto any website that I can gain access to, such as a corporate website where I work.
Posted by Tom 2004-12-09 2:34:21 PM||   2004-12-09 2:34:21 PM|| Front Page Top

#7 Or you have one Hotmail account that everyone has access to. Just leave messages in the draft folder and never send them, just post, read or delete.
Posted by Steve  2004-12-09 3:35:45 PM||   2004-12-09 3:35:45 PM|| Front Page Top

#8 *nods* not any different from the spy-novel drop location.
Posted by Ptah  2004-12-09 4:00:50 PM|| [http://www.crusaderwarcollege.org]  2004-12-09 4:00:50 PM|| Front Page Top

#9 Ptah, do you think we're more vulnerable or less vulnerable today to cyber-attacks of the sort Richard Clarke was always hollering about five years ago?
Posted by lex 2004-12-09 4:03:33 PM||   2004-12-09 4:03:33 PM|| Front Page Top

#10 lex, 'cyberattacks' are like Y2K, good for scaring the masses, but really don't stand up to serious scrutiny. You want to lie awake worrying about something, then worry about a coordinated attack with an infectious agent bringing down the healthcare system.
Posted by phil_b 2004-12-09 4:13:37 PM||   2004-12-09 4:13:37 PM|| Front Page Top

#11 Thanks, Phil-- that's more or less what I thought. Seems like Clarke really was a self-aggrandizing little shit.
Posted by lex 2004-12-09 4:15:29 PM||   2004-12-09 4:15:29 PM|| Front Page Top

#12 I thought some of those viruses and trojan horses were thought to be practices for a future attack. Didn't some of them come out of Red China?
Posted by trailing wife 2004-12-09 9:52:18 PM||   2004-12-09 9:52:18 PM|| Front Page Top

23:57 Bomb-a-rama
23:47 lex
23:44 Aris Katsaris
23:42 lex
23:42 AJackson
23:40 lex
23:40 Sobiesky
23:34 lex
23:33 Frank G
23:30 AJackson
23:29 gromky
23:27 Capt America
23:25 Aris Katsaris
23:24 gromky
23:23 AJackson
23:18 JosephMendiola
23:17 Ricky Williams
23:14 VAclerk
23:12 JosephMendiola
23:10 Frank G
22:56 phil_b
22:50 trailing wife
22:49 .com
22:48 .com









Paypal:
Google
Search WWW Search rantburg.com